As many readers will know, the digital asset sector remains highly dynamic, mainly driven by its relative immaturity and the pace of innovation across infrastructure, custody and operating models. However, whilst innovation has created opportunity, it has also created new categories of risk that don’t sit comfortably within traditional insurance frameworks. High profile hacks, frauds and litigation continue to demonstrate this and while controls have improved materially, the industry still struggles with one critical challenge: what happens when normal operations break down. From an insurance perspective, this gap exposes a significant structural issue. Crypto insurance is still often underwritten on the assumption that loss unfolds slowly and can be assessed after the event. The key issue here, as many of you might realise, is that digital assets simply do not behave in a way that supports that assumption. In this world, assets move at blockchain speed, (almost real time), transactions are potentially irreversible and recovery windows can close within minutes. In this environment, time itself becomes a risk factor. This mismatch between the speed at which crypto losses occur and how insurance frameworks assess them is increasingly resulting in risk being misunderstood and, in some cases, mispriced.

Much of the industry’s focus has rightly been on prevention, with custody architecture, governance, audits and segregation of duties remaining front of centre. These controls continue to be essential. However, an increasing number of losses are no longer driven purely by the absence of safeguards, but by operational and execution failures. These are the moments when wallets become inaccessible, keys are compromised, counterparties fail, or infrastructure outages prevent immediate action. In such scenarios, loss severity is not determined by what controls existed on paper, but by whether assets can be isolated, tracked and potentially recovered in real time. It is here that legacy underwriting and claims assumptions begin to show strain. With crypto crime or operational failure, waiting to investigate often means waiting too long. If live track-and-trace, freezing opportunities and specialist legal action are not engaged immediately, incidents that are potentially recoverable in their early stages frequently become total losses. Recovery in this context is not a post-event exercise, but a race against the clock. This dynamic creates a clear underwriting issue. Recovery capability and response speed now directly influence loss severity and ultimate insured outcomes. They can no longer be treated as considerations that sit solely within claims handling, instead they are becoming increasingly material variables that are beginning shape both exposure and pricing. As a result, greater focus is being placed on specialist recovery capability within the crypto ecosystem. Firms operating in incident response and on-chain recovery are increasingly viewed as part of the loss mitigation infrastructure itself, rather than as a post-incident add-on once losses have already crystallised.

In practice, this work takes place at the transactional and protocol level, where speed, automation and coordination determine whether an incident can be contained. Circuit is one example of a specialist operating in this space, helping to limit losses and track assets in real time during live incidents. From this perspective, closer coordination between insurers, brokers and technical recovery providers is becoming increasingly important as the market matures: “That is why we see value in being part of the Howden ecosystem, ensuring that those working to advance the security and maturity of the market have access to the best tools and methods. Howden’s role in facilitating these conversations is a net benefit to every member.” In addition to this, and from a recovery standpoint, specialists working at the coalface of crypto incidents consistently observe that the likelihood of recovering assets degrades rapidly in the first hours and days following an event. Harry Donnelly from Circuit points to the Kelp DAO incident as a clear illustration of this dynamic:

“The Kelp DAO drain is a clear example of this problem. The protocol froze its contracts 48 minutes after the first transaction, which is fast by human standards. In that window, the attacker moved roughly $196 million into Aave, ran parallel strategies across three lending markets and two chains, and locked in positions that still cannot be liquidated......The good news was that Arbitrum’s Security Council successfully froze $71 million that was still within the network’s reach 58 hours after the exploit. However, this was a partial recovery and a rare protocol-level intervention. From an underwriting standpoint, this is what matters: when a primary control fails, only automated mitigation is fast enough to limit the loss and stop it from spreading more broadly across the ecosystem. Recovery starts before the freeze, not after it.”

As brokers working closely with digital asset businesses and insurers, we are seeing submissions develop at a rapid pace. Whilst preventative controls continue to improve, underwriters are increasingly focused on different questions, including:

• what happens if core systems fail?
• how quickly can assets be moved or protected?
• is recovery dependent on individuals or manual coordination?
• who is engaged in the first minutes of an incident?

These questions increasingly go to the heart of loss behaviour. Submissions that can credibly answer them are beginning to differentiate themselves across the market. On the other hand, those that cannot, may underestimate their true exposure, despite appearing robust when measured against more traditional risk metrics. As the market matures, this shift also changes the role of the broker. Beyond simply placing risk, brokers operating in the digital assets space are increasingly acting in an advisory capacity. We are spending more time helping clients align their operating models with how crypto losses actually occur, and ensuring that the right technical, legal and recovery capabilities are in place before they are needed. When done effectively, this can reduce ultimate losses, support broader coverage and improve pricing loss experience outcomes, resulting in a more sustainable framework for both insureds and insurers alike.

Whilst today’s crypto market, at roughly $2.8 trillion, remains modest in comparison to global financial markets, it is already acting as a live testing ground for the future of digital assets. The risks being exposed, speed of loss, irreversibility, operational fragility and dependency on real-time response, are unlikely to be unique to cryptocurrencies. They are structural features of any system built on tokenised infrastructure. As tokenisation expands into larger and more traditional asset classes, including funds, bonds, real estate and collateral markets, measured in the tens or even hundreds of trillions, these same risk dynamics are likely to scale with it. The shift is not just one of size, but impact as well. Failures in tokenised environments are unlikely to remain isolated; they will increasingly sit within mainstream financial systems affecting a broader set of participants. If these risks continue to be assessed using frameworks designed for slower, reversible systems, there is a real prospect of exposure being consistently underestimated. The experience of crypto points to a clear conclusion: in programmable markets, time is not just a variable, but a fundamental component of risk.

The question is no longer whether these risks will carry across, but whether the industry adapts before they do

This article first appeared in Digital Bytes (12th of May, 2026), a weekly newsletter by Jonny Fry of Team Blockchain.