A crypto platform sent me its user terms for a quick review before a financing, and the custody section read the way most of them do — a confident paragraph asserting that customer assets were held in custody, segregated, safe, and beyond the reach of the platform’s creditors. I asked the general counsel where the custody agreement was. There wasn’t one. The terms of service were the only document that established the relationship between the platform and the customer’s coins. And the terms did not actually create a custodial relationship; they described one, in the tone of a document referring to an agreement that existed somewhere else. It didn’t exist anywhere else. The terms were all there was, and the terms did not do the job.
This is the single most consequential drafting fact about consumer crypto custody, and it is the one founders most often miss. When there is no separate custody agreement, the user terms are not describing the custodial arrangement — they are the custodial arrangement. They have to create it, not narrate it. Everything else in the custody section, from segregation to bankruptcy-remoteness to the platform’s self-help remedies, depends on that foundation being laid correctly, and most of the time it isn’t.
The terms have to create the relationship, not describe it
The fix begins with an affirmative act. The terms must expressly appoint the platform as custodian of the customer’s assets — an actual appointment, in operative language, not a recital that the platform “provides custody.” A clause that says, in substance, “you appoint us as custodian of your digital assets, and these Terms constitute the custody agreement between us,” does real legal work that a descriptive sentence does not. It also may be required by the partner bank’s own paperwork: sponsor-bank side letters frequently assume the platform maintains contracts evidencing that customers are the legal owners of the custodied assets, and if the only contract is the terms of service, the terms have to carry that evidentiary weight.
From the appointment, the ownership statements follow. The terms should state that title and ownership of the custodied assets remain with the customer, that the assets are not the platform’s property, and that they are not reachable by the platform’s creditors. But — and this is a discipline founders resist — those statements should be framed as the parties’ intent and the structure they have built, not as an ironclad guarantee of outcome. Whether the structure holds against a future creditor or a bankruptcy trustee is a question a court decides on the facts, and a guarantee the platform cannot actually back is worse than an honest statement of intent. The custody posture a crypto platform takes in its terms is the spine of its legal story; it should be drafted as carefully as a security agreement, because functionally that is what it is.
Segregation: pool customers, never mix in your own assets
Segregation language is where precision earns its keep, because there are two very different things going on and founders routinely conflate them. The line you must never cross is commingling customer assets with the platform’s own operating or proprietary assets. Customer cash is not mixed with the platform’s operating funds; customer crypto is not mixed with the platform’s own holdings. That separation is the heart of the custodial claim, and breaching it is what converts “we hold your assets” into “we owe you a debt.”
What is perfectly normal, by contrast, is pooling customers together. Omnibus accounts and shared wallets that hold many customers’ assets in a single pool are standard custody practice and do not undermine segregation in the relevant sense. The terms should say this plainly, because a customer who reads “segregated” and imagines a personal, individually addressed wallet will feel misled when they learn about the omnibus structure. The accurate statement is that customer assets are held separately from the platform’s own assets, and that customers may be pooled with one another — two clauses, clearly distinguished, so the customer understands which kind of separation they are getting.
Fix the fungibility tension before it reads like a debt
Here is a subtle trap that appears in a large share of crypto terms. To explain the omnibus structure, drafters write something like “assets are fungible; you are entitled to a quantity of a given asset, not to any specific units.” The intent is operational honesty. The effect, legally, is that the sentence reads like a debtor-creditor claim — you are owed a quantity — which is the opposite of the ownership story the rest of the section is trying to tell. A customer who is merely “entitled to a quantity” sounds like an unsecured creditor, not an owner.
The better framing recasts the relationship as an undivided pro rata ownership interest in the pooled assets. The customer owns a proportionate share of the pool, alongside the other customers, rather than holding a claim for a number. That framing is consistent with the way UCC Article 8 treats a securities-entitlement holder’s pro rata property interest in a fungible bulk under § 8-503, a useful analogue for fungible digital assets, and it lines up with the FDIC’s treatment of commingled custodial cash as fractional shares of a pool. The drafting watchword is to pick a theory and harmonize the paragraphs: the section cannot say “title remains with you” in one clause and “you have a claim for a quantity” in the next. Direct title and a pro rata interest are different theories, and a custody section that mixes them invites a court to choose the one least favorable to the customer — and to the platform’s bankruptcy-remoteness story.
Bankruptcy-remoteness is aspirational — hedge it
Founders want the custody section to promise that if the platform fails, customer assets are untouchable. The honest truth is that bankruptcy-remoteness is aspirational, not guaranteed. Whether customers retain ownership of their assets or hold only a contractual claim against the estate is precisely the question that has been litigated in recent crypto bankruptcies, and the outcomes turned on the specific terms of the user agreements — the difference between an account where the customer kept title and a product where the customer had transferred assets in exchange for a yield and a promise. The terms can build toward ownership, and good terms do, but they should not promise an outcome that a bankruptcy court, not the contract, ultimately controls. Hedge the bankruptcy language the way you hedge any prediction about how a court will rule.
Security interests, set-off, and the remedies you can actually use
Platforms usually want some ability to reach customer assets when the customer owes them money — unpaid fees, a negative balance, a chargeback. You can draft for that, but you have to be precise about what it is. A platform may take a security interest in a customer’s assets to secure that customer’s own obligations. Critically, a security interest is a lien, not ownership; it presupposes that the customer owns the assets in the first place, and it does not convert the assets into the platform’s property or expose them to the platform’s creditors — so long as it secures only the customer’s own obligations and no other customer’s. In a custody setting the security interest is typically perfected by control over the security entitlement, the mechanism the UCC supplies at §§ 8-106 and 9-106. The cleaner alternative, for a platform that wants the purest “we hold no interest in your assets” story, is to rely on a contractual set-off or debit right instead of taking a formal security interest at all.
The remedies language is where I see the most dangerous drafting, and it is usually a tone problem with legal consequences. Terms that let the platform “confiscate” assets “without any prior notice” are both unenforceable and a magnet for a UDAAP claim. If the platform took a security interest, its self-help has to live inside that security interest, which means it runs through UCC Article 9 — and Article 9 generally requires reasonable notice before disposition under § 9-611 and a commercially reasonable disposition under § 9-610. Absolute, no-notice seizure is not a remedy the law will honor. The drafting move is to ground every self-help right in the security interest or set-off the platform actually has, cross-reference the fees section, and make the whole thing expressly subject to applicable law, so the remedy bends to Article 9’s requirements rather than pretending to override them.
Closing accounts without losing the custodial story
One last clause that quietly contradicts the custody posture: termination. Many terms say that on account closure, the customer’s assets “may be permanently lost or forfeited.” That sentence is incompatible with everything the custody section just established — you cannot hold assets as a custodian, insist they are the customer’s property, and then forfeit them on closure. It also collides with unclaimed-property law. Leftover customer assets generally escheat to the state under a dormancy framework; they are not the platform’s to keep. The correct approach gives the customer a reasonable opportunity to withdraw their own property before any account deletion, and treats anything left behind as subject to escheat, not forfeiture. The governance discipline of treating customer property as customer property has to survive all the way through the termination clause, or the rest of the custody section is just decoration.
If you are drafting or revising the custody terms for a crypto or fintech platform and want them stress-tested before they go live, feel free to reach out to my firm manager, Magda, at Magda@montague.law, or fill out our contact form. Mention you read this post.
— John
