Exchange vs Self-Custody: Two Ways to Hold Crypto, Two Very Different Risk Profiles

The question of where to hold cryptocurrency is, at its core, a question about trust and control.

When you hold funds on a centralized exchange, the exchange holds the private keys. You hold a balance in their system. That balance reflects what the exchange owes you. Whether you can access it depends entirely on whether the exchange is solvent, operational, and willing to process your withdrawal. The blockchain does not know you own anything. The exchange does.

When you hold funds in a self-custody wallet, you hold the private keys. The blockchain records that the assets belong to whoever controls those keys. There is no company in the middle. There is no balance that can be frozen, seized, or reported incorrectly. There is also no customer support, no password reset, and no recourse if you lose the keys.

Neither arrangement is without risk. They carry different risks entirely.

What exchange custody actually means

A centralized exchange is a company. It operates under the laws of its jurisdiction, holds assets on behalf of customers, and can make decisions that affect your access to those assets at any time.

The most significant risk is insolvency. An exchange that has mismanaged customer funds, been hacked, or made poor investment decisions may not have the assets it claims to have. When FTX collapsed in November 2022, customers discovered that more than $8 billion in their balances did not correspond to assets the exchange actually held. The funds had been transferred to a related trading firm and spent. The balance visible in their accounts was a number in a database, not a reflection of actual holdings.

Zondacrypto, Poland's largest crypto exchange, faced a similar situation in 2026. The exchange's previous founder had disappeared with the only private key to a cold wallet holding 4,500 BTC. The current CEO pointed to that wallet as evidence of solvency, then admitted the exchange could not access it. Thousands of users could not withdraw their funds.

These are not isolated incidents. Mt. Gox, which was once the world's largest Bitcoin exchange, collapsed in 2014 after approximately 850,000 BTC in customer and company funds were lost. Celsius, Voyager, BlockFi, and others followed in 2022. The pattern in each case was the same: customers assumed their balance was real and accessible. It was not.

Exchange custody also carries risks that do not involve insolvency. Regulatory action can freeze accounts without warning. An exchange operating in one jurisdiction can be subject to legal orders from another. Withdrawal limits can be imposed during periods of stress. Your access to your own funds can be interrupted by decisions made by people you have never interacted with and have no way to influence.

What self-custody actually means

Self-custody means you generate and control your own private keys. Your assets live at a blockchain address that only you can sign transactions from. There is no company that can freeze your funds, no exchange that can go bankrupt while holding your balance, and no platform that can impose withdrawal limits.

The risk in self-custody is concentrated in a different place: you.

If you lose your private key or seed phrase, and have no backup, the funds are gone. There is no recovery mechanism, no support team, no way to appeal to the blockchain. Approximately 20% of all Bitcoin in existence is estimated to be permanently inaccessible because early holders lost their keys.

If someone obtains your private key or seed phrase, they can drain your wallet instantly and irreversibly. The blockchain does not distinguish between you and someone who holds your key. Every phishing attack, every fake wallet app, every social engineering campaign targeting seed phrases exists because of this property.

Self-custody also requires operational discipline. You need to back up your seed phrase, store that backup securely, update your security practices if you suspect a compromise, and make decisions about wallet software and hardware that a non-technical user may find difficult to navigate correctly.

How to think about the tradeoff

Exchange custody transfers risk from you to the exchange. Self-custody concentrates risk back on you. Neither transfers risk away entirely.

For small amounts you are actively trading or using, exchange custody is a practical choice that many people make. The convenience is real, and for amounts where the loss would be painful but not catastrophic, the tradeoff may be reasonable.

For larger amounts, particularly those you are not planning to trade, the risk profile of exchange custody changes. The more you hold on an exchange, the more you are exposed to the decisions and financial health of that exchange. The FTX victims who lost the most were not careless people who ignored warnings. They were users who had simply never questioned whether their balance reflected something real.

Self-custody is not automatically safer. A hardware wallet with a seed phrase stored in a photograph saved to cloud storage, or entered into a fake app, is not safer than a regulated exchange. The security of self-custody depends entirely on how it is implemented.

The decision is not which option is safe. It is which set of risks you are better positioned to manage, given your situation, your technical comfort level, and what you actually plan to do with the funds.

The difference is not just where the assets sit. It is where the risk ultimately lives.