Summary: Decision-makers require more than just a qualified custodian; they need a dual-control MPC that upholds the “four-eyes” principle, along with on-chain audits that ensure reserves and approvals can be verified in real time. This guide highlights the vendors truly providing these solutions in 2026, outlines practical implementation patterns, and gives you a handy punch-list to bring along for your RFPs.

Tokenization Custody Solution: Who Offers Custodial Services With Dual‑Control MPC Plus On‑Chain Audits?

When it comes to tokenization programs, the dangers go beyond just someone stealing a private key. We also have to worry about things like unnoticed shifts in policy, a single compromised approver, or unclear reserves backing wrapped assets and stablecoins. To really make things safe, it's a good idea to use dual-control MPC, which means you need two or more independent human approvals as dictated by policy, combined with on-chain audits. This way, you get public and machine-verifiable proofs of reserves, along with solid on-chain governance and audit trails.

Here’s a handy map that breaks down which custodial platforms are delivering the goods right now, how they’re making it happen, and some tips on how to integrate this smoothly into your stack.

What “dual‑control MPC + on‑chain audits” really means in 2026

Dual-control MPC: This is all about threshold signing, often referred to as MPC/TSS, which makes sure that at least two independent approvals are needed for sensitive operations like transfers and policy changes. Ideally, this setup includes hardware-bound factors along with a policy engine that manages limits, whitelists, and velocity. Platforms like BitGo and Coinbase Prime provide handy APIs to implement this “four-eyes” rule across wallets and portfolios. Check it out here: (developers.bitgo.com)
On-chain audits: These are public proofs that can be easily verified and come in two flavors:
- For reserves, you’ve got options like Chainlink Proof of Reserve feeds, direct address disclosures, or Merkle-tree solvency proofs. These often connect directly to token mint/burn logic, ensuring that issuance stops if the backing ever dips too low. Dive deeper here: (chain.link)
- Then there’s on-chain governance and audit trails. This involves recording policy updates and approvals on a chain or Layer-2, or using Safe modules to track changes in roles and function-level permissions. More info can be found here: (qredo.com)

Who actually offers both today?

Here’s a list of custodians and custody platforms that combine dual-control MPC (or something similar) with on-chain auditability. This means you get either reserves transparency or on-chain governance logs, plus real examples you can check out for yourself.

1) Coinbase (Prime/Custody): Dual‑control MPC and live on‑chain Proof of Reserves for cbBTC

Dual-control MPC and policy engine: Prime’s Onchain Wallet is pretty slick with its use of MPC that allows you to set up customizable consensus rules for different portfolios, address groups, transaction types, and even video approvals. You can implement the four-eyes principle here, with YubiKey + biometrics, plus mobile signers holding those MPC shards. Check out more details here.
On-chain reserves: Coinbase has a handy cbBTC Proof-of-Reserves page that shows live BTC reserve addresses alongside the total cbBTC supply on the network. As of January 5, 2026, there were 76,163.86 BTC in reserve compared to 76,153.04 cbBTC floating around on Ethereum, Base, Solana, and Arbitrum. The cool part? This page gets updated in real-time. You can dive into it here.
Best fit: This setup works best for enterprise wrappers/bridges and tokenized products that need to prove their 1:1 backing to external parties and DeFi protocols. The PoR page is your go-to reference, while policies and approvals are handled in Prime for those dual-control operations. More info is available here.

2) BitGo Bank & Trust, N.A.: Policy‑driven MPC plus PoR tooling and WBTC‑style on‑chain transparency

Regulated status: In December 2025, BitGo got the green light from the OCC to turn its South Dakota trust into a federally chartered national trust bank (now known as BitGo Bank & Trust, N.A.). This means custody is now under uniform federal supervision--great news for tokenization projects that have bank-grade requirements. (bitgo.com)
Dual-control MPC and policy engine: BitGo wallets utilize threshold signatures (which you’ll see referred to as MPC in the documentation) and come with a policy engine. This setup can require two or more admin approvals for withdrawals and lock changes, and any pending approvals are enforced via API. (developers.bitgo.com)
On-chain audits: BitGo offers a Proof-of-Reserves framework that encourages the disclosure of public addresses and third-party validation. For wrapped assets like WBTC (where BitGo is the custodian), backing is inherently on-chain through disclosed BTC addresses and on-chain supply. (developers.bitgo.com)
Best fit: This is ideal for institutions looking for bank-supervised custody along with PoR patterns (like public address sets or oracle-based PoR) for tokenized or bridged assets. (bitgo.com)

3) Crypto Finance (Deutsche Börse Group): Custodian with live Chainlink PoR for ETP reserves

What’s new: Back in September 2025, Crypto Finance launched Chainlink Proof of Reserve for nxtAssets’ physically-backed BTC and ETH ETPs. They started publishing reserve verification on Arbitrum through the Chainlink Runtime Environment. This means investors can now independently check that the assets held in custody actually back the outstanding ETP shares. (disruptionbanking.com)
Why it matters: This is a solid example of a regulated custodian putting reserves on-chain for a traditional security wrapper. It sets a useful precedent for tokenized funds that need verifiable backing and for products listed on exchanges. (disruptionbanking.com)

4) Backed Finance (Tokenization issuer working with custodians): On‑chain PoR with third‑party auditor data

The model: Backed’s tokens, like tokenized treasuries and funds, publish Chainlink Proof of Reserves (PoR) updates approximately every 24 hours. The Network Firm steps in to access custody bank accounts and pushes the reserve data on-chain using Chainlink. This whole “auditor-to-oracle” setup helps steer clear of risks that come from issuers self-attesting. Check it out here: (docs.backed.fi)
Where it fits: If you’re looking to link your tokenization program’s mint and burn operations to a PoR feed that includes reliable data from an independent auditor--rather than just a random blog post--this blueprint has been tried and tested. More info here: (docs.backed.fi)

5) Wenia (Bancolombia Group): Stablecoin with PoR‑gated minting, live today

COPW makes its reserves available on-chain through Chainlink’s Proof of Reserves (PoR), which is seamlessly integrated into the minting process. This setup helps prevent any potential “infinite mint” situations. Plus, Harris & Trotter conduct audits to provide an additional off-chain layer of security. This creates a solid, real-time PoR-secure-mint framework that's perfect for banks looking to roll out fiat-backed tokens. (prnewswire.com)

6) Qredo (decentralized custody network): On‑chain governance and audit logs with dMPC

Governance and auditability: Qredo keeps track of governance policies, whitelists, and any changes in a way that can't be altered on the QredoChain. This means you can easily follow on-chain audit trails for approvals and role changes. Their dMPC (which stands for consensus-coordinated MPC) is built to eliminate any single vendor failures, and they even provide exportable logs for compliance. Check it out here: (qredo.com)
Fit: This is perfect for teams that need on-chain operational auditability and detailed, codified approvals across their portfolios. Think of managers juggling tasks in both CeFi and DeFi, or those working across various chains that have to adhere to institutional governance. Learn more here: (qredo.com)

7) Cobo Custody + Cobo Argus: MPC custody plus on‑chain RBAC and Safe‑based audit trails

Custody + policy engine: Cobo has got you covered with their licensed custodial and MPC wallets, all backed by a robust risk/policy engine. Think limits, whitelists, and multi-user approvals to keep everything secure. Check it out here.
On-chain auditability: Say hello to Cobo Argus! This service takes Safe{Wallet} up a notch with on-chain role-based access controls and parameter-level permissions. Every little change in permissions and any DeFi interaction gets logged on-chain through Safe modules. This way, you’ve got a clear, auditable trail showing who did what and when. More details can be found here.
Fit: When it comes to tokenized products that need to interact with DeFi treasuries, Cobo makes sure everything’s on point with strict, on-chain governance. They’ve got function-scoped roles for AMM deposits and borrow limits, ensuring your assets are kept safe under MPC custody with dual-control off-chain policies. Check it out here.

8) Anchorage Digital (federally chartered crypto bank): Dual‑control governance; reserves transparency for issued products

Dual control and governance: Anchorage has introduced a quorum-based internal approval system for governance participation and staking, all while keeping your assets safe in custody. This is super handy for taking part in protocol votes without having to move your assets to hot wallets. Check it out here.
Reserves reporting: In partnership with Ethena Labs, Anchorage issues USDtb and rolls out monthly reserve attestations by Deloitte, which are off-chain. This works alongside on-chain supply visibility. It’s perfect for those bank-grade programs that need both audited reports and transparent on-chain data. Learn more here.

9) Zodia Custody (Standard Chartered‑backed): MPC via Dfns + exchange‑mirror Interchange; PoR‑friendly workflows

Key tech: Zodia combines Dfns MPC with policy-driven entitlements and governance quorums. Meanwhile, Interchange allows assets to stay at the custodian while reflecting balances on exchanges. This setup works well with PoR workflows, where exchanges and custodians can reconcile in real-time. (dfns.co)

Practical architectures you can deploy now

Here are three repeatable patterns we use with our clients. Each one makes sure we have dual-control MPC in place and provides clear on-chain evidence.

Pattern A -- Wrapped/bridged asset with live PoR and dual‑control approvals

Custody: For the underlying reserves, we’re looking at Coinbase Prime or BitGo Bank & Trust; plus, we’ve got dual-control MPC enforced through a policy engine. Check out more details here.
On-chain audits:
- Option 1: We can disclose the direct address and have a live Proof of Reserves (PoR) page, which follows the cbBTC model. The mint/burn contract references a public registry of reserve addresses and checks against a Chainlink PoR feed or reads through Coinbase’s PoR endpoint via an oracle. More info can be found here.
- Option 2: Alternatively, we have the Auditor-to-oracle PoR (Backed model). An independent auditor will read the custodian accounts and publish the findings to Chainlink; if the reserves fall below the supply or there's a deviation beyond a certain threshold, minting stops. You can dive deeper into this here.
Governance: We’ll need at least two human approvers to kick off and sign any rebalancing transfer from the reserve wallets. Also, we’ll have an emergency pause feature that needs a distinct quorum to activate. For more details, check this out here.

Pattern B -- Tokenized fund/ETP with regulated custody and on‑chain reserve proofs

Custody: Crypto Finance, part of Deutsche Börse Group, is taking care of BTC and ETH. The issuer, like nxtAssets, keeps things transparent by publishing on-chain Proof of Reserve using Chainlink CRE on Arbitrum. This means investors can check the backing of their ETPs in real time. Plus, by using dual-control MPC workflows, any creation or redemption actions are super secure. (disruptionbanking.com)
Bonus: If you're looking to distribute across chains, make sure to include CCIP or native bridges only after setting up the Proof of Reserve. This helps to prevent minting on chains that aren't supported. (chain.link)

Pattern C -- DeFi‑active treasury with on‑chain operational audit trail

Custody: Check out the Cobo Custody MPC for keeping your assets safe and setting up policy rules like velocity, whitelists, and approver groups. You can learn more here.
On-chain Governance: With Cobo Argus and its Safe module, you can clearly define roles at the function and parameter level (for example, “role X can add liquidity up to N, but only to allow-listed pools”). Plus, all role grants and policy changes are logged right on-chain. Dual-control MPC gates make sure transfers back to custody or to exchanges are secure. To dive deeper, check out the details here.

12 best emerging practices we’re seeing from leading tokenization teams

Tie minting and burning directly to Proof of Reserves (PoR) in the code. Use Chainlink PoR feeds to control minting instead of just throwing up a dashboard. This approach is already in action for stablecoins like Wenia’s COPW and wrapped assets. (prnewswire.com)
Opt for auditor-sourced PoR data. Backed routes reserve checks through an independent auditor to Chainlink oracles, which helps cut down the risks from self-attestation that third-party analyses have highlighted. (docs.backed.fi)
Implement dual-control at two levels. Make sure to have a four-eyes policy in the custodian’s policy engine (like BitGo or Coinbase) and also in the smart-contract layer (multi-sig governor or Safe module). This way, no single compromised identity can mint or redeem on its own. (developers.bitgo.com)
Share addresses or feeds instead of just PDFs. For wrapped BTC, check out Coinbase’s cbBTC page that openly shows addresses and supply by network for real-time reconciliation. Go for feeds that trigger updates based on set thresholds (like a 1-10% deviation) to steer clear of outdated data. (coinbase.com)
Encode role-based permissions directly on-chain. Safe-based RBAC from Cobo Argus gives you a permanent audit trail showing who can call which function and when--making it a gold standard for internal controls testing. (docs.cobo.com)
Use decentralized Multi-Party Computation (dMPC) when independence is crucial. Qredo's consensus-driven MPC takes away the risk of having a single vendor control your keys and keeps governance changes on-chain--great for setups with multiple managers. (support.qredo.com)
If your board raises questions, prefer bank-supervised custody. BitGo’s status as an OCC-chartered national trust bank (along with Anchorage’s federal charter) makes conversations with regulators easier for larger issuers. (bitgo.com)
Display daily collateral composition for fiat-like tokens. Under MiCA, SG-Forge is sharing collateral info for EURCV/USDCV; pair this with oracle-published feeds as the markets evolve. (sgforge.com)
Build emergency “kill-switches” into both policy and code. Set PoR thresholds to automatically pause minting, and for wallet actions, require video approvals or a higher quorum for those “break-glass” scenarios. (chain.link)
Go for modern Threshold Signature Schemes (TSS). Libraries like FROST (for EdDSA) and new Schnorr TSS such as Arctic streamline the process and enhance signer user experience--super helpful for frequent operations. Ask your vendors which protocols they’ve adopted. (dfns.co)
Get ready for a post-quantum world. Research on Threshold ML-DSA from JPMorgan and others shows how MPC can adapt to PQ signatures, ensuring your long-term RWAs are future-proof. (eprint.iacr.org)
Insist on exportable logs. Whether it's from Qredo’s L2, Coinbase Prime activity, or Safe module events, make sure you get machine-readable exports for SOC/ISO audits and for testing your internal controls. (qredo.com)

2026 buyer’s short‑list: who to pilot for which job

Looking to set up a public PoR page for a wrapped or bridged token today? Check out the way Coinbase has done it with cbBTC. You can also take a look at Prime’s consensus rules. If you prefer, you might want to consider implementing Backed's auditor-driven PoR design with whichever custodian you choose. (coinbase.com)
Thinking about tokenizing an ETP or fund for public markets? Take inspiration from Crypto Finance and nxtAssets. They’ve got a solid setup that includes regulated custody, Chainlink PoR on Arbitrum, and dual-control policies for handling creations and redemptions. (disruptionbanking.com)
Want a DeFi-active treasury with in-contract controls? Check out Cobo Custody and Argus! They let you encode role scopes on-chain, while also keeping MPC and policy engines off-chain for smooth cash management. (docs.cobo.com)
Need some bank-grade custody with MPC and a policy engine? Look into BitGo Bank & Trust, N.A. and Anchorage as solid options. If you're after a bank-backed model, you can also consider adding Zodia (which uses MPC via Dfns) when Interchange workflows come into play. (bitgo.com)

Implementation checklist (drop into your RFP)

Security and Approvals

Make sure to implement dual-control--this means having at least two human approvers--when it comes to: policy edits, withdrawals over X, minting/burning, and key shard rotations. Also, don’t forget to require hardware-bound factors. You can find more info here.
It’s a good idea to find out which MPC/TSS protocol is being used (for instance, FROST for EdDSA chains). Ask about the number of rounds per signature and how they’re binding the devices. Check out this link for more details: dfns.co.

On-Chain Auditability

First off, make sure you have a solid Proof of Reserves (PoR) mechanism in place:
- You can go for direct address disclosure along with a real-time dashboard, or
- Opt for an Oracle-based PoR that uses data from auditors and includes mint gating (think "secure mint"). Check it out here.
If your treasury is dabbling in DeFi, be sure to request Safe-based modules (or something similar) that come with on-chain Role-Based Access Control (RBAC) and the ability to export event logs. More details can be found here.

Regulatory/Operational

Make sure to confirm the charter and jurisdiction (like whether it’s an OCC-chartered national trust bank or governed by federal/FINMA/NYDFS). It’s also a good idea to sync up with your auditor’s take on what qualifies as a “qualified custodian.” (bitgo.com)
Don’t forget to request the SOC 2 Type II and ISO 27001 certifications, along with details on how they handle change management and incident response in connection with on-chain logs. (cobo.com)

Tokenization Lifecycle

It's important to have mint/burn hooks connected to the PoR feeds, along with some emergency pause conditions in place.
We should lay out the SLAs for creation and redemption, plus figure out how we'll manage dual-control approvals through the API (think bulk approvals and time-locks). Check this out for more details: (help.coinbase.com)

Reporting

You can grab exportable approval logs and PoR history (like chain links and block numbers) that are perfect for your external audit workpapers. Check it out on qredo.com.

Common pitfalls and how to avoid them

So, you say, “We do audits”--but let’s be real, nothing's actually on-chain. What you really want are feeds and contracts that you can plug right into your protocols, not just some PDFs or marketing fluff. Check out Coinbase’s cbBTC page or Backed’s PoR documentation for a solid example.
When it comes to self-attested PoR, a heads-up: some of these feeds still lean on issuer APIs. It’s better to stick with data from auditors or verified custodians. If you absolutely have to start with self-attestation, make sure you've got a plan to transition to third-party sourced feeds down the road. For more info, take a look at this piece from Coindesk.
And about those single-layer approvals: one compromised admin should never have the power to mint, move, or change policies on their own. It’s crucial to have dual control both in your wallet policy engine and on-chain governance. Dive deeper into this with the info available at BitGo’s developer docs.

Roadmap watch

Banks are getting on board: OCC trust charters for digital-asset custodians, like BitGo, are paving the way for bank-grade tokenization in the U.S. We can expect more issuers to want bank-supervised custody along with on-chain Proof of Reserves (PoR). Check it out here.
PoR “secure-mint” is becoming essential: More stablecoins, wrappers, and tokenized funds will likely make minting dependent on oracle-verified reserves. COPW and cbBTC are leading the charge! You can read more about it here.
Speedy threshold signatures and PQ-readiness: The uptake of FROST/Arctic TSS, along with research on threshold ML-DSA, suggests we're looking at quicker latency in multi-party computation (MPC) and robust cryptographic resilience for real-world assets (RWAs). Get the details here.

How 7Block Labs can help

We take care of everything from start to finish when it comes to these architectures: MPC wallet policy models, PoR-gated token contracts, Safe modules for on-chain RBAC, and hooking up with custodians’ APIs for creating and redeeming tokens. If you're looking to quickly compare vendors, we can set up a sandbox that moves reserves on-chain, enforces dual control across both layers, and generates audit-ready logs in less than four weeks.

When you're looking to get ahead, we've got your back with some solid options to consider:

Coinbase Prime (features a policy engine + the cbBTC Proof of Reserve pattern)
BitGo Bank & Trust (offers bank-grade MPC + Proof of Reserve)
Crypto Finance (provides regulated custody + on-chain Proof of Reserve for ETPs)

Learn more about these options here.

References you can check right now

Check out Coinbase's cbBTC Proof‑of‑Reserves, which shows live addresses and supply by network. You can find it here.
BitGo has some exciting stuff going on with its OCC‑chartered BitGo Bank & Trust N.A. They’ve got an MPC/TSS policy engine and detailed PoR developer docs. Dive into it here.
Crypto Finance teamed up with nxtAssets to bring Chainlink PoR for ETP reserves on Arbitrum. Check out the full story here.
Backed Finance is all about that auditor-to-oracle PoR architecture and keeping things fresh with their update cadence. Learn more here.
Wenia, part of the Bancolombia group, is using PoR-gated mint for COPW with third-party audits. Read the details here.
Qredo is making waves with its on-chain governance and audit logs for dMPC. Discover more here.
Cobo Argus features a safe-based on-chain RBAC and auditability, along with a solid custody policy engine. Get the scoop here.
Anchorage Digital is shaking things up with quorum-based approvals for governance and staking, plus monthly reserve attestations for USDtb by Deloitte. Find out more here.

Looking to kick off a PoR-gated tokenization pilot with dual-control MPC? We’ve got you covered! We can take you from outlining your requirements to having a fully functional, auditable prototype up and running in just one sprint.