The vast majority of Coinbase client cash is stored in FDIC-insured bank accounts and U.S. government money market funds to keep it safe and liquid. Like all assets on Coinbase, we hold client cash 1:1 and your assets are your assets. We do not lend or take any action with your cash unless you specifically instruct us to.
And we take additional steps to ensure client cash is always secure. We use three categories of controls which are overseen by our finance team and risk committees:
Books and records
Risk management
Business continuity
Books and records
We properly segregate and maintain separate accounts for our corporate cash and client cash. There’s never a situation where customer assets could be confused with corporate assets. Our corporate cash sits in bank accounts titled “Coinbase Inc.” (or another Coinbase entity).
Client cash (plus some cash we contribute for operational reasons) sits in accounts titled “Coinbase Inc. FBO its clients.” The “FBO” means “for the benefit of” and tells our partner banks the cash belongs to our clients.
Client funds are stored in omnibus FBO accounts and we maintain internal ledgers as an official record of how much cash each client holds. These records enable us to secure pass-through FDIC insurance for our customers (up to $250,000 per customer, per bank).
Coinbase’s cash management practices are subject to regulatory review, third party independent audit, and internal audit. Various state banking departments examine Coinbase Inc.’s cash management and regular examination is a condition of having a money transmitter license. Coinbase’s Internal Audit team performs periodic internal audits over Prime and custody operations, including cash management and supporting systems, and Coinbase engages an independent third-party auditor to perform periodic SOC 1 Type II attestations of Coinbase Prime Brokerage. The SOC 1 Type II reports produced cover customer cash management controls. Additionally, our financial statements and disclosures, as a whole, are available through periodic filings on a quarterly basis, and compliant with annual audit requirements of Article 3 of Regulation S-X.
Risk management
We have policies and procedures that dictate where we deposit client cash, how much we put in each bank in aggregate, and how much we can hold in each bank per customer.
We regularly conduct thorough reviews of counterparty risks, including of the banks we use. We dynamically manage our deposit limits per bank at the aggregate level. A list of the insured depository institutions at which Coinbase deposits customer funds can be found here.
While we can deposit up to $250,000 per customer, per bank and receive FDIC insurance protection for our customers, we have internal limits that reduce exposure further. Our procedures have been developed to ensure that if one of our bank partners failed, our internal ledger records would tell the FDIC exactly how much of each FBO account belongs to each client. Our systems automatically reconcile that ledger to bank statements daily.
If a client gives us more than we allocate to these banks, we sweep, each day, the excess into U.S. government money market funds. These funds invest in high-quality, short-term securities issued or guaranteed by the U.S. government. The funds comply with Investment Company Act Rule 2a-7, which means at least 10% of their assets can be converted to cash in one day. In fact, about 80% of the funds’ assets have daily liquidity. And, again, the investments are in accounts titled “Coinbase Inc. FBO its clients,” so everyone knows these are client assets.
Business continuity
At Coinbase, prudent risk management is at the core of our business and product design and we plan for business continuity in the event of bank partner service disruptions. We regularly conduct thorough reviews of counterparty risks, including of the banks we use. While we have confidence in our bank partners, we do have contingency plans and redundant payment rails to ensure we could continue to serve our clients and provide them access to their cash stored with Coinbase in the event we encountered changes with our bank partners.