If you’re reading this, you might be a finance manager at a company that is looking to start getting into cryptocurrencies or digital assets. Now you have to figure out how to actually manage your company’s digital assets securely, and accurately documenting incoming and outgoing payments in cryptocurrency.
Manually generating and processing invoicing and accounting operations with crypto payments is not only incredibly time-consuming, but also highly prone to potentially expensive errors, and compliance failures.
Or perhaps you are the finance lead of a blockchain project that has grown so large, you actually have to start thinking about being audited. Your local accounting standards may require businesses to denominate payment records in fiat currencies. But what system do you use to determine the prices of cryptocurrencies in fiat at the point of payment, given the sharp fluctuations in cryptocurrency prices?
At Request, we’ve been working closely with CFOs at some of the most prominent companies in the crypto industry including a number of high-profile DeFi companies like Polygon, AAVE, and MakerDAO.
Here’s a list of some of the best practices, and apps currently used by finance managers of companies using cryptocurrencies.
1. Crypto wallets
2. Secure communication / messaging
3. Transaction monitoring
4. Crypto-friendly accounting software
5. Treasury management with crypto
6. Streamlining payment processing on multiple blockchains
1. Choosing a crypto wallet
As a CFO in a company managing digital currencies and crypto assets, one of your first priorities is setting up a secure wallet to hold your company’s digital assets.
Wallets are like digital corporate bank accounts for your company’s cryptocurrency. More importantly, crypto wallets store the public and private keys that enable you to interact with blockchain networks.
There are two categories of wallets: hot wallets and cold wallets (sometimes called “hardware wallets”). Hot wallets are connected to the internet, while cold wallets are not.
If you regularly trade crypto on an exchange or send and receive payments in crypto, you should store some portion, or “float” of your digital currency in a hot wallet. As hot wallets are connected to the internet, you can seamlessly make crypto transactions with just a few clicks on your mobile device or computer. Whatever funds are to be held in reserve, and not actively managed, or drawn down from should be held in a cold wallet for additional security.
To find out which options were preferred by the industry, we polled CFOs among our Request Invoicing’s corporate users.
As the poll indicates, the Ledger hardware wallet, and Metamask hot wallet were among the top wallet choices used by crypto CFOs. Splitting your company’s funds between both hot and cold wallets, allow you to balance between security and ease of use.
The Gnosis Safe Multisignature wallet is ideal for companies who need to set up multiple signatures where another executive or authorized signatory in the company can co-sign for each transaction above a certain threshold. Co-signing is a critical security feature that helps prevent unauthorized access to the company’s crypto assets.
Never make the multi-signature setup public, even to internal team members. This additional layer of security is critical. It prevents malicious actors from targeting multi-signature key holders. Best practice: ensure signers are all hardware wallets.
Lukas Schor, Gnosis Safe’s product lead, explains: “Gnosis Safe is a programmable account that allows for multi-signature and other policies. This provides additional security for businesses and individuals managing crypto assets. It already stores >2.5% of the entire market cap of all crypto assets”.
To access a Gnosis Safe, the safest solution is to use a hardware wallet such as Ledger or Trezor, and connect it to a hot wallet like Metamask as a way to interact with it. Even Vitalik Buterin, the co-founder of Ethereum, uses this setup to manage the funds of his public address.
Here’s how to get started:
1. Download Metamask
2. Secure this Metamask wallet as instructed
3. Connect Metamask to a hardware wallet
4. Set up a Gnosis Safe with other authorized signatories in the company
But no single wallet, or combination of wallets is a bulletproof setup. Spread your digital assets across multiple wallet types, to hedge against the risk of either one being compromised. For instance, you can use centralized wallets across different crypto exchanges like Kraken, Coinbase, or Binance. You can also consider using multiple hardware wallets connected to a hot wallet like Metamask.
For custodial wallets, licensed custodians can also be an invaluable component of asset management. More licensed financial institutions such as commercial banks are offering custody solutions. Alternatively, you can consider crypto-native custodial service providers such as Anchorage, BitGo, and Coinbase Custody.
2. Using Secure and Private Communication Channels
Even traditional companies are targets of impersonation scams that trick employees into making bank transfers to the wrong recipient. The crypto world is no different.
You avoid this by using secure and private methods of communication. Even after you have set up your crypto wallets, the way you message your co-signers matters. You don’t want your sensitive financial information to be leaked or intercepted.
Consider communicating sensitive information using apps with a disappearing messages function. That way, if someone either clones, or takes control of the phone of an authorized signatory, they won’t be able to scrape historical communications data, and they won’t be able to impersonate you easily.
Regarding the importance of security and privacy in messaging, Status founder Carl Bennetts explains: "Secure messaging and encryption is becoming increasingly important amidst countless data breaches, deplatforming, and censorship of all kinds – with Status we strive to promote the sovereignty of individuals and uphold their rights."
The right messaging app can improve the security of your communications. But it’s ultimately up to you to implement and adhere to best practices to ensure data security.
Ensure no one keeps digital records of secret codes, private keys, and passwords online. Studies have shown that centralized exchanges are hacked because someone gained access to their online password manager. Also, avoid sending such confidential information online, no matter the messaging app.
Basic data hygiene practices such as not connecting to public WiFi hotspots, or using a VPN are also crucial.