Canada Tightens Digital Asset Custody Regulations After QuadrigaCX Collapse

The Canadian Investment Regulatory Organization (CIRO) has issued a new Digital Asset Custody Framework to enhance crypto custody standards, emphasizing the risks that have previously caused significant harm to investors, such as the collapse of the QuadrigaCX exchange.

The new guidelines apply a tiered custody structure based on risk levels, allowing companies to innovate flexibly while still meeting investor protection requirements against threats like hacking, fraud, poor governance, and insolvency. CIRO stated that many standards within the framework have been developed in collaboration with crypto trading platforms and custodians, reflecting current industry practices.

The agency also commits to proactively updating the regulatory framework as new custody or cybersecurity risks emerge, rather than waiting for incidents to occur. According to CIRO, recurring supervisory issues across multiple companies or changes in market practices will serve as early warning signals to adjust regulatory requirements.

The 2019 QuadrigaCX incident, which resulted in approximately $123 million in customer assets being unrecoverable, remains one of the largest crypto scandals in Canada. CIRO emphasized that custody is one of the most critical risk points in the digital asset ecosystem, requiring higher standards to limit investor losses.

Canada has recently maintained a cautious approach to crypto, bringing trading platforms under existing securities laws and strengthening requirements for registration, custody, and disclosure. Recent developments related to stablecoins and the expanded supervisory role of the Bank of Canada indicate that the country is gradually building a more comprehensive regulatory framework for digital assets.