Capstone - Building a Comprehensive Custody Program for a $500M Family Office

Your first task is to determine the regulatory framework applicable to Meridian's digital asset custody.

Questions to Address:

1. Does Meridian qualify as a single family office under SEC rules?
2. Does the SEC Custody Rule apply to Meridian?
3. What fiduciary duties apply to custody decisions?
4. Are there state-specific considerations for Delaware?

Framework:

MERIDIAN REGULATORY ANALYSIS:

SEC FAMILY OFFICE EXEMPTION:

Rule 202(a)(11)(G)-1 Requirements:
□ Family clients only - MEETS
□ Wholly owned by family - MEETS
□ No public holding out - MEETS
□ Key employee inclusion - MEETS

Conclusion: Qualifies as family office
SEC Custody Rule: NOT applicable

FIDUCIARY CONSIDERATIONS:

• Fiduciary duty to family members
• Delaware LLC fiduciary standards
• Common law prudent management
• Documented decision-making required

PRACTICAL IMPLICATIONS:

Required:
✓ Prudent process documentation
✓ Risk-appropriate custody
✓ Family governance approval
✓ Proper controls

Not Required:
✗ Qualified custodian (but recommended)
✗ SEC examination readiness
✗ Rule 206(4)-2 compliance
```

Based on Meridian's profile, determine the appropriate custody model.

Considerations:

CUSTODY MODEL ANALYSIS:

- No direct ownership
- ETF expenses (0.25-0.60%)
- Limited to ETF assets
- Less control

- New relationship required
- Operational complexity
- New processes needed
- Learning curve

- Two approaches to manage
- May complicate reporting

RECOMMENDED: HYBRID APPROACH

- ETF for BTC/ETH ($6M) via existing Northern Trust
- Direct custody for XRP ($9M) for full control
- XRP is primary thesis; direct ownership valuable
- BTC/ETH commodity-like; ETF sufficient
- Manageable complexity given conservative approach

Design the governance structure for digital asset custody.

Framework:

MERIDIAN CUSTODY GOVERNANCE:

- Digital asset policy approval
- Major custodian decisions
- Risk appetite confirmation
- Annual program review

- 3 family members
- CEO (non-voting)

- Custodian selection approval
- Due diligence review
- Allocation compliance
- Performance review

- CIO (Chair)
- CEO
- CFO
- External advisor (optional)

- Custodian relationship management
- Transaction execution
- Monitoring and reporting
- Issue escalation

- Director of Operations (you)
- CFO (backup)

APPROVAL AUTHORITIES:

Decision Authority Approval
─────────────────────────────────────────────────────────
Policy adoption Family Board Majority
Custodian selection Investment Comm Unanimous
Single transaction <$500K Dir. Operations Individual
Single transaction >$500K CEO Individual
Custodian change Investment Comm Unanimous
Emergency action CEO + CIO Joint

---

Define the requirements for Meridian's XRP custodian.

Specification:

CUSTODIAN REQUIREMENTS:

MANDATORY REQUIREMENTS:

Regulatory:
☑ Qualified custodian status preferred
☑ US regulated entity
☑ No material enforcement actions
☑ Clean regulatory record

Security:
☑ Multi-signature or MPC
☑ Cold storage >90%
☑ HSM-based key management
☑ SOC 2 Type II

Financial:
☑ Insurance coverage
☑ Financial stability demonstrated
☑ Adequate capitalization

Operational:
☑ XRP support (required)
☑ Reporting capabilities
☑ API access (preferred)
☑ Responsive support

PREFERRED REQUIREMENTS:

☐ Federal charter preferred
☐ 5+ years operating history
☐ $10B+ AUC
☐ Multiple asset support
☐ CCSS certification
☐ Proof of reserves

DEAL BREAKERS:

☒ No qualified custodian pathway
☒ Material security incidents
☒ Regulatory enforcement action
☒ Inadequate XRP support
☒ Financial instability indicators
```

Evaluate three candidate custodians for Meridian.

CANDIDATE CUSTODIANS:

CANDIDATE A: COINBASE CUSTODY

- NY Trust Company (NYDFS)
- Qualified custodian
- SOC 1 & 2 Type II

- MPC + Multi-sig
- 98% cold storage
- HSM-based
- Comprehensive audits

- Full XRP support
- ETF custody experience
- Established XRP operations

- $200B+ AUC
- Public company (Coinbase)
- Strong insurance

- Excellent reporting
- API access
- 24/7 support
- Account minimums: $500K

Overall: 46/50 - STRONG CANDIDATE

CANDIDATE B: BITGO

- SD Trust Company
- Federal charter pending
- SOC 2 Type II

- Multi-sig heritage
- Adding MPC
- Cold storage focus
- Strong security

- Full XRP support
- 800+ assets
- Comprehensive coverage

- $50B+ AUC
- Well-capitalized
- Insurance coverage

- API-first approach
- Good reporting
- Developer friendly
- Account minimums: $100K

Overall: 41/50 - GOOD CANDIDATE

CANDIDATE C: ANCHORAGE DIGITAL

- OCC National Bank
- Federal qualified custodian
- SOC 2 Type II

- Biometric hardware
- MPC/multi-sig hybrid
- Strong architecture

- XRP supported
- Selective asset list
- Quality focus

- $50B+ AUC
- Federal bank charter
- Strong capitalization

- Institutional focus
- High minimums ($1M)
- Premium service

Overall: 43/50 - STRONG CANDIDATE

SELECTION RECOMMENDATION:

• Strongest XRP support

• Excellent track record

• ETF custody experience

• Appropriate for Meridian's needs

• Account minimums acceptable

• Diversification

• Different jurisdiction (SD)

• Lower minimums

• Good XRP support

Create the due diligence documentation for the selected custodian.

DUE DILIGENCE MEMORANDUM

TO: Investment Committee
FROM: Director of Operations
RE: Coinbase Custody Due Diligence
DATE: [Current Date]

EXECUTIVE SUMMARY:
This memorandum documents the due diligence
conducted on Coinbase Custody Trust Company
for digital asset custody services.

RECOMMENDATION: APPROVED FOR USE

Charter: New York Trust Company
Regulator: NYDFS
License Date: 2018
Examination: Annual (confirmed current)
Enforcement: None
Status: Qualified custodian

Assessment: SATISFACTORY

Technology: MPC + Multi-signature
Cold Storage: 98%+ of assets
HSMs: FIPS 140-2 Level 3
Audit: SOC 2 Type II (clean)
Penetration Testing: Annual (Big 4)
Incidents: No material breaches

Assessment: SATISFACTORY

AUC: $200B+ (as of date)
Parent: Coinbase Global, Inc. (NASDAQ: COIN)
Insurance: Lloyd's of London syndicate
Coverage: $320M crime coverage
Profitability: Public company financials

Assessment: SATISFACTORY

XRP Support: Full support
Reporting: Real-time + periodic
API: Comprehensive
Support: 24/7, dedicated account
Onboarding: 2-4 weeks typical

Assessment: SATISFACTORY

Segregation: Assets segregated
Rehypothecation: Prohibited without consent
Termination: 30-day notice
Insurance: Maintained per agreement
Liability: Standard for industry

Assessment: SATISFACTORY

Conducted: 3 reference calls
Feedback: Positive across all
Issues Noted: None material

Coinbase Custody meets all mandatory requirements
and most preferred requirements. Recommended for
approval as primary digital asset custodian for
Meridian Family Capital XRP holdings.

APPROVALS:
Director of Operations: _____________ Date: _____
CFO: _____________ Date: _____
CEO: _____________ Date: _____
Investment Committee: _____________ Date: _____
```

---

Create the custody policy for Meridian:

MERIDIAN FAMILY CAPITAL
DIGITAL ASSET CUSTODY POLICY

Effective Date: [Date]
Version: 1.0
Approved By: Family Board

1. PURPOSE

This policy establishes the framework for custody
of digital assets held by Meridian Family Capital
(the "Office").

1. SCOPE

- Cryptocurrencies (XRP, Bitcoin, Ethereum)
- Stablecoins
- Tokenized assets
- Digital asset investment vehicles

1. GOVERNANCE

- Approves this policy and amendments
- Sets risk appetite for digital assets
- Reviews program annually

- Approves custodian selection
- Reviews due diligence findings
- Monitors custody performance

- Manages custodian relationships
- Executes custody procedures
- Reports to Investment Committee

1. CUSTODY REQUIREMENTS

- US regulated entity
- Qualified custodian status (preferred)
- SOC 2 Type II certification
- Adequate insurance coverage
- Demonstrated financial stability

- Full due diligence required
- Investment Committee approval
- Documentation maintained

4.3 ETF Investments
Digital assets held via ETF are subject to
standard securities custody procedures.

1. OPERATIONAL PROCEDURES

- <$500,000: Director of Operations
- >$500,000: CEO approval required
- Dual authorization for withdrawals

- Daily: Automated position check
- Weekly: Full reconciliation
- Monthly: Independent verification

- Monthly: Position report to CFO
- Quarterly: Committee report
- Annual: Board summary

1. RISK MANAGEMENT

- Single custodian: Maximum 80%
- Exception: CEO and CIO approval

- Verify custodian insurance annually
- Assess adequacy vs. exposure

- Maintain backup custodian relationship
- Annual transition plan review

1. MONITORING

- Quarterly: Performance review
- Annual: Full due diligence refresh
- Event-driven: Upon material changes

- Operational issues: Director to CEO
- Material issues: CEO to Committee
- Critical issues: Committee to Board

1. DOCUMENTATION

- Due diligence files
- Transaction records
- Monitoring reports
- Committee minutes

1. POLICY REVIEW

This policy shall be reviewed annually by the
Investment Committee and approved by the
Family Board.

APPROVAL:

Family Board Chair: _____________ Date: _____
CEO: _____________ Date: _____
```

Create key operational procedures:

CUSTODY OPERATIONAL PROCEDURES

PROCEDURE 1: TRANSACTION AUTHORIZATION

Purpose: Ensure proper authorization of
         digital asset transactions

Scope: All digital asset movements

Procedure:

1. Transaction Initiation

2. Verification

3. Authorization

4. Execution

5. Documentation

---

PROCEDURE 2: MONTHLY RECONCILIATION

Purpose: Ensure position accuracy

Frequency: Monthly (first 5 business days)

Procedure:

1. Obtain Reports

2. Reconcile Positions

3. Document Results

4. Sign-Off

5. Escalation

---

PROCEDURE 3: INCIDENT RESPONSE

Purpose: Handle custody-related incidents

Scope: Any custody issue or concern

Procedure:

1. Detection

2. Notification

3. Response

4. Investigation

5. Resolution

6. Reporting

---

IMPLEMENTATION TIMELINE:

PHASE 1: GOVERNANCE (Weeks 1-2)
□ Draft custody policy
□ Investment Committee review
□ Family Board approval
□ Document governance structure

PHASE 2: CUSTODIAN SELECTION (Weeks 3-6)
□ Issue RFI/RFP to candidates
□ Conduct due diligence
□ Document findings
□ Investment Committee approval

PHASE 3: CONTRACTING (Weeks 7-8)
□ Negotiate agreements
□ Legal review
□ Execute agreements
□ Obtain insurance certificates

PHASE 4: OPERATIONAL SETUP (Weeks 9-10)
□ Complete account opening
□ Set up authorizations
□ Configure reporting
□ Test procedures

PHASE 5: DEPLOYMENT (Weeks 11-12)
□ Initial funding (test amount)
□ Verify operations
□ Full deployment
□ Confirm positions

PHASE 6: STEADY STATE (Ongoing)
□ Implement monitoring program
□ Begin regular reporting
□ Conduct first reconciliation
□ Document lessons learned

INITIAL RISK REGISTER:

RISK 1: CUSTODIAN OPERATIONAL FAILURE
Probability: Low (2)
Impact: High (4)
Risk Score: 8
Controls: Due diligence, monitoring, backup
Status: Mitigated
Owner: Director of Operations
Review: Quarterly

RISK 2: SECURITY BREACH AT CUSTODIAN
Probability: Low (2)
Impact: Very High (5)
Risk Score: 10
Controls: Custodian security, insurance
Status: Mitigated
Owner: Director of Operations
Review: Quarterly

RISK 3: KEY PERSON DEPENDENCY
Probability: Medium (3)
Impact: Medium (3)
Risk Score: 9
Controls: Documentation, backup training
Status: Partially mitigated
Owner: CEO
Review: Quarterly

RISK 4: REGULATORY CHANGE
Probability: Medium (3)
Impact: Medium (3)
Risk Score: 9
Controls: Monitoring, legal review
Status: Accept and monitor
Owner: Director of Operations
Review: Quarterly

RISK 5: PRICE VOLATILITY IMPACT
Probability: High (4)
Impact: Medium (3)
Risk Score: 12
Controls: Allocation limits, rebalancing
Status: Accept per investment thesis
Owner: CIO
Review: Quarterly

---

Create a comprehensive custody program document for Meridian Family Capital that includes:

Required Sections:

1. Executive Summary (1 page)

2. Regulatory and Structural Analysis (2 pages)

3. Custodian Selection (3 pages)

4. Policy Framework (2 pages)

5. Operational Plan (2 pages)

6. Monitoring and Compliance (2 pages)

7. Contingency Planning (1.5 pages)

8. Appendices (as needed)

Total Length: 15-18 pages

Format: Professional board-ready document

Grading Criteria:

Criterion	Weight
Completeness	20%
Technical accuracy	25%
Practical applicability	20%
Professional presentation	15%
Risk awareness	10%
Documentation quality	10%

Time Investment: 8-12 hours

---

Before submitting your capstone, verify:

Regulatory/Structural:
□ Correctly identified regulatory framework
□ Custody model appropriate for institution
□ Governance structure complete

Custodian Selection:
□ Requirements clearly specified
□ Candidates objectively evaluated
□ Due diligence documented
□ Selection justified

Policy/Procedures:
□ Policy covers all required elements
□ Procedures are operational
□ Authorities clearly defined
□ Documentation requirements addressed

Implementation:
□ Timeline realistic
□ Resources identified
□ Risks assessed
□ Milestones measurable

Monitoring/Compliance:
□ Monitoring program systematic
□ Reporting framework complete
□ Incident response defined
□ Ongoing due diligence planned

Contingency:
□ Backup strategy defined
□ Transition plan outlined
□ Key person risk addressed

---

Congratulations on completing the Institutional Custody & Compliance course. You now have the knowledge and frameworks to:

The custody landscape will continue to evolve. The frameworks you've learned provide a foundation for adapting to new developments while maintaining the discipline that institutional custody requires.

Remember: Custody isn't glamorous, but it's foundational. Every institutional crypto investment depends on it. The skills you've developed in this course are essential for anyone serious about institutional digital asset investment.

---

1. For a single family office with no outside investors, is a qualified custodian legally required?
Answer: B - Not legally required, but recommended as best practice for risk management

2. What is the primary advantage of a hybrid custody model (ETF + direct custody)?
Answer: C - Balances operational simplicity with direct ownership for key positions

3. What documentation is most important for regulatory/fiduciary defense?
Answer: A - Decision rationale documenting prudent process and reasoning

4. How should custodian concentration risk be managed?
Answer: D - Policy limits, backup custodian relationship, and transition planning

5. What distinguishes an excellent custody program from an adequate one?
Answer: B - Continuous monitoring, testing, documentation discipline, and proactive risk management

---

End of Course 34: Institutional Custody & Compliance

Course Total Words: ~68,000
Total Lessons: 15
Estimated Course Completion Time: 40-60 hours including all deliverables