Cryptocurrencies are an emerging asset class on a wild roller coaster ride in recent years. The rapid appreciation of cryptocurrencies and the dramatic price swings have created new opportunities and risks for investors and regulators.
However, few people realize how disruptive these changes can be on businesses – especially those that operate internationally or online.
There is a need to create business continuity plans to mitigate the disruptions that cryptocurrencies can have on a business.
Significant price fluctuations in cryptos, changes in the regulatory environment, and a lack of stable legal frameworks lead to the occasional price crash and make long-term plans quite tricky for many businesses.
It takes time for traditional institutions to adapt themselves to the new technologies that cryptocurrencies introduce. This time lag can also disrupt businesses as they may be caught in the crossfire between traditional institutions and cryptocurrency networks.
Using business continuity plans will ensure that traders and investors keep taking advantage of cryptocurrency’s opportunities and risks.
Business Continuity for Crypto Exchange
Many cryptocurrency exchanges are centralized, which makes them appealing targets for hackers and blackmailers. Although they act as banks holding deposits, they do not have deposit insurance. While no one can say how many hacks go unreported to regulators or the public, the number is probably too high.
Using an exchange wallet to store your digital assets comes with added risks, so storing your coins in cryptocurrency there for an extended period is not a good idea. A private wallet requires an added effort.
Cryptocurrency exchanges hold customer funds in hot storage with online access for immediate withdrawal. Most of these funds are stored in cold storage with limited or no online access for recovery only after a manual check of multiple signatures.
These disruptions in the exchange necessitate the development of a business continuity plan to enable the exchange to stay in operation during a disaster.
When a cryptocurrency exchange fails or is hacked, it’s widely assumed that something went wrong with the assets stolen. Typically, it isn’t the cryptocurrency that has been unable or a bitcoin failure; instead, it’s basic management errors, direct founder criminality, and government shutdown orders that are to blame.
For example, let’s assume that the most significant bitcoin exchange in China, BTCChina, has published its business continuity plan in case its hot wallet is compromised by an attacker or an internal accident.
The company would shut down its trading platform and restructure debt. It includes borrowing funds from other exchanges.
The company’s cold storage would be kept intact, and a new hot wallet would be created. This change will not affect the company’s user accounts, BTC balances, and bitcoins held in cold storage for its customers. It will quickly stabilise the exchange market by enabling automated trading to re-launch.
Having business continuity plans for exchanges will ensure the continuity of operations and provide customers with a safety net that can keep them from panicking and prevent the price of bitcoins and other cryptocurrencies from dropping significantly. Thus, increasing the image of bitcoin organizations.
Why Does Your Business Need a Continuity Plan, and How Do You Create One?
When a cryptocurrency exchange CEO dies, it’s a cautionary tale for FinTech companies that handle vast amounts of money without the required regulation.
Regulation lies behind the state of technology largely because of an outdated set of rules – particularly in data security – which has little or no value.
As a result, crypto-focused financial technology startups can operate at any point without a semblance of continuity during any disaster. The lack of regulation means that they work without a business continuity plan.
Business continuity plans (BCP) are essential for all businesses, not just FinTech startups. The project is put in place to cover every aspect of the company should an event impact its ability to operate normally.
No matter how unlikely or how many disaster recovery plans you have, losing critical data can seriously hamper an organization’s functioning ability.
Cryptocurrency exchanges must have up-to-date system backups in multiple locations to prepare for disasters. However, it is also vital for them to plan out with the outside world about how to proceed after an event impacts them.
It is essential to assure investors that their funds are well taken care of, even if customer money appears stolen. In the instance of this CEO’s death, it would have been helpful to know that there was a plan to replace him or his role until the exchange could resume its operations.
Implementing a business continuity plan does not mean customers’ money is always safe. It cannot be used as an excuse by crypto exchanges that cannot fulfil their promise of guaranteed funds.
Not having one means the company will falter when disaster strikes and will not operate efficiently until the continuity plan is implemented.
The business continuity will have strategies that ensure the resumption of activities as quickly as possible, even in an emergency. The plan will be comprehensive and include all internal and external stakeholders involved.
The external exchange stakeholders, i.e., investors, will be kept abreast of the progress and information about any further steps they may need.
Investors will also be advised on how and when fiat currency and cryptocurrency withdrawals will commence.
Purpose of Crypto Disaster Recovery Plan
VeChain Foundation was one of the first organizations to develop a crypto disaster recovery plan and how it may assist in preventing significant dollar loss if an emergency arises.
Many have been astonished by the quality of VeChain’s disaster recovery plan. It is so highly effective thanks to blockchain technology’s immutability and transparency.
It starts with a pre-authorization process requiring several approvals in advance. The VeChain blockchain-based smart contract will trigger once it detects the critical error.
All authorized personnel will be notified to implement the recovery plan. This plan has three main stages: preventative measures, immediate actions on detecting critical errors, and messages broadcasted.
The recovery plan consists of three distinct stages:
1) A standby team with a complete understanding of VeChain’s operations and security policies will deploy a temporary solution for entities that have been compromised. It may entail a hot/warm solution or cold standby to prepare for various scenarios.
They need to take immediate action to prevent further damage. Hot/warm standby will use the existing infrastructure, and cold standby will initiate the disaster recovery plan that was well-tested under various conditions.
2) Blockchain’s immutable ledger provides secure storage for all cryptocurrency transactions, meaning it records every detail (i.e., timestamp, amount, sender, receiver, etc.
However, the VeChainThor Blockchain is designed for financial activities and records events and supply chain data.
If an entity’s system were compromised, every detail stored on the blockchain would be recorded in real time, including when a critical error occurs. The team responsible for implementing this solution can use these details to determine what happened and quickly coordinate a plan of action.
3) This may be the most impressive part of VeChain’s crypto disaster recovery plan. Once a critical error is detected, all signed-in users will be notified via a smartphone app to get access to temporary accounts with production permissions so they can broadcast encrypted messages through the blockchain network.
Once the broadcast is finished, users will be redirected to a decentralized VeVID authentication service. Only authorized personnel allowed in advance can access these temporary accounts.
Even if someone compromises one of those accounts, all other entities will immediately know it because the broadcasted message also contains this entity’s public key, which can’t be changed.
Disaster recovery plans need exercise and testing, particularly in stressful situations. VeChain provides opportunities for internal and external disaster recovery plan testing through community events.
VeChainThor’s crypto disaster recovery plan is impressively well-thought-out. Given the nature of blockchain technology, it is very effective in preventing loss if an error arises.
How to Create a Business Continuity Plan for my Wallet
Crypto investors should have a backup plan in place for their funds. They are free to take the chance, but they should know that their money is handled responsibly and that transactions are carried out methodically with transparent processes and multiple safeguards.
Crypto investors should create a list of exchanges they want to use for their trades and ensure trustworthy sales. They must keep the hardware supporting their wallets (e.g., secure USB drives) in separate locations.
Investors should also back up their cryptographic keys offline, securely store them at two different offsite locations, and ensure they have backups of their digital wallets. Moreover, it is recommended to regularly test the backup plan (e.g., weekly) to ensure all components work correctly.
Crypto investors should consider investing in insurance to protect their digital assets. For instance, a BitGo wallet with a multi-signature security feature comes with an insurance plan.
Should a critical failure occur because of a problem with the software architecture, BitGo will cover the loss and reimburse users for their losses. Insurance plans are available for digital wallets, exchanges, and storage devices.
Crypto investors should be careful and consult an expert before buying such a plan. The market is now full of insurance plans that are either too expensive or not comprehensive enough.
Moreover, investors should search for crypto-friendly insurance agencies, e.g., those providing coverage for stolen digital wallets and exchanges that shut down without notice.
Some agencies are willing to pay out in case of a cyberattack (e.g., CryptoIns). In addition to insurance policies, web-based services offer their users credit and cyber-liability protection.
For instance, the American Institute For Chartered Property Casualty Underwriters (AICPCU) has an entire department dedicated to cryptocurrency underwriting.
It is a part of a larger organization that provides 24/7 support and customer services. It specializes in mining coverage, digital wallets and exchange coverages, cyber-liability protection policies, and insurance for cryptocurrency ATMs.
AICPCU has developed a new policy explicitly tailored for cryptocurrency businesses by working closely with its insureds to build custom solutions that address their needs.
The agency works with an in-house team of risk control specialists, claims reps, and underwriters duly qualified to assess the risks associated with such businesses.
Why Does your Company Need a Business Continuity Plan?
Gerald Cotten, the CEO of QuadrigaCX, died on December 9, 2018, after contracting an illness while travelling in India. In paying homage to him, $100 billion worth of Bitcoin (minus 0.5 per cent of current Ether prices) will go missing from the blockchain.
The usage of a cold wallet is not always an indicator of malevolence. This approach protects you against hackers who steal bitcoins from hot wallets. In this sense, it’s a good decision.
However, if you cannot maintain access to the private key required for your wallet, you have a problem.
Bcp crypto bank coordinates the crypto academy and enables peer-to-peer network cold wallets and distributed nodes in the crypto wallet.
It facilitates bitcashpay financial technology in decentralized finance, focusing on private keys and many distributed nodes and bitcashpay tokens to crypto-assets.
A decentralized cryptocurrency exchange payment system also uses the bitcashpay app for cellular phone loads for a payment solution that uses real-time transaction balances in crypto assets.
This blockchain solution of decentralized lending of fiat cash is crucial in the ethereum network that yields farming for the total supply and security of the system.
Transfer of internet node from person to person in the world to buy goods in the form of cash to bank and transactions through the internet of account and bitcashpay users use BCP in events to get tokens on a block to get fast food.
There are companies like bitcashpay Financial Technology inc that use the same arrangements for blockchain technology in the use of cold and hot wallets. Blockchain networks use a crypto academy network to process transactions in the network and bank security.
This example shows a need to plan if something happens to your key management personnel. Effectively, it would help if you considered dealing with business continuity and disaster recovery before you need it and not vice versa.
The death of key personnel is one of the risks you face and one of the most challenging situations to resolve. The company took months to recover from this tragic event, and the organization can learn from its experience.
Some key points on preparing your company before something terrible happens to your team.
1- Communication framework: establish a secure, reliable, and documented communication framework to help your team in case of a disaster.
2- Business continuity plan: provide the organization with a business continuity plan that includes critical steps for response and recovery.
3- Disaster recovery: design and maintain a disaster recovery plan that staff will access in an emergency and help them recover and resume their critical business processes.
4- Technology assets inventory: document all your team’s technology resources and use this information to maintain a well-maintained backup system to protect blockchain transactions.
5- Key management procedures: define procedures required for crucial handling, storage, transfer, and who has access to them or not.
6- Share knowledge on network security among your team members.
7- Document everything: document all the procedures of your team in case they are lost.
8- Be prepared for the worst-case scenario; serious illnesses or accidents may happen to you someday.
The emerging cryptocurrency industry is an exciting new frontier for entrepreneurs. However, it’s not without its challenges and risks. With the popularity of cryptocurrencies in recent years, like Bitcoin, Litecoin, and Ethereum, many people are investing heavily in this space.
But what happens if an organization’s business starts experiencing a disruption? What will you do with all those assets that have yet to be mined or traded? A Crypto Disaster Recovery Plan (BCP) will help ensure you can stay up and running even when disaster strikes!
We’ve shown you how to create a business continuity plan for your wallet, but what about the larger picture? Your company needs an overarching BCP that will mitigate any disruptions in cryptocurrency.
What are some of the threats to cryptocurrency exchanges and businesses today? Government agencies like the SEC or FTC have no accurate regulation on cryptocurrencies, which leaves many companies open to potential hacks or scams if they don’t have their security measures.
Chris Ekai is a Risk Management expert with over 10 years of experience in the field. He has a Master’s degree in Risk Management from University of Portsmouth and is a CPA and Finance professional. He currently works as a Content Manager at Risk Publishing, writing about Enterprise Risk Management, Business Continuity Management and Project Management.