Gate Technology Ltd (hereinafter referred to as the “Company”) is authorised as a Class 3 CryptoAssets Service Provider by the Malta Financial Services Authority (the “MFSA”), to provide:
- the custody and administration of crypto-assets on behalf of users;
- the operation of a trading platform for crypto-assets;
- the exchange of crypto-assets for funds or other crypto-assets (dealing on own account); - the execution of orders for crypto-assets on behalf of users;
- transfer services for crypto-assets on behalf of users.
The Custody Policy of the Company (hereinafter referred to as the “Policy”) aims to provide an understanding of the custody solution for crypto-assets and FIAT currency (collectively, “Custody Assets”). This Policy forms an integral part of the User Agreement.
The Company outlines the approach to custody management, and list procedures and controls for safekeeping, accountability, backup, recovery, and reconciliation. The Policy complies with the framework under Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MiCA) and other applicable laws.
1.General Principles
The General Principles set out in the Custody Policy are the following:
-
Segregation: Custody Assets held on behalf of users are segregated from the Company’s own assets. Custody Assets are not included on the Company’s balance sheet or used for third-party transactions, investments, or proprietary trading.
-
Protection and Use: Custody Assets are safeguarded against unauthorised use, misappropriation, theft, or loss.
•Right of Ownership: Users have ownership rights over Custody Assets even when held in a common pool/ omnibus account.
-
Custody-Assets not Subject to the Rights of Creditors: Custody Assets are legally segregated from the Company’s estate and are protected from creditors in case of insolvency.
-
Delegation & Outsourcing: The Company will not appoint any sub-custodians for safekeeping of crypto-assets.
-
Liability: The Company is liable for the loss of Custody Assets due to incidents attributable to the Company. The liability of the Company shall be capped at the market value of the crypto-asset that was lost – at the time the loss occurred. Incidents not attributable to the Company include any event that occurred independently of the provision of the relevant service or operations of the Company.
2.Custody Platform
The Company uses a secure wallet structure comprising hot and cold wallets for crypto-assets and designated user money accounts. The Company has implemented robust and multi-layered security measures for the storage and management of Custody Assets. Deposits and withdrawals are processed securely with multi-signature approval for large withdrawals. Security measures include multi-signature wallets, key rotation, multi-factor authentication, data encryption, and insurance protection.
3.Reconciliation and Record Keeping
Regular reconciliations are conducted between company records, user records, and distributed ledger holdings. We keep adequate records in compliance with applicable laws.
4.Operational and ICT Risks
Operational risks include human errors, process failures, and physical security risks. ICT risks include cybersecurity threats, system downtime, data integrity risks, and third-party risks. The Company employs a multi-layered cybersecurity framework, strict access controls, and a comprehensive incident response plan to manage these risks.
5.Reporting and Return of Crypto-Assets
Users receive statements of holdings at least every three (3) months and upon reasonable request indicating the balance, the value, and any transfer of Custody Assets during the period concerned. Users can access their positions on a real-time, continuous basis, via the client account user interface.
Verification protocols, secure transfer methods, and timely execution ensure the safe return of custody-assets to users.
