Safeguarding digital assets

Strategies for loss prevention, mitigation, and recovery

As digital assets increasingly become an integral part of the financial services industry, managing the associated risks with confidence is essential. While the digital asset landscape presents unique and evolving challenges, organisations can effectively safeguard their holdings through a comprehensive approach that combines prevention, mitigation, and recovery strategies — supported by tailored insurance solutions.

1. Prevention and mitigation: Building resilience through layered controls

A multi-layered defence strategy is essential for managing digital asset risks effectively. This involves combining advanced cryptographic custody models — such as multi-party computation (MPC) and multi-signature wallets — with technical controls such as real-time transaction monitoring and automated incident response capabilities. These significantly reduce exposure to both external cyberattacks and insider threats by enabling swift detection and protective action before losses occur.

Some technology providers exemplify this approach by offering tools that enable automated detection and rapid protective actions, reducing reliance on human intervention and speeding up response times in fast-moving threat scenarios.

Operational governance remains a critical pillar. Segregation of duties, quorum controls, and strong operational policies help mitigate risks from social engineering, insider collusion, and human error, which continue to be significant contributors to digital asset losses. Continuous risk assessment and adaptive controls aligned with evolving threat vectors and custody architectures are necessary to maintain effective prevention. This includes regular reviews of transaction limits, approval workflows, and vendor security postures.

Key takeaway: Embedding a defence-in-depth approach that integrates technical, operational, and procedural safeguards significantly reduces the likelihood and impact of digital asset loss events.

2. Incident response and recovery: Coordinated action to maximise value

Despite best efforts in prevention, incidents involving stolen or inaccessible digital assets can still occur. Recovery in such cases is complex but achievable through coordinated forensic investigation, timely legal actions, and collaboration with exchanges and law enforcement agencies. The window for effective recovery is often narrow, making preparedness and rapid response critical.

Legal remedies such as proprietary injunctions and worldwide freezing orders can halt illicit asset movement and facilitate recovery. Success depends on swift legal action, jurisdictional agility, and the cooperation of exchanges with court orders and law enforcement. Organisations should develop and regularly test incident response playbooks that enable rapid mobilisation of forensic, legal, and risk management resources. This ensures seamless coordination under pressure, helping to contain losses and optimise recovery prospects.

Key takeaway: Prioritising planning and regularly exercising comprehensive incident response planning enables organisations to act decisively and improve recovery outcomes while minimising operational disruption.

3. Insurance as a strategic risk transfer solution

Insurance complements technical and operational controls by transferring residual risks such as theft, fraud, key loss, and certain legal expenses, thereby providing essential financial resilience. It should be viewed as a strategic enabler within a holistic risk management framework rather than a standalone solution.

Underwriting considerations include transparent risk disclosures, governance maturity, and robust security controls. Clear articulation of potential attack vectors and relevant controls, wallet architecture, and operational policies is critical to securing meaningful coverage and capacity.

While full one-to-one asset coverage is often impractical due to market capacity constraints and asset volatility, insurance policies can be structured to cover maximum probable losses and support coordinated claims handling, including legal and forensic costs.

Key takeaway: Integrating insurance as a core component of digital asset risk management strengthens overall resilience and risk transfer capabilities.

Looking ahead

It remains imperative for organisations engaging with digital assets to adopt a holistic risk management framework that balances prevention, mitigation, and recovery — underpinned by tailored insurance solutions. Marsh’s Digital Asset Risk team acts as a trusted risk advisor, fully understanding your unique risks and how they interact with your systems and controls, while holistically assessing insurability. Leveraging deep market relationships and technical expertise, Marsh designs bespoke programmes precisely tailored to your risk profile, helping you navigate this complex landscape with confidence and agility.

By embedding layered technical controls, robust operational governance, coordinated incident response plans, and strategic insurance programmes, organisations can significantly reduce exposure to loss and improve recovery outcomes. Maintaining agility and preparedness is key to managing these complex risks effectively as the digital asset ecosystem continues to develop.

For further information on how Marsh can support your digital asset risk management and insurance needs, please contact Marsh below.

To learn how our digital assets team can support your organisation with risk transfer solutions, send an enquiry

Factory worker doing inspection in factory

Article

Safeguarding digital assets

Strategies for loss prevention, mitigation, and recovery

1. Prevention and mitigation: Building resilience through layered controls

2. Incident response and recovery: Coordinated action to maximise value

3. Insurance as a strategic risk transfer solution

Looking ahead

To learn how our digital assets team can support your organisation with risk transfer solutions, send an enquiry

Our people

Dhiren Harji

Related insights

HSE prosecutions: will your D&O insurance protect you?

Solutions from Marsh Specialty UK

Balancing growth and risk: Strategies for mid-tier accountancy firms

The rise in UK securities litigation: a D&O coverage and placement perspective

Marsh.com Sign in

Safeguarding digital assets

Strategies for loss prevention, mitigation, and recovery

1. Prevention and mitigation: Building resilience through layered controls

2. Incident response and recovery: Coordinated action to maximise value

3. Insurance as a strategic risk transfer solution

Looking ahead

To learn how our digital assets team can support your organisation with risk transfer solutions, send an enquiry

Our people

Dhiren Harji

Related insights

HSE prosecutions: will your D&O insurance protect you?

Solutions from Marsh Specialty UK

Balancing growth and risk: Strategies for mid-tier accountancy firms

The rise in UK securities litigation: a D&O coverage and placement perspective