Risk analysis of custodial and non-custodial lending platforms

We look in this article on the risk management of the custodial crypto lending platforms and non-custodial crypto lending platforms. The aim is not to say what is right or wrong, but to create transparency about both business models from the risk point of view.

Risk analysis

Custodial crypto lending platforms

We look here at Nexo.io and Celsius.network. Both systems represent custodial lending systems. Clients transfer their assets into platform wallets and platforms control their assets. Platforms then lend out the assets via marketplace or institutional channels. Platforms receive interest, they keep smaller part of the interest and the clients receive the bigger part of the interest.

Nexo.io and Celsius.network have bought insurance policies to cover the client asset losses on their platforms. They pay a yearly fee and they have then both coverages capped at a certain amount.

Where are the limitations?

We have two key sub-types of lending:

1. Lending via marketplace – platform’s offer to their borrowers their lender’s funds. The platform sets the collateral requirements, controls the margin and de-facto manages/controls the full process. This results in a lower risk than the second sub-type.

2. lending to the institutional channels – platforms pool their client assets and slice them and lend them to their institutional partners. Platforms make the OTC deals with margin lending programs of crypto exchanges or hedge funds. Contract specific parameters like collateralization ratios and durations will be fixed and the crypto-assets will be transferred to the contract-party. While the contract for the marketplace lending is public, then these contracts are private.

From this moment we have to trust the contract-party and the contract-party lending/margin management processes. We have to trust as well, that the contract-party will not be hacked or the assets are not frozen because of regulatory issues (think Bitfinex and 850 million USD) and many other risks. This lending sub-type has a higher risk level than the first sub-type.

The key difference between these sub-channels is following – in case of the first subtype, the platform can manage the end-to-end process. In the case of the second subtype, the assets are under the legal control of someone else… 

Of course, there are contracts in place, but let’s keep in mind two cases from not so distant traditional finance history:

  • Lehman Brothers bank is still not liquidated but it is still in the liquidation process. It just takes time to unwind all these OTC contracts.
  • MF Global bankruptcy, where client assets were placed as collateral against the MF Global proprietary trading desk trades. When these trades failed (yes, black swans come more often than one thinks), then the client assets of 600 million USD moved over to the counterparty (JP Morgan), MF Global went bankrupt and clients lost all their assets from one day to the next.

In traditional finance, we have a sector called “prime brokerage”, which are providing services, especially to the hedge funds. Investment banks pool their client assets, which are lent to hedge funds, which pay interest for them. Hedge funds borrow these assets for short selling (you borrow an asset, sell it and hope to buy it back at a lower price). 

If the trade works, then you make a nice profit. If the trade is not working, then the margin calls are issued to the hedge funds. If the trade goes wrong, then hedge fund is not losing only the collateral but has to put in additional money, to cover the losses. If they, don’t have this money, then they are bankrupt. The pooled and sliced client assets will be part of bankruptcy proceedings. 

That’s why the “prime brokerage” business has high-interest margins. It’s because of the high risk. And that’s the same business what the crypto lending platforms are doing with their institutional clients.

Do we have some regulatory licensing here?

Yes, we have. The vision of the regulations is to create the fair marketplace to the service providers, the reality of the regulations is that they create the entry barriers for the non-members of the club. It’s just because of the revolving-door-phenomena – the regulators hire their people from the private companies in the sector, which will by nature protect their sector. And the private companies hire as well people from regulators, let’s call it – for preferred information and access.

The current regulations state (de-facto in all countries) – if you control client assets, what the custodial platforms do (they can block client assets), then you will need a financial intermediary license. You not only need to apply for this, but you also have to maintain it year by year. 

Custodial platforms provide the services in “cross-border mode” to other jurisdictions as well. But that’s where it gets interesting – providing “cross-border service” to other jurisdiction is OK, but doing marketing for a platform is not OK, except when the platform has registered in the respective jurisdiction. In case of U.S., it’s even more complicated – it’s enough to have one cross-border service client from the U.S. and the platform will need U.S. licensing (think here on the NY AG versus Bitfinex case because of presumably 1 NY client on Bitfinex platform). 

Summary of the business models of custodial crypto lending platforms

1. Someone else has the private keys to your assets and controls them, till you withdraw your assets. But you receive interest for these assets.

2. Platforms have contracts with the liability insurance providers, these contracts are usually capped at a certain sum to protect the insurance providers.

3. Lending via the institutional channels can be quite risky, the asset pooling, slicing and transferring works in most of the cases fine, till it doesn’t (black swans come more often than anticipated)

4. Financial intermediary licenses would be required because the platforms control the client assets

Non-custodial crypto lending platforms

We look here on MakerDAO and Compound.finance as examples. We look only at their AS-IS business model.

Their model is simple:

1. The platforms do not have access to the client assets, so they will not need regulatory financial intermediary licenses 

2. There are no assets transfers to the institutional borrowers, there are no OTC contracts with the margin lending programs of central crypto exchanges

3. There is no insurance with insurance providers

4. The loans are protected with collateral, usually with pretty high collateralization ratio (300% +)

But what can be the failure points?

1. The main failure points are the respective smart contracts, but as these contracts are open source, they have been audited and battle tested, then the probability is small.

2. Failures in the smart contracts of other platforms, for example, z0x decentral exchange, which is used for the collateral liquidation

3. External price feeds into the smart contracts

About the black-swans

Black swans are defined as 3-sigma (standard deviation) events and they should be very seldom events. Funnily there are more black swan events than the statistical theory allows. Is the statistics wrong? 

No, it’s just the wrong statistics which are used – the financial markets are modeled based on the random-walk-hypothesis (which has never been scientifically proved, it’s just as the name says – “hypothesis”) and this hypothesis implies using of the standard distribution (as everything is random, then this would be logical conclusion).

But the financial markets act based on the power-law distribution, as most of the things in nature. And by this distribution we have a much higher frequency of the black swans, meaning there are more risk events than anticipated.


We looked at the risks in two different crypto lending business models – custodial and non-custodial. The custodial business model is rather similar to traditional financial intermediaries. The non-custodial business models are new innovative business models.

Regarding the platform risks – we will not say which platform has fewer risks.

However, we refer to the common-sense hypothesis – if comparing two different models, then:

1. We have to look at the number of potential failure points in the model

2. The model with fewer failure points will be more resilient



Notify of