30/06/2026 19:54
Young Platform S.p.A., as an authorised provider of custody and administration services for crypto-assets under Regulation (EU) 2023/1114 (“MiCAR“), adopts a structured custody model designed to ensure the highest level of protection for clients’ holdings, in line with the most stringent regulatory, technological and governance standards.
Custody model and technical architecture
Clients’ crypto-assets are held within a highly secure, resilient technological infrastructure designed to ensure the integrity, availability and traceability of the digital assets at all times. The infrastructure relies on advanced distributed cryptographic protection technologies that eliminate any single point of vulnerability and ensure that no single person or component can ever unilaterally dispose of the clients’ crypto-assets.
Clients’ holdings are aggregated in a wallet exclusively dedicated to the clientele, distinct from the wallet used for Young Platform’s corporate activities. The wallet is structured so as to ensure the accounting segregation between the individual positions of each client, allowing for the precise identification of the ownership of the crypto-assets at any time.
Segregation is ensured through:
- the individual management of positions by means of unique deposit addresses and client identifiers;
- an internal accounting system that ensures, at all times, alignment between actual holdings and accounting entries;
- a set of automated controls and periodic checks validating every movement.
The entire configuration is designed to prevent any form of commingling between the clients’ crypto-assets and those of the Company. Clients’ crypto-assets constitute segregated assets within the meaning of the law and cannot be claimed by the Company’s creditors, even in the event of insolvency, liquidation or any other insolvency proceedings affecting the service provider.
The “collective wallet” (omnibus wallet) model: how it works, what risks it entails and what safeguards the Company adopts.
To hold clients’ crypto-assets, Young Platform uses a so-called “omnibus” or collective-wallet model. In practice, the crypto-assets of different clients are not held in a separate, dedicated wallet on the blockchain for each client, but are pooled together within shared wallets held in the Company’s name and kept distinct from the Company’s own assets. The share belonging to each client is recorded and updated at all times in the Company’s internal accounting records (the so-called ledger), which makes it possible to know precisely, at any time, how many crypto-assets belong to each client. The crypto-assets always remain the property of the client and never become part of the Company’s assets.
Why the Company uses this model
The omnibus model is the standard adopted by the main operators in Europe because it makes it possible to handle operations in a more efficient and faster manner, with network costs (blockchain fees) significantly lower than those entailed by the creation of a separate wallet on the blockchain for each individual client. These lower costs translate into a benefit for clients.
What the risks are and how they are managed
The use of shared wallets entails certain specific risks, described below in clear terms, together with the measures (safeguards) the Company adopts to mitigate them.
Concentration and cybersecurity risk
Pooling significant quantities of crypto-assets into a few wallets may make such wallets a more attractive target for cyberattacks. In order to mitigate this risk, the Company uses a technology (Multi-Party Computation – MPC) that splits the access “keys” among several parties, so that no one can move the funds alone, and applies multi-signatures, operational limits, allow-lists of authorised addresses, continuous monitoring and a multi-layered architecture, including wallets with enhanced security.
Record misalignment risk
Since the allocation among clients is managed through internal accounting records, a serious malfunction of such records could, in theory, make it more complex to quickly determine the exact share belonging to each client. To prevent this, the Company carries out automated reconciliations at least daily between internal records and actual holdings on the blockchain, a weekly solvency check (Proof of Solvency), data backups and independent controls.
Pro rata shortfall risk
In the remote event of a loss of crypto-assets from the shared wallets (for example, as a result of a cyberattack) that is not fully covered by insurance or by the Company’s own resources, the residual loss could be allocated pro rata among all clients holding crypto-assets in the same wallet. In order to mitigate this risk, the Company maintains segregation from its own assets, adopts the security safeguards described above and relies on adequate insurance coverage.
In summary, the safeguards in favour of the client
The client’s crypto-assets: (i) remain their property and are kept separate from the Company’s assets, and cannot be claimed by the Company’s creditors even in the event of insolvency; (ii) are attributable to the client at all times thanks to the internal records and to a deposit address associated with the client; (iii) are protected by MPC technology, multi-signatures and operational limits; (iv) are subject to daily reconciliations, a weekly Proof of Solvency check and periodic controls and audits; (v) are subject to the supervision of the Board of Directors and to business continuity plans.
The summary information set out herein does not replace the contractual documentation: for full details, please refer to the General Terms and Conditions of the Service and to the Custody and Administration Procedure, of which this summary forms an integral part.
Security measures and authorisation of transactions
Access to crypto-assets and their movement are subject to rigorous controls and multi-layered authorisation rules, designed to prevent unauthorised movements and to ensure the maximum protection against the risks of theft, loss or improper use. In particular, the system relies on:
- the distribution of cryptographic keys among several authorised persons, according to a model that prevents any single person from disposing of the crypto-assets autonomously;
- the use of secure signing devices, subject to continuous monitoring, advanced authentication and protection through centralised management systems that ensure constant updates and compliance with security standards;
- a system of pre-defined transaction rules governing limits, signing thresholds and approval criteria based on the nature of the transaction.
The system is designed so that no transaction can be executed outside the cases expressly authorised. The entire framework operates on a default-deny basis: any transaction not compliant with the pre-defined rules is automatically blocked, providing robust protection against the risks of fraud, human error or external attacks.
Segregation and internal controls
Young Platform adopts a coherent set of organisational, technical and procedural measures to ensure that the crypto-assets held on behalf of clients are at all times:
- identifiable and traceable;
- separated from those of the Company;
- immediately available to the client;
- not subject to the risk of improper use.
These crypto-assets do not, at any time, enter into the Company’s assets and are held exclusively in the interest of clients, in accordance with Articles 75 et seq. of MiCAR.
To this end, the following are carried out:
- periodic reconciliations between internal records and actual holdings;
- a weekly Proof of Solvency, which demonstrates the existence and full coverage of clients’ aggregate positions, ensuring that the total crypto-assets held in custody are at all times equal to or greater than the value of the clients’ individual positions;
- second-level controls by the Compliance Function and periodic audits, including independent ones.
In addition, the custody of crypto-assets is subject to continuous oversight by the Board of Directors, which approves and updates the procedure, assesses residual risks and verifies the actual implementation of the measures provided for. In the case of significant events, emergency management procedures are in place, with the immediate involvement of the relevant functions.
Timing for the deposit of clients’ funds
Funds received from clients are deposited with an authorised credit institution by the end of the business day following their receipt, in accordance with Article 70(3) of MiCAR.
Management of rights connected to crypto-assets
In compliance with the regulatory provisions, Young Platform ensures – where technically possible and following appropriate verifications – the management of the rights connected to the crypto-assets held on behalf of clients. The Company carries out proactive monitoring of the supported blockchains in order to promptly detect relevant events. The rights that can be managed may include:
- the allocation of tokens deriving from airdrops;
- the exercise of automatic or passive rights linked to the holding;
- the participation in distribution mechanisms, where compatible with the custody system.
Each relevant event is assessed on a case-by-case basis. The Company verifies the compatibility of the exercise of the right with the custody infrastructure and with the security safeguards adopted. Where it is not possible to proceed safely with its execution, the client is given timely notice of this, together with the relevant reasons.
Transparency towards clients
Young Platform adopts a transparent and proactive approach in the management of the custody service, in compliance with the best practices of the sector. In particular:
- Each client can access in real time, through the platform’s reserved area, the updated balance of their crypto-assets, together with the history of the operations carried out.
- On a monthly basis, a summary report is made available containing the balance, the operations of the period and any further relevant information.
- At the onboarding stage, the client receives clear and understandable information on the custody model adopted, on the guarantees offered, on the security measures and on any applicable limitations, as well as on the procedures envisaged in the event of malfunction or force majeure events.
Any material changes to the operating model are communicated in a timely manner, in compliance with the principles of good faith and contractual transparency.
Service continuity and resilience
Young Platform has implemented a business continuity and disaster recovery plan specifically applicable to the custody activity, with the aim of ensuring the protection of clients’ assets and the continuation of activities even in the presence of exceptional events. The infrastructure is designed with geographical redundancy and backup systems, ensuring that the availability, integrity and traceability of the crypto-assets held in custody are fully preserved even in operational crisis scenarios.
Economic conditions of the custody service
The pricing model adopted by Young Platform is oriented towards transparency and the actual operations required by the client. No fixed custody fee is charged for the mere holding of the crypto-assets, nor is any cost charged for deposit operations. In the case of transfers to external wallets, a service fee is applied that varies depending on the crypto-asset and the blockchain network used; it is always clearly communicated before the transaction is confirmed.