When you buy Bitcoin on an exchange and leave it there, you do not hold Bitcoin. You hold a claim against the exchange. The exchange holds the Bitcoin. This distinction is not a technicality – it is the foundational principle of Bitcoin ownership, and understanding it is the starting point for thinking clearly about custody.
The history of cryptocurrency exchange failures makes this concrete rather than theoretical. Mt. Gox, once the world’s largest Bitcoin exchange, collapsed in 2014 with approximately 850,000 Bitcoin belonging to customers. FTX, at the time of its collapse in late 2022 one of the world’s largest crypto exchanges, wiped out billions of dollars in client assets. In both cases, and in numerous smaller incidents, the mechanism was the same: clients believed they held Bitcoin, but what they actually held was a claim against an entity that failed. When the entity failed, the claims were worth far less than the Bitcoin they represented.
Understanding this distinction is the starting point for thinking clearly about Bitcoin custody.
What Self-Custody Actually Means
Self-custody means you hold your own private keys. Private keys are the cryptographic credentials that control Bitcoin on the blockchain – whoever holds the keys controls the Bitcoin, entirely and directly, without any third party involved. In practical terms, self-custody typically means a hardware wallet: a physical device designed to store private keys in an offline environment where they cannot be accessed by internet-connected systems.
Hardware wallets sign transactions when you want to send Bitcoin, but the keys themselves never leave the device in a form that could be intercepted. This removes counterparty risk entirely. There is no exchange that can fail. There is no custodian that can freeze your account. There is no third party whose financial health is relevant to your access. The Bitcoin is yours in the most direct sense available within the technology.
The tradeoff for this directness is full personal responsibility. If the device is lost, destroyed, or stolen – and if you have not properly backed up the recovery seed – the Bitcoin may be unrecoverable. The seed phrase, typically a sequence of twelve or twenty-four words generated when the device is set up, is the ultimate backup and the ultimate vulnerability. Anyone who obtains the seed phrase can recover your Bitcoin to a new device and claim full control. Anyone who loses the seed phrase cannot recover it by any means. Done with genuine care, documented procedure, and multiple secure backups in separate locations, self-custody is the most robust form of Bitcoin ownership available to an individual investor. Done carelessly, it introduces risks that exchange custody simply does not create.
What Exchange Custody Looks Like
When Bitcoin sits on an exchange, the exchange is the custodian. You have an account, a balance, and access credentials. You can log in and see your Bitcoin balance. But the private keys are held by the exchange, and your access is contingent on the exchange remaining operational, solvent, honest, and legally accessible.
For smaller amounts or short time horizons – while you are building familiarity with the asset or before you have established a custody arrangement you are comfortable with – exchange custody is a reasonable starting point. Licensed South African exchanges operate within a regulatory framework that includes client asset segregation requirements, which means your Bitcoin should not be commingled with the exchange’s own assets. That is a meaningful protection compared to unlicensed exchanges.
The consideration that grows in importance as a holding grows is counterparty risk. Even a well-run, licensed exchange represents a dependency – on their continued operation, their security infrastructure, their governance, and the regulatory environment in which they operate. For a position you intend to hold for years, that dependency is worth evaluating against the alternatives.
South African investors have an additional consideration: exchange control. Bitcoin held on a foreign exchange sits in a cross-border context that involves the Reserve Bank’s capital flow regulations. Bitcoin held in your own local custody is a cleaner picture for exchange control purposes.
Regulated Third-Party Custody: The Institutional Option
Between self-custody and exchange custody sits a third option that is particularly relevant for larger holdings, companies, trusts, and investors who want institutional-grade security without the full operational complexity of managing private keys themselves.
Regulated third-party custodians are licensed entities that hold Bitcoin on behalf of clients with professional security infrastructure, legal separation of client assets from the custodian’s own balance sheet, and documented governance around access and transactions. The analogy is closer to a bank vault than to either a home safe or a bank current account. Client assets are segregated. The custodian cannot lend, trade, or commingle your Bitcoin with their own funds. And the arrangement is governed by a legal and regulatory framework that provides recourse if something goes wrong.
Multi-signature custody arrangements go a step further by structuring transactions so that no single party – including the custodian – can move Bitcoin unilaterally. In a 2-of-3 multi-signature setup, three keys exist and any two must co-sign a transaction for it to be valid. This means the custodian holding one key cannot move your Bitcoin without your participation. You holding one key cannot move Bitcoin without the custodian’s co-signature. The third key provides a recovery path if one of the first two is lost. This structure eliminates the single point of failure that both pure self-custody (where losing one device can be catastrophic) and exchange custody (where the exchange holds all keys) create.
Which Option Is Right for Your Situation
The right custody arrangement depends on the size of the holding, the time horizon, the legal entity through which Bitcoin is held, and the investor’s technical confidence and operational capacity.
For smaller positions held over shorter time horizons – the early stages of building a Bitcoin allocation – a licensed exchange provides reasonable security with minimal operational complexity. The licensing matters: a licensed South African exchange with client asset segregation is meaningfully different from an unlicensed one. For growing positions with multi-year time horizons – particularly for investors who have made a deliberate decision to hold Bitcoin as a long-term savings vehicle – the question of custody deserves more careful consideration. Self-custody is the most direct form of ownership but requires operational discipline that not every investor is prepared or suited to maintain consistently. Regulated third-party custody with a multi-signature structure provides institutional-grade security without requiring the investor to manage every operational detail.
For Bitcoin held through companies or trusts, the custody question intersects with governance. A company holding Bitcoin needs custody arrangements that are consistent with its governance structure – no single director acting unilaterally, documented procedures for transactions, and an arrangement that survives changes in key personnel. A multi-signature arrangement through a licensed custodian addresses these requirements in a way that pure self-custody or exchange custody generally does not.
The Custody Decision Is Not an Afterthought
The custody question is inseparable from the Bitcoin investment decision. Deciding to hold Bitcoin and then figuring out where to keep it as an afterthought leaves open the most practically consequential risk in the whole picture – not that Bitcoin will decline in value, but that the Bitcoin you hold might become inaccessible or lost through a custody failure you did not anticipate. The custody arrangement should be as deliberate as the investment decision that precedes it.
This article is for general educational purposes only and does not constitute financial, legal, tax, or exchange control advice. The right course of action depends on your own circumstances and professional advice where needed. SimplB is an FSCA-licensed Bitcoin service provider offering regulated multi-signature custody. Contact us to discuss your custody options.
