Cryptocurrencies are an emerging asset class that has been on a wild roller coaster ride in recent years. The rapid appreciation of cryptocurrencies and the dramatic price swings have created new opportunities and risks for both investors and regulators alike. However, few people realize how disruptive these changes can be on businesses – especially those that operate internationally or online.
There is a need to create business continuity plans to mitigate the disruptions that cryptocurrencies can have on a business. There are significant price fluctuations in cryptos, changes in the regulatory environment, and a lack of stable legal frameworks, leading to the occasional crash in prices and making long-term plans quite tricky for many businesses. It takes time for traditional institutions to adapt themselves to the new technologies that cryptocurrencies introduce. This time lag can also disrupt businesses as they may find themselves caught in the crossfire between traditional institutions and cryptocurrency networks.
The use of business continuity plans will ensure that traders and investors keep taking advantage of both opportunities and risks that cryptocurrency brings.
Business Continuity for Crypto Exchange
Many cryptocurrency exchanges are centralized, which makes them appealing targets for hackers and blackmailers. Although they act as banks in holding deposits, they do not have deposit insurance. While no one can say how many hacks go unreported to regulators or the public, the number is probably too high.
Using an exchange wallet to store your digital assets comes with added risks, so storing your coins in cryptocurrency there for an extended period is not a good idea. A private wallet requires an added effort.
Cryptocurrency exchanges hold customer funds in hot storage with online access for immediate withdrawal. The majority of these funds are stored in cold storage with limited or no online access for recovery only after a manual check of multiple signatures.
These disruptions on the exchange necessitate the development of a business continuity plan to enable the exchange to stay in operation during a disaster. Typically, when a cryptocurrency exchange fails or is hacked, it’s widely assumed that something went wrong with the assets stolen. Typically, though, it isn’t the cryptocurrency that has been unable or a bitcoin failure; instead, it’s basic management errors, direct founder criminality, and government shutdown orders that are to blame.
For example, let’s assume that the most significant bitcoin exchange in China, BTCChina, has published its business continuity plan if their hot wallet is compromised by an attacker or internal accident. The company would shut down its trading platform and go into debt restructuring mode. It includes borrowing funds from other exchanges. The company’s cold storage would be kept intact, and a new hot wallet would be created. The company’s user accounts, BTC balances, and bitcoins held in cold storage for its customers will not be affected by this change. It will make the exchange market stable again quickly by enabling automated trading to re-launch.
The idea of having business continuity plans for exchanges will ensure the continuity of operations and provide customers with a safety net that can keep them from panicking and prevent the price of bitcoins and other cryptocurrencies from dropping significantly. Thus, increasing the image of bitcoin organizations.
Why Does your Business Need a Continuity Plan, and How to Create One?
When a cryptocurrency exchange CEO dies, it’s a cautionary tale for FinTech companies who handle vast amounts of money without the required regulation. Regulation lies behind the state of technology in large part because of an outdated set of rules – particularly in data security – which has little or no value. As a result, crypto-focused financial technology startups can operate at any point without a semblance of continuity during any disaster. The lack of regulation means that they work without a business continuity plan.
Business continuity plans (BCP) are essential for all businesses, not just FinTech startups. The project is put in place to cover every aspect of the company should an event impact its ability to operate normally. No matter how unlikely or how many disaster recovery plans you have in place, the loss of critical data can seriously hamper an organization’s ability to function.
Cryptocurrency exchanges must have up-to-date backups of their systems in multiple locations to prepare for disasters. However, it is also vital for them to plan out with the outside world about how to proceed after an event impacts them. It is essential to assure investors that their funds are well taken care of, even if it appears customer money is stolen. In the instance of this CEO’s death, it would have been helpful to know that there was a plan in place to replace him or his role until the exchange could resume its operations.
Implementing a business continuity plan does not mean that customers’ money is always safe. It cannot be used as an excuse by crypto exchanges that cannot fulfill their promise of guaranteed funds. Not having one only means the company will falter when disaster strikes and will not operate efficiently until the continuity plan is implemented.
The business continuity will have strategies that ensure the resumption of activities as quickly as possible, even in an emergency. The plan will be comprehensive and include all internal and external stakeholders involved. The external exchange stakeholders, i.e., investors, will be kept abreast of the progress and information about any further steps they may need to take. Additionally, investors will also be advised on how and when fiat currency and cryptocurrency withdrawals will commence.
Purpose of Crypto Disaster Recovery Plan
VeChain Foundation was one of the first organizations to develop a crypto disaster recovery plan and how it may assist prevent significant dollars loss if an emergency arises. Many have been astonished by the quality of VeChain’s disaster recovery plan. It is so highly effective thanks to blockchain technology’s immutability and transparency.
It starts with a pre-authorization process which requires several approvals set up in advance. The VeChain blockchain-based smart contract will trigger once it detects the critical error. That is, all authorized personnel will be notified to implement the recovery plan. There are three main stages to this plan: preventative measures, immediate actions on detecting critical errors, and messages broadcasted.
The recovery plan consists of three distinct stages:
1) A standby team with a complete understanding of VeChain’s operations and security policies will deploy a temporary solution for entities that have been compromised. It may entail a hot/warm solution or cold standby to prepare for various scenarios. They need to take immediate actions to prevent further damage. Hot/warm standby will use the existing infrastructure, and cold standby will initiate the disaster recovery plan that was well-tested under various conditions.
2) Blockchain’s immutable ledger provides secure storage for all cryptocurrency transactions, meaning it records every single detail (i.e., timestamp, amount, sender, receiver. However, the VeChainThor Blockchain is designed for financial activities and records events and supply chain data.
If an entity’s system were compromised, every detail stored on the blockchain would be recorded in real-time, including when a critical error occurs. The team responsible for implementing this solution can use these details to determine what happened and quickly coordinate a plan of action.
3) This may be the most impressive part of VeChain’s crypto disaster recovery plan. Once a critical error is detected, all signed-in users will be notified via a smartphone app to get access to temporary accounts with production permissions so they can broadcast encrypted messages through the blockchain network.
Once the broadcast is finished, users will be redirected to a decentralized VeVID authentication service. Only authorized personnel who have been allowed in advance can access these temporary accounts. Even if someone manages to compromise one of those accounts, all other entities will immediately know it because the broadcasted message will also contain this entity’s public key that can’t be changed.
Disaster recovery plans need exercise and testing, particularly in stressful situations. VeChain provides opportunities for disaster recovery plan testing both internally and externally through community events. VeChainThor’s crypto disaster recovery plan is impressively well-thought-out. Given the nature of blockchain technology, it is very effective in preventing loss if an error arises.
How to Create a Business Continuity Plan for my Wallet
Crypto investors should have a backup plan in place for their funds. They are free to take the chance, but they should be aware that their money is handled responsibly and that transactions are carried out methodically with transparent processes and multiple safeguards.
Crypto investors should create a list of exchanges they want to use for their trades and ensure trustworthy sales. They need to ensure that the hardware supporting their wallets (e.g., secure USB drives) is kept in separate locations. Investors should also back up their cryptographic keys offline, securely store them at two different offsite locations, and ensure that they have backups of their digital wallets. Moreover, it is recommended to test the backup plan regularly (e.g., weekly) to ensure all components are working correctly.
Crypto investors should consider investing in insurance to protect their digital assets. For instance, a BitGo wallet with a multi-signature security feature comes complete with an insurance plan. Should a critical failure occur because of a problem with the software architecture, BitGo will cover the loss and reimburse users for their losses. Insurance plans are available on the market for digital wallets, exchanges, and even storage devices.
Crypto investors should be careful and consult an expert before buying such a plan. The market is now full of insurance plans that are either too expensive or not comprehensive enough. Moreover, investors should search for crypto-friendly insurance agencies, e.g., those providing coverage for stolen digital wallets and exchanges which shut down without notice. Even some agencies are willing to pay out in case of a cyber-attack (e.g., CryptoIns). In addition to insurance policies, there are also web-based services that offer their users credit and cyber-liability protection.
For instance, the American Institute For Chartered Property Casualty Underwriters (AICPCU) has an entire department dedicated to cryptocurrency underwriting. It is a part of a larger organization that provides 24/7 support and many services to customers. It currently specializes in mining coverage, digital wallets and exchanges coverages, cyber-liability protection policies, and insurance for cryptocurrency ATMs.
AICPCU has developed a new policy explicitly tailored for cryptocurrency businesses by working closely with its insureds to build custom solutions that address their needs. The agency works with an in-house team of risk control specialists, claims reps, and underwriters duly qualified to assess the risks associated with such businesses.
Why Does your Company Need a Business Continuity Plan?
Gerald Cotten, the CEO of QuadrigaCX, died on December 9, 2018, after contracting an illness while traveling in India. In the process of paying homage to him, $100 billion worth of Bitcoin (minus 0.5 percent of current Ether prices) will go missing from the blockchain. The usage of a cold wallet is not always an indicator of malevolence. This approach protects you against hackers who steal bitcoins from hot wallets. In this sense, it’s a good decision. However, if one cannot maintain access to the private key required for their wallet, you have a problem.
Bcp crypto bank coordinates crypto academy and enables peer-to-peer network cold wallets and distributed nodes in the crypto wallet. It facilitates bitcashpay financial technology in decentralized finance, focusing on private keys and many distributed nodes and bitcashpay tokens to crypto-assets.
A decentralized cryptocurrency exchange payment system also uses the bitcashpay app for cellular phone loads for a payment solution that uses real-time transaction balances in crypto assets. This blockchain solution of decentralized lending of fiat cash is crucial in the ethereum network that yields farming for the total supply and security of the system. Transfer of internet node from person to person in the world to buy goods in the form of cash to bank and transactions through the internet of account and bitcashpay users use BCP in events to get tokens on a block to get fast food. There are companies like bitcashpay financial technology inc that use the same arrangements for blockchain technology in the use of cold and hot wallets. Blockchain network use of crypto academy network to process transactions in the network and bank security.
From this example, we can see that there is a need to plan if something happens to your key management personnel. Effectively, it would help if you thought about dealing with business continuity and disaster recovery before you need it and not the other way around. The death of key personnel is one of the risks you face and one of the most challenging situations to resolve. It took the company months to recover from this tragic event, and the organization can learn from its experience.
Some key points on how to prepare your company before something terrible happens to your team.
1- Communication framework: establish a secure, reliable, and documented communication framework to help your team in case of a disaster.
2- Business continuity plan: provide the organization with a business continuity plan that includes critical steps for response and recovery.
3- Disaster recovery: design and maintain a disaster recovery plan that staff will access in case of an emergency and helps them recover and resume their critical business processes.
4- Technology assets inventory: document all the technology resources your team uses and use this information to maintain a well-maintained backup system to protect blockchain transactions.
5- Key management procedures: define procedures required for crucial handling, storage, transfer, who has access to them or not.
6- Share knowledge on network security: share knowledge among your team members.
7- Document everything: document all the procedures of your team in case they are lost.
8- Be prepared for the worst-case scenario; serious illnesses or accidents may happen to you someday
The emerging cryptocurrency industry is an exciting new frontier for entrepreneurs. However, it’s not without its challenges and risks. With the surge in popularity of cryptocurrencies in recent years like Bitcoin, Litecoin, Ethereum, many people are investing heavily in this space. But what happens if an organization’s business starts experiencing a disruption? What will you do with all those assets that have yet to be mined or traded? A Crypto Disaster Recovery Plan (BCP) will help ensure that you can stay up and running even when disaster strikes!
We’ve shown you how to create a business continuity plan for your wallet, but what about the larger picture? Your company needs an overarching BCP that will mitigate any disruptions in cryptocurrency. What are some of the threats to cryptocurrency exchanges and businesses today? There is no accurate regulation on cryptocurrencies by government agencies like the SEC or FTC, which leaves many companies open to potential hacks or scams if they don’t have their security measures.
Chris Ekai is a Risk Management expert with over 10 years of experience in the field. He has a Master’s degree in Risk Management from University of Portsmouth and is a CPA and Finance professional. He currently works as a Content Manager at Risk Publishing, writing about Enterprise Risk Management, Business Continuity Management and Project Management.