A comprehensive reference for the Digital Asset XVA framework, risk management policies, and treasury operations methodology.
What is this?
This wiki documents the concepts, formulas, thresholds, and governance structures in the Crypto XVA™ framework — the methodology for risk-adjusting digital asset treasury positions. The framework is presented as an illustrative risk policy template using representative example portfolios, positions, and threshold values; it is not a description of any specific institution's actual holdings or parameters. It is designed for quick reference during policy development, client conversations, and Finance Committee presentations.
XVA Components
The valuation adjustments that make up the Crypto XVA framework — an open mapping from instrument, regime, and jurisdiction to active risk surfaces. Current documented components: SVA, SCVA, LCVA, DPVA, OVA, BRVA, GVA, RWVA, and OCVA.
Articles
Core Concepts
The TWAP Paradox, the Accounting Classification Trap, risk-adjusted yield methodology, and calculation approaches.
4 articles
Instruments
Approved stablecoins, tokenized treasuries & MMFs, DeFi protocols, and tokenized bank deposits with their XVA profiles and eligibility criteria.
4 articles
Risk Framework
Position limits, escalation matrix, sweep & funding operations, regulatory compliance, and governance structure.
5 articles
Treasury Policies
The Crypto Risk Management Policy at-a-glance — governance, XVA framework, limits, sweep operations, and regulatory compliance in one orientation guide.
1 article
Use Cases & Technology
Five XVA application scenarios with worked examples, plus the on-chain smart contract architecture.
2 articles
SVA — Stablecoin Valuation Adjustment
Quantifies the risk that a stablecoin de-pegs from its reference currency.
Definition
SVA captures the expected loss from a stablecoin losing its 1:1 peg to the reference fiat currency. It is the single most important XVA component for stablecoin holdings because it directly challenges the assumption that $1 USDC = $1 USD at all times.
The holding-period multiplier reflects that longer exposures increase the probability of encountering a depeg event.
Typical Values by Stablecoin
Stablecoin
SVA (bps)
Driver
Historical Reference
USDC (Circle)
18
Low depeg history, GENIUS Act compliant, MiCA EMT
Depegged to $0.87 during SVB crisis (March 2023), restored in 7 days
USDP (Paxos)
6
Tight peg, NYDFS regulated, T-Bill reserves
Minimal deviation (<0.5%) historically
PYUSD (PayPal)
22
Limited stress-test history, fintech issuer
Launched Aug 2023, limited track record
USDT (Tether)
30
Multiple depegs, improving but lagging transparency
Depegged during LUNA (May 2022) and FTX (Nov 2022)
Limits & Escalation
SVA has specific thresholds defined in the policy (§8.3):
Level
Threshold
Action
Warning
15 bps
Treasurer notification; enhanced monitoring
Hard Limit
30 bps
Position prohibited; immediate exit if existing
Calculation Method
SVA is calculated using Bayesian inference. The prior on P(de-peg) is updated with each new reserve attestation, on-chain depeg event, and issuer credit signal. For example, when Tether’s reserve attestation is 12+ days stale, the Bayesian prior shifts upward (e.g., from 1.5% to 1.8%).
Real-World Example
In the risk positions prototype, USDT shows SVA at 14.2 bps approaching the 15 bps warning threshold, driven by a 12-day-old attestation that increased the Bayesian P(de-peg) prior from 1.5% to 1.8%.
Related Concepts
Stablecoins
Accounting Trap
Calculation Methods
Limits & Thresholds
Risk-Adjusted Yield
SCVA — Smart Contract Valuation Adjustment
Captures the risk of loss from smart contract exploits, bugs, or vulnerabilities.
Definition
SCVA quantifies the expected loss from smart contract failure — whether from code exploits, logic errors, upgrade vulnerabilities, or governance attacks. Unlike traditional counterparty credit risk, this is a purely technological risk with fat-tailed loss distributions.
SCVA = P(exploit) × LGD × Notional
For the TWAP Paradox context, SCVA also has a lag component: SCVA_lag ≈ LGD × P(mismatch) × σ × √(τ), capturing the staleness risk of oracle pricing mismatches over the TWAP window.
Key Inputs
Input
Source
Typical Range
Audit score
Trail of Bits, OpenZeppelin, etc.
0.78 – 0.95
Critical findings
Audit reports
0 – 2
Months since audit
Tracking
2 – 4
P(exploit)
Bayesian posterior
0.1% – 1.0%
LGD
Historical exploit database
20% – 100%
Limits
Warning at 10 bps, hard limit at 25 bps. Escalation to Risk Committee. In the positions prototype, BUIDL carries SCVA of 8 bps (P(exploit) = 0.3%, LGD = 25%).
Related Concepts
OVA (Oracle)
TWAP Paradox
Calculation Methods
Tokenized Assets
LCVA — Legal/Custody Valuation Adjustment
Captures the risk of loss from legal uncertainty, custody structure, and regulatory change.
Definition
LCVA is the valuation adjustment for legal and custody risk — the possibility that regulatory changes, adverse legal interpretations, or custodial failures cause a loss of access to, or value of, digital asset holdings. It compounds over time, reflecting the cumulative exposure to regulatory uncertainty.
LCVA is the largest single XVA component on average across positions (18.2 bps portfolio-weighted). Key drivers include:
Pending regulatory guidance — e.g., SEC guidance on tokenized fund custody under the Investment Company Act
Custody structure — whether assets are segregated, bankruptcy-remote, and held by regulated custodians
Jurisdictional variation — different legal treatment across US, EU, Singapore, Hong Kong
Issuer regulatory status — GENIUS Act compliance, MiCA authorization, state licensing
Limits
Warning at 25 bps, hard limit at 50 bps. Escalation to CFO + Legal. In the positions prototype, BUIDL’s LCVA is at 27 bps (above warning), driven by pending SEC guidance. Outside counsel opinion expected by 18 Apr 2026.
Related Concepts
Regulatory Compliance
Governance
Escalation Matrix
Stablecoins
DPVA — NAV/Redemption Valuation Adjustment
Captures the risk that tokenized fund NAV diverges from par or redemptions are delayed.
Definition
DPVA applies specifically to tokenized assets like BlackRock BUIDL, Ondo USDY, and Franklin OnChain. It quantifies the expected loss from NAV deviation under stress and redemption delays.
DPVA = P(stress scenario) × E[NAV discount under stress]
SEC-registered fund; established manager, lower structural risk
Related Concepts
Tokenized Assets
RWVA (Redemption)
Risk-Adjusted Yield
OVA — Oracle Valuation Adjustment
Captures the risk of loss from oracle manipulation, staleness, or failure.
Definition
OVA quantifies the risk that price oracle feeds are manipulated, stale, or unreliable — leading to mispriced positions. This is the dominant risk factor during crypto stress periods and is central to the TWAP Paradox.
OVA ∝ 1 / (τ × n × f × depth)
Where τ = TWAP window, n = number of oracle sources, f = update frequency, depth = market depth. The inverse relationship with τ creates the paradox: shorter windows reduce staleness but increase manipulation risk.
Sub-Factors
Factor
Normal
Stressed
Source
Oracle deviation z-score
0.4
3.4
On-chain, ~12s latency
Oracle staleness
No
Yes (feeds delayed)
Heartbeat monitoring
Oracle redundancy
Intact (multiple sources)
Lost (single source)
Feed count
In the Liquidity Monitor
OVA carries the highest weight (30%) in the Crypto XVA Aggregate formula. In the cascade replay stress scenario, OVA surged more than 6× from baseline — the dominant driver of the aggregate breaching the critical threshold.
Related Concepts
TWAP Paradox
SCVA (Smart Contract)
Liquidity Monitor
Calculation Methods
BRVA — Bridge Risk Valuation Adjustment
Captures the risk of loss from cross-chain bridge failures, exploits, or concentration.
Definition
BRVA quantifies the risk unique to cross-chain bridges — the infrastructure that moves assets between blockchains. Bridge exploits have historically been among the largest loss events in DeFi (Wormhole: $320M, Ronin: $625M).
Warning at 20 bps, hard limit at 50 bps. Escalation to Treasurer. In the risk positions prototype, Wormhole BRVA has breached at 52 bps after TVL dropped 18% over 48h following a validator set rotation. Auto-pause triggered on new bridge transfers.
Approved bridges: Wormhole, LayerZero, CCIP (Chainlink). Maximum bridge exposure: $5M or 10% of digital portfolio.
Related Concepts
Escalation Matrix
Limits & Thresholds
Sweep & Funding
GVA — Gas Valuation Adjustment
Captures the expected cost variance from blockchain gas/execution fees.
Definition
GVA quantifies the expected transaction cost risk — that gas fees spike during periods of high network demand, increasing the cost of executing sweeps, funding operations, or emergency exits.
Typically a small component (0.5–2 bps) for Ethereum mainnet operations, but can spike during network congestion.
Limits
GVA is often combined with OVA for reporting. Combined GVA + QVA warning at 5 bps, hard limit at 15 bps. Escalation to Treasury Ops. Current worst: 2.5 bps combined.
Related Concepts
OVA (Oracle)
Sweep & Funding
OCVA (Operational)
RWVA — Redemption Window Valuation Adjustment
Quantifies the fair-value discount arising from contractually constrained redemption windows in tokenized assets.
Definition
RWVA quantifies the fair-value discount arising from contractually constrained redemption windows (including T+1 or longer queue delays), capturing the cost of time-to-liquidity impairment relative to instantaneous-redemption benchmark pricing under ASC 820 / IFRS 13. It applies to tokenized assets with defined redemption windows (T+0, T+1, T+2) and quantifies the expected cost of being unable to exit a position within the expected timeframe.
Under ASC 820 / IFRS 13, a contractually constrained redemption window is a valuation input that affects the Level-2 or Level-3 fair-value measurement of the instrument. RWVA prices this constraint explicitly into the risk-adjusted yield deduction, rather than leaving it as an undisclosed liquidity assumption buried in NAV pricing. This is distinct from DPVA, which captures NAV deviation under stress; RWVA captures the time-to-liquidity cost even when NAV is at par.
Related Concepts
DPVA (NAV)
Tokenized Assets
Liquidity Monitor
OCVA — Operational Valuation Adjustment
Captures operational risk: outages, key management failures, human error.
Definition
OCVA is the catch-all for operational risk in digital asset management — wallet infrastructure outages, key management failures, signing errors, and process breakdowns.
OCVA = P(outage) × E[delay cost]
Typically small (0.5–1.3 bps) but can become material during infrastructure incidents. Mitigated by approved service providers (Fireblocks, Coinbase Prime) with SOC 2 Type II attestations.
Related Concepts
GVA (Gas)
Governance
The TWAP Paradox
There is no oracle TWAP window that simultaneously minimises manipulation, staleness, and regime-shift risk.
Access Required — Interactive Prototype
The Crypto XVA Interactive Prototype — which renders the four TWAP Paradox curves (Φ(τ), OVA, SCVA_lag, LRVA) with live parameter controls — is available to qualified reviewers on request. You will be prompted for a password when you open it. To request access, email dm@turnhouseconsulting.com.
Core Insight
Every protocol is choosing a point on a three-way trade-off. The optimal window τ* is an interior minimiser whose location shifts with market conditions. Unlike TradFi counterparty risk, these parameters are controllable at the protocol level — creating a new kind of due diligence for institutional capital.
Stale prices create mismatch between oracle and market
Cascade/Regime-shift
LRVA(τ)
Non-monotonic (U-shaped)
Short windows amplify; long windows delay response
The Total Cost Function
Φ(τ) = OVA(τ) + SCVA_lag(τ) + LRVA(τ) + CCVA(τ)
CCVA is the correlation/non-additivity term that scales with volatility. The optimal window τ* minimises Φ and is sensitive to four controllable parameters:
Market depth — deeper markets allow shorter windows
Oracle sources (n) — more sources reduce manipulation risk
Update frequency (f) — faster updates improve freshness
Typical τ* Values
At default parameters (σ=80%, medium depth, 3 sources, 5s updates): τ* ≈ 6–15 minutes with total Φ(τ*) around 55–85 bps. Under stress (σ=200%, shallow depth): τ* compresses to 2–5 minutes.
Related Concepts
OVA (Oracle)
SCVA (Smart Contract)
Calculation Methods
The Accounting Classification Trap
A stablecoin and a T-bill can both be “cash equivalents” under ASC 230 — but they carry fundamentally different risk profiles.
Core Insight
The accounting is solved. The risk-adjustment is not. ASC 230 and IFRS equivalents can classify both T-bills and stablecoins as cash equivalents, creating an illusion of equivalence that masks materially different risk profiles. The Crypto XVA framework exists to close this gap.
The Problem
A 3-month T-bill and a USDC stablecoin holding may receive identical accounting classification, but the T-bill carries ~2 bps of XVA (sovereign credit only) while USDC carries ~60 bps (SVA + SCVA + LCVA). The headline yield spread of 5–10 bps in favor of stablecoins is often more than consumed by the XVA deduction.
Risk-Adjusted Comparison
Metric
3-Month T-Bill
USDC (Circle)
ASC 230 Classification
Cash Equivalent
Cash Equivalent
Gross Yield
4.80%
4.85%
Total XVA
2 bps
~60 bps
Risk-Adjusted Yield
4.78%
~4.25%
This is why risk-adjusted yield is the correct metric for treasury decision-making, not headline yield.
Related Concepts
Risk-Adjusted Yield
SVA (Depeg)
Stablecoins
Risk-Adjusted Yield
The true return on a digital asset position after deducting all XVA components.
Formula
Risk-Adjusted Yield = Gross Yield − Total XVA (annualized bps)
This is the central metric of the framework. It answers the question: “What is this instrument actually returning once we account for all the digital-asset-specific risks?”
Portfolio Comparison
Instrument
Gross Yield
XVA (bps)
Risk-Adj Yield
T-Bills (3m)
4.80%
2
4.78%
Stablecoins (blend)
4.90%
55
4.35%
Tokenized Deposits
5.25%
75
4.50%
DeFi Lending
7.20%
145
5.75%
DeFi lending has the highest headline yield AND the highest risk-adjusted yield, but also the widest risk band. The portfolio question is how to allocate across these instruments to maximize risk-adjusted return within position limits.
Related Concepts
Accounting Trap
Tokenized Assets
Stablecoins
DeFi Protocols
Calculation Methods
The three-tier methodology for computing XVA components: Deterministic, Bayesian, and Monte Carlo.
Franklin OnChain has the highest risk-adjusted yield (4.81%) among tokenized assets despite not having the highest headline yield — because its XVA is materially lower (24 bps vs. 42 bps for BUIDL). This demonstrates why risk-adjustment changes the ranking.
Related Concepts
DPVA (NAV)
RWVA (Redemption)
Risk-Adjusted Yield
SCVA (Smart Contract)
DeFi Protocols
Approved DeFi protocols, chains, and bridges with XVA requirements.
Continuous monitoring; Wormhole currently breached
DeFi Lending Risk Profile
DeFi lending carries the highest XVA at 145 bps (blend) but also the highest gross yield at 7.20%, resulting in a risk-adjusted yield of 5.75%. DeFi exposure is capped at 5% of the digital portfolio per §8.2.
Related Concepts
BRVA (Bridge)
SCVA (Smart Contract)
Limits & Thresholds
Tokenized Bank Deposits
Deposit tokens: single-bank liability instruments, their topology-conditional XVA profile, and their accounting treatment.
What This Category Is
A tokenized bank deposit (deposit token) is a token that represents a direct, par-redeemable liability of a single issuing bank, made available to that bank's clients and recorded on a distributed ledger. It is commercial bank money in tokenized form. Three conditions define the category: it is a claim on one issuing bank rather than a reserve pool or a fund; issuance and redemption are restricted to the bank's KYC'd clients or network members; and it is redeemable at face value, ordinarily on demand.
The category is defined by the liability structure and the access gating, not by whether the ledger is private. JPMorgan runs Kinexys Digital Payments on a proprietary permissioned ledger, and separately issues its JPMD deposit token on a public chain (Base) with gated access; ANZ's tokens run on public chains too. A deposit token can sit on either a private or a public rail. Ledger privacy is not the test.
What It Is Not (Boundary Cases)
Instrument
Why it is out of scope
Where it lives instead
Reserve-backed stablecoins (USDC, USDT, Societe Generale EURCV/USDCV)
A claim on an issuer holding a segregated reserve, broadly distributed. Different issuer structure and different accounting.
Infrastructure that moves member banks' deposit tokens. Not issuers themselves.
Not an instrument in this category
Roster (Snapshot, July 2026)
Live, single-bank own-issued: JPMorgan (Kinexys Digital Payments in USD/EUR/GBP on a proprietary permissioned ledger, and JPMD, a USD deposit token on public Base, live for institutional clients with Canton Network planned), Citi Token Services (USD, private permissioned, EUR expansion underway), HSBC Tokenised Deposit Service (EUR, GBP, HKD, SGD, USD), DBS Token Services / Treasury Tokens (SGD, multi-currency), Standard Chartered Tokenised Deposits (SGD, USD, HKD, CNH), BNY Tokenized Deposits (USD), and Wells Fargo Digital Cash (USD, legacy and narrow).
Pilot or boundary: UBS Digital Cash (pilot), BBVA via Visa VTAP (pilot), and ANZ A$DC / NZ$DC (institutional; self-branded a "stablecoin," structurally a boundary case here).
Shared rails (not issuers): Partior (live), Regulated Liability Network (pilot), The Clearing House shared network (targeting H1 2027).
This is a fast-moving class. Treat the roster as accurate to within days and verify status before external citation.
XVA Profile
The profile is topology-conditional: the same instrument class carries different components depending on where the token is issued. In every case LCVA leads and SVA is zero.
Single-bank credit, counterparty, and legal-finality risk. The bank-failure risk that SVA prices for a stablecoin is captured here for a deposit token, because the risk is bank solvency, not reserve adequacy. This is the SVB-shaped risk, correctly relocated. On a shared multi-bank network, LCVA becomes multi-issuer.
Governance risk, single-issuer, Tier I, Level 3, assessed per issuing bank. The host chain's or shared network's own governance is not a second GVA input.
A deposit token has no reserve to depeg. This corrects a prior Live Monitor drift that applied 1.6 bps of SVA to the Kinexys position; policy section 7.2.3 never applied SVA here.
By Topology
Topology
Example
Profile
Closed proprietary permissioned ledger
Kinexys Digital Payments, Citi Token Services
BRVA, OVA, and CompVA are near-zero. The core profile above is the whole picture.
Single-bank liability on a public rail
JPMD on Base
OVA and BRVA stay strictly zero at the instrument level, because a bank IOU has no oracle dependency and no bridge dependency of its own. Any cascade risk from sharing chain infrastructure with unrelated protocols routes to CompVA (Tier III), not to a diluted OVA, BRVA, or GVA.
Shared multi-bank settlement network
Partior, RLN, The Clearing House
Each bank's GVA stays Tier I and single-issuer, assessed per bank. Network-governance correlation (participant admission, shared parameters, correlated-participant stress) is a CompVA (Tier III) surface. LCVA is multi-issuer.
Methodology note: pricing CompVA on a shared bank-deposit network requires generalizing the policy section 5.3 CompVA definition from "protocols" to "network participants." Flagged for the next policy revision.
Accounting Treatment
Out of scope of ASU 2023-08 (ASC 350-60). A deposit token fails two independent scope gates: it is a direct deposit claim (Condition (b)), and deposits with financial institutions are carved out as financial assets. It is not a crypto-intangible asset.
Holder-side measurement. Cash equivalent under ASC 305 in the base case (par-redeemable, on demand, original maturity of three months or less). Otherwise an amortized-cost receivable with CECL. Not fair value through income.
Issuer-side. A deposit liability under ASC 942. The ledger does not change the liability's character.
Client-electable election. The cash-equivalent versus amortized-cost-receivable branch is a client election with a recommended default of cash equivalent. The out-of-scope conclusion itself is not elective.
Disclosure. Largely outside the ASC 820 fair-value hierarchy, because the instrument is not carried at fair value. This is a lower disclosure burden than a stablecoin. A CECL allowance disclosure applies on the receivable branch.
IFRS. No crypto-asset standard applies; the token is treated as a financial asset under IFRS 9. US and IFRS books converge without the "crypto asset" framing.
Audit Confirmation Required
This accounting treatment is presented as illustrative policy guidance, consistent with the rest of this Knowledge Base. External audit confirmation is required before any of this reaches a financial statement.
Why This Is Its Own Category
Three tokenized instrument types that look alike at the wrapper level resolve to three different treatments:
Both the risk decomposition and the accounting reach "distinct fourth category" independently, from different disciplines. A deposit token is not a bank-issued stablecoin, and stating that plainly heads off the first objection a sophisticated reader raises.
Related Concepts
LCVA (Legal)
SVA (Depeg)
Stablecoins
Fair Value Accounting
CompVA
Limits & Thresholds
Position limits, XVA-based restrictions, and aggregate exposure controls from §8.
Who gets notified at each threshold, and what exception authority exists (§13).
Exception Approval Authority (§13.1)
Exception Type
Approval Authority
Time Limit
Temporary XVA exceedance
Treasurer with CFO notification
< 48 hours
Extended XVA exceedance
CFO approval required
> 48 hours
Non-approved stablecoin or protocol
CFO + Risk Committee
Until reviewed
Aggregate limit exceedance
Board Finance Committee
Until resolved
Policy amendment
Board Finance Committee
Annual cycle
Related Concepts
Limits & Thresholds
Governance
Sweep & Funding Operations
Automated fiat-crypto sweep execution, funding triggers, and cross-chain movements (§9).
Sweep Formula (§9.1)
Sweep Amount = Available Balance − Min Retained ($50K) − 24h Projected Outflows
Execute if Sweep Amount > $100,000 threshold
Sweeps execute daily at 16:00 local (after settlement finality). Currency matching: USDC→USD, EURC→EUR.
Funding Trigger (§9.2)
If (Projected Outflows × 1.05) > Current Stablecoin Balance → Fund at 08:00
5% safety buffer above projected outflows. Same-day settlement for funding triggered at 08:00.
Regional Sweep Timing
Region
Sweep Time
Funding Time
Cut-off
Domestic (US)
5:00 PM ET
8:00 AM ET
After same-day settlement finality
European
4:00 PM CET
8:00 AM CET
After TARGET2 settlement
APAC
4:00 PM local
8:00 AM local
After local RTGS settlement
Minimum Balance Thresholds
Operating accounts retain a minimum balance after sweep to cover next-day operational needs. Standard minimum: $50,000 or local currency equivalent. Emergency threshold: if balance exceeds $5M outside scheduled sweep time, an ad-hoc sweep is triggered with Treasurer notification. Funding horizon: maintain 1.05× projected outflows (5% safety buffer).
Exception Handling
Failed sweeps retry up to 3 times with 15-minute intervals. After 3 failures: alert to Treasury Ops + Treasurer. Manual override available for critical funding with dual approval. Weekend/holiday sweeps: pre-positioned on prior business day for known obligations.
Cross-Chain (§9.4)
Treasurer approval required for bridge transfers >$500K. Bridge failure fallback activates if delay >4 hours. BRVA must be <50 bps for bridge execution. See Smart Contract Architecture for the on-chain anchoring of sweep execution proofs.
Tax Impact (§11.3)
Activity
Tax Treatment
Stablecoin → Fiat sweeps
Taxable; recognize gain/loss on stablecoin
Fiat → Stablecoin funding
Acquisition; establish cost basis
Cross-chain bridges
Same-wallet transfer (not taxable)
Stablecoin → Stablecoin swaps
Taxable exchange
Related Concepts
BRVA (Bridge)
GVA (Gas)
Stablecoins
Smart Contract Architecture
Regulatory Compliance
Multi-jurisdictional compliance framework per §10.
Wallet screening; Tornado Cash precedent; SDN list compliance
IRS
Tax reporting
Digital asset broker reporting (Form 1099-DA); cost basis tracking
State regulators
Money transmission
BitLicense (NY), state money transmitter licenses
European Union
MiCA (Markets in Crypto-Assets): Full framework effective June 2024. EMT (e-money tokens) and ART (asset-referenced tokens) classifications. CASP licensing for service providers. Reserve requirements for stablecoin issuers. MiFID II / EMIR: Applies when tokenized assets qualify as financial instruments. DLT Pilot Regime: Sandbox for DLT-based market infrastructure. DORA: Digital operational resilience requirements for financial entities.
BIS / Basel Committee: Prudential treatment of crypto-asset exposures (Group 1a/1b/2). FATF: Travel Rule (Recommendation 16), VASP licensing guidance. IOSCO: 18 policy recommendations for crypto/DeFi markets. FSB: High-level framework for crypto-asset activities (9 recommendations). IMF: Crypto-Asset Reporting Framework (CARF) for cross-border tax transparency.
Restricted Jurisdictions (§11.2)
China: Cross-border crypto prohibited; all crypto trading banned since 2021. India: 30% tax on crypto gains; 1% TDS; restricted but not banned. Venezuela: CADIVI/CENCOEX restrictions; VES-only netting. Capital control jurisdictions require per-transaction regulatory checks.
Approved Service Providers (Appendix C)
All providers must have SOC 2 Type II, segregated custody, and bankruptcy-remote structures: Coinbase Prime (custodian), Fireblocks (wallet infra), Circle (issuer), Anchorage Digital (OCC-chartered custodian).
Related Concepts
LCVA (Legal)
Governance
Stablecoins
Governance
Roles, responsibilities, and policy review structure per §4 and §14.
Roles & Responsibilities (§4)
Role
Responsibilities
Board of Directors
Approves policy, reviews effectiveness annually, sets max aggregate exposure limits
CFO
Implements and oversees crypto risk program, approves XVA methodologies
Annual review by Finance Committee. This policy is subordinate to the Corporate Treasury Policy and overall Investment Policy. Interim amendments can be proposed by Treasurer for material market or regulatory changes.
Related Concepts
Escalation Matrix
Regulatory
Limits & Thresholds
Risk Positions Dashboard
Real-time position monitoring with XVA decomposition, limit utilization, alerts, and sweep execution tracking.
The Risk Positions prototype is the operational control centre for the Crypto XVA framework. It provides a live dashboard, position-level XVA decomposition, sweep & funding tracking, limit monitoring, alert management, compliance status, reporting, approved asset reference, and governance views — all in a single interface.
Portfolio-weighted XVA of 28.4 bps sits in the 25–50 bps enhanced monitoring zone. Largest single component: LCVA averaging 18.2 bps across positions. Two components in warning status: BRVA (Wormhole breached at 52 bps) and USDT SVA approaching 15 bps threshold.
Position
SVA
SCVA
LCVA
DPVA
OVA
BRVA
GVA
RWVA
OCVA
Total
USDC
5
—
1
—
—
—
0.5
—
0.5
7
USDT
14.2
—
4
—
—
—
2.5
—
1.3
22
BUIDL
—
8
12
15
4
—
—
3
—
42
Ondo USDY
—
6
12
12
3
—
1
4
—
38
Franklin
—
4
7
8
2
—
1
2
—
24
Active Alerts
Critical: BRVA Limit Breach — Wormhole
BRVA reached 52 bps (hard limit 50 bps). TVL dropped 18% over 48h following validator set rotation. Auto-pause triggered on new bridge transfers. Escalated to Treasurer.
Warning: USDT SVA Approaching Threshold
SVA at 14.2 bps (warning at 15 bps). Reserve attestation 12 days old, increasing Bayesian P(de-peg) prior from 1.5% to 1.8%.
Warning: BUIDL LCVA Elevated
LCVA at 27 bps (warning at 25 bps). Driven by pending SEC guidance on tokenized fund custody. Outside counsel opinion expected by 18 Apr 2026.
Prototype Pages
The full risk positions prototype includes 9 operational pages: Dashboard, Position Monitor, XVA Monitor (with heatmap), Sweep & Funding (execution timeline), Limits (utilization bars), Alerts (critical/warning/info), Regulatory (compliance cards), Reports (daily/weekly/monthly/quarterly), Approved Assets (reference table), and Governance (roles & responsibilities).
Related Concepts
Limits & Thresholds
Escalation Matrix
Sweep & Funding
Liquidity Monitor
Stress Testing
Smart Contract Architecture
Liquidity Risk Monitor
The unified TradFi + Crypto XVA early-warning engine.
Access Required
The live prototype described here runs at live.crypto-xva.app — a separate credentialed application behind HTTP Basic Auth, distinct from the prototype suite. Access is by invitation. To request credentials, email dm@turnhouseconsulting.com.
Three-Domain Architecture
The monitor tracks risk across three domains simultaneously, using a worst-of approach for consolidated status:
Domain
Key Metrics
Warning/Critical Thresholds
Liquidity
Unsecured spread, JPY basis, 24h delta, liquidity ratio
Weights reflect the relative importance: OVA carries the highest weight (30%) as oracle risk is the most dynamic and consequential factor. SCVA and LVA at 25% each, BRVA at 20%.
Related Concepts
OVA (Oracle)
BRVA (Bridge)
Stress Testing
Calculation Methods
Stress Testing
How the framework behaves under extreme but plausible scenarios — the 10-event calibration set.
Access Required
The Crypto XVA Stress Library prototype — 10-event calibration set with interactive scenario replay — is available to qualified reviewers on request. You will be prompted for a password when you open it. To request access, email dm@turnhouseconsulting.com.
Design Principles
The stress library calibrates the framework against ten historical and hypothetical scenarios drawn from real crypto-native and cross-market stress events. Each scenario isolates a distinct failure mode:
Cross-domain correlation — TradFi liquidity stress (unsecured funding spike, FX basis widening) amplified by simultaneous crypto-native stress
Oracle cascade — oracle staleness and manipulation during high-volatility episodes; OVA as the dominant driver
Bridge exploit — concentrated bridge exposure combining TVL collapse, validator set changes, and exploit history; BRVA breaching limits
Stablecoin depeg — reserve opacity combined with a market stress trigger; SVA crossing the hard limit
Cross-protocol cascade — composability contagion through shared collateral; CompVA SCC and CPBUC sub-factors as early-warning signals
Illustrative Stress Amplification Factors
Across the 10-event calibration set, components exhibit characteristic amplification patterns under stress. The values below are representative of a severe cross-domain scenario in the library:
OVA consistently shows the highest amplification factor — reflecting its role as the most dynamic and consequential component during crypto stress periods.
Monitor Response
For each scenario, the Liquidity Monitor demonstrates the transition path Normal → Warning → Critical with recommended actions at each stage. The cascade replay (April 2026 Aave / Kelp DAO / LayerZero event) is the primary demo scenario; see CompVA for the detailed sub-factor timeline.
Related Concepts
Liquidity Monitor
Calculation Methods
Escalation Matrix
CompVA
FX Hedging Policy
Foreign exchange risk management framework with target hedge ratios, permitted instruments, and recommendation procedures.
Policy Overview
The FX hedging policy covers both traditional TradFi hedging (for multinational corporate treasury) and digital-asset-specific considerations where stablecoin FX pairs (e.g., USDC/EUR via EURC) introduce new hedging dynamics. The framework applies to all entities with non-functional currency exposures exceeding $500K equivalent.
Target Hedge Ratios by Maturity
Months to Maturity
Target Hedge Ratio
Permitted Range
0 – 3 months
90%
80% – 100%
3 – 6 months
75%
60% – 90%
6 – 12 months
50%
30% – 70%
12 – 24 months
25%
10% – 40%
Hedge Ratio Formula
Hedge Ratio = Notional Value of Hedging Instruments / Total Exposure in Foreign Currency
Calculated per currency pair. Reviewed weekly; rebalanced when ratio drifts outside the permitted range by more than 5 percentage points.
Permitted Hedging Instruments
Instrument
Max Tenor
Use Case
FX Forward contracts
24 months
Primary hedging tool for forecast exposures
FX Swaps
12 months
Liquidity management and rollover
Purchased FX Options
12 months
Protection with upside retention (requires CFO approval)
Cross-currency swaps
5 years
Long-term debt hedging only
Prohibited: Selling naked options, speculative FX positions, leveraged FX derivatives, binary/exotic options.
Hedge Recommendation Procedure
Step 1: Identify all non-functional currency exposures by entity and currency pair. Step 2: Categorize exposures by maturity bucket. Step 3: Calculate current hedge ratio per bucket. Step 4: Compare to target ratio and determine gap. Step 5: Select appropriate instrument and counterparty. Step 6: Obtain required approvals per Delegation of Authority. Step 7: Execute and confirm. Step 8: Document hedge designation (if hedge accounting applied).
Related Concepts
Intercompany Netting
Delegation of Authority
Jurisdictional Rules
Short-Term Investments
Intercompany Netting
Hub-and-spoke multilateral netting framework with FX rules, transfer pricing addendum, and worked example.
Entity-specific netting schedules, minimum thresholds, cut-off times
Hub-and-Spoke Model
Central treasury (HQ) acts as the netting centre. Regional Pool Headers (e.g., EU Pool, APAC Pool, Americas Pool) aggregate subsidiary positions before settling net amounts with HQ. This reduces the number of cross-border payments from O(n²) bilateral to O(n) hub-spoke, cutting transaction costs and FX spread leakage.
Worked Example
4-Entity Netting Cycle
Gross obligations: €2,650K across 4 subsidiaries (Sub A owes B €500K, A owes C €300K, B owes C €450K, B owes D €200K, C owes A €350K, D owes A €400K, D owes B €450K).
Net positions after multilateral netting: Sub A receives €50K net, Sub B pays €300K net, Sub C receives €100K net, Sub D pays €150K net (total: 3 payments vs. 7 gross).
Savings: ~57% reduction in payment count, ~40% reduction in FX transaction costs.
Transfer Pricing Addendum
Intercompany FX conversions within the netting cycle must include an arm’s-length markup to satisfy transfer pricing requirements:
Currency Type
Markup (bps)
Benchmark
G10 currencies (standard)
0 – 10 bps
WM/R fix ± observable spread
Exotic / restricted currencies
10 – 25 bps
Local market quotes
Stablecoin conversions
5 – 15 bps
On-chain DEX mid-rate
Netting Cycle Timing
Standard cycle: Monthly, with cut-off on T-5 business days before month-end. Submission deadline for intercompany invoices: T-7. Dispute resolution window: T-5 to T-3. Net settlement: Last business day of month. Emergency ad-hoc netting available with Treasurer approval for amounts >$1M.
Related Concepts
FX Hedging
Jurisdictional Rules
Sweep & Funding
Governance
Short-Term Investment Policy
Approved traditional instruments, diversification limits, and category constraints for short-term cash deployment.
Context
This policy covers the traditional (TradFi) side of cash management — the instruments that form the base of the treasury portfolio before digital asset allocations. The stablecoin and tokenized asset policies sit alongside this as the digital extension.
Approved Instruments
Instrument
Max Tenor
Min Credit Rating
Notes
Bank time deposits
12 months
A- (S&P) / A3 (Moody’s)
Primary liquidity tool
Certificates of deposit (CDs)
12 months
A-
Negotiable CDs preferred
Commercial paper (CP)
270 days
A-1 / P-1
SEC Rule 2a-7 eligible only
US Treasury bills
12 months
Sovereign
Benchmark risk-free; unlimited allocation
Government agency securities
12 months
Sovereign / AA-
GSE obligations (FHLB, FFCB, etc.)
Money market funds (MMFs)
Daily liquidity
AAAm
2a-7 Government or Prime funds
Separately managed accounts
Per mandate
Per mandate
Requires Investment Committee approval
Diversification Limits
Limit Type
Maximum
Current
Single bank counterparty (deposits + CDs)
90% of total short-term portfolio
Varies by entity
Government securities (T-Bills + agencies)
95% (essentially unlimited)
—
Commercial paper — single issuer
5% of total portfolio
—
Commercial paper — category total
25% of total portfolio
—
MMF — single fund
25% of total portfolio
—
Prohibited Instruments
Equity securities, structured notes (unless Board-approved), auction-rate securities, inverse floaters, mortgage-backed securities (unless Government agency), and any instrument with embedded leverage.
Related Concepts
Accounting Trap
Risk-Adjusted Yield
Tokenized Assets
Delegation of Authority
Delegation of Authority (DoA)
Approval tiers for payments, investments, and digital asset operations with five governing principles.
Five Key Principles
#
Principle
Rule
1
Peer-level delegation
Authority may only be delegated to individuals at the same or higher organizational level
2
Segregation of duties
Initiator and approver must be different individuals; no self-approval
3
Self-approval prohibition
No individual may approve a transaction they initiated or that benefits them personally
4
Documentation requirement
All delegations must be documented, time-limited, and reviewed quarterly
5
Jurisdictional compliance
Delegation must comply with local laws, including power of attorney and banking regulations
All digital asset transactions must satisfy: GENIUS Act compliance verification (US entities), SEC custody rule checks, MiCA authorization (EU entities), approved custodian whitelisting (Fireblocks, Coinbase Prime, Anchorage), AML/KYT screening via Chainalysis or equivalent, and OFAC sanctions screening on all wallet addresses.
Related Concepts
Escalation Matrix
Governance
Regulatory
Sweep & Funding
Jurisdictional Netting Rules
Country-specific regulatory constraints on intercompany netting, FX, and capital controls with policy engine syntax.
Implementation Note
These rules are implemented as policy engine directives that automate compliance checks within the intercompany netting and sweep & funding systems. Each rule maps to an IF/THEN statement in the treasury management system.
Americas
Country
Currency Restriction
Netting Rule
Key Constraint
Brazil
BRL only (no USD netting)
RESTRICT currency_netting TO [“BRL”]
Central Bank registration required; IOF tax applies
Chile
No restriction
ALLOW multi_currency
Central Bank reporting required for >$10K
USA
No restriction
ALLOW multi_currency
OFAC screening mandatory; IRS reporting
Venezuela
VES only
RESTRICT currency_netting TO [“VES”]
CADIVI/CENCOEX approval; highly restricted
Asia-Pacific
Country
Currency Restriction
Netting Rule
Key Constraint
China
CNY only
RESTRICT currency_netting TO [“CNY”]
SAFE approval; cross-border netting prohibited without license
India
INR only for domestic
RESTRICT currency_netting TO [“INR”]
RBI approval required; AD Category I bank routing
Japan
No restriction
ALLOW multi_currency
BOJ reporting for >¥30M
Singapore
No restriction
ALLOW multi_currency
MAS reporting; PSA compliance for digital assets
Australia
No restriction
ALLOW multi_currency
AUSTRAC reporting obligations
EMEA
Country
Currency Restriction
Netting Rule
Key Constraint
UK
No restriction
ALLOW multi_currency
FCA reporting; FSMA compliance
Germany
No restriction
ALLOW multi_currency
BaFin reporting; EU netting regulation
France
No restriction
ALLOW multi_currency
AMF reporting; mandatory cash pooling declaration
Switzerland
No restriction
ALLOW multi_currency
FINMA compliance; withholding tax considerations
UAE
No restriction
ALLOW multi_currency
CBUAE reporting; VARA for digital assets in Dubai
South Africa
ZAR restricted
RESTRICT cross_border TO approved_dealers
SARB Exchange Control; “loop structure” rules
Policy Engine Rule Syntax
IF entity.country = “Brazil” THEN RESTRICT currency_netting TO [“BRL”] IF entity.country = “China” THEN RESTRICT currency_netting TO [“CNY”] IF entity.country = “India” THEN RESTRICT currency_netting TO [“INR”] IF entity.country IN [“US”,“UK”,“Singapore”,“Japan”] THEN ALLOW multi_currency IF transaction.amount > reporting_threshold THEN REQUIRE regulatory_filing
Related Concepts
Intercompany Netting
Regulatory
FX Hedging
Crypto Risk Management Policy — At a Glance
An abridged orientation guide to the policy governing digital asset XVA, governance, limits, sweep operations, and regulatory compliance.
Orientation Aid Only
This page is an abridged orientation aid. The policy document is authoritative. Appendix D is the definitional record for all terms — see the Glossary page, which syncs from it. Section numbers cited inline (e.g. §8.2) refer to the Crypto Risk Management Policy v3.
Four Things to Know Before Reading Further
1. Tier vs. Level — keep them separate. Tier I / II / III is the architectural structure of the XVA framework (protocol-level / asset-level / cross-protocol). Level 1 / 2 / 3 is the ASC 820 / IFRS 13 observability hierarchy (quoted prices / observable inputs / unobservable inputs). They are distinct axes; the framework spans both simultaneously.
2. XVA is an open mapping. Components active for a given instrument, regime, and jurisdiction vary. The policy does not define a fixed closed roster; it maps each position to the surfaces that apply.
3. Three tiers plus a residual cluster. Tiers I–III are SSRN-grounded. The Level 3 Residual cluster (DPVA, RWVA, FXVA, QVA, OCVA, TXVA, KVA, MVA) is policy-only by design — institutional implementation completeness, not academic taxonomy.
4. CompVA is the cascade monitor. The Tier III component, introduced after the April 18–19, 2026 Aave / Kelp DAO / LayerZero cascade (§5.3), is CompVA. Its three sub-factors (SCC, UQL, CPBUC) are the real-time early-warning instruments — see the CompVA deep-dive for the Live Monitor replay of the cascade.
Policy Structure at a Glance
The map below visualises the five interlocking pillars of the policy on one canvas. Read left-to-right: governance sets authority; the XVA framework prices risk per position; limits convert XVA readings into position constraints; sweep & funding operations execute within those constraints; and the regulatory pillar defines external boundary conditions for all of the above.
Purpose, Scope & Objectives (§1–3)
The policy establishes comprehensive guidelines for identifying, measuring, managing, and monitoring risks associated with digital assets, including cryptocurrencies, payment stablecoins, tokenized real-world assets, and DeFi protocol interactions (§1). It applies to all subsidiaries, including regional treasury centers and foreign subsidiaries, covering cross-chain transactions, automated sweep and funding operations, and intercompany settlements denominated in or facilitated by digital assets (§2). The five stated objectives are: preserve principal through XVA-based limits; ensure operational liquidity through coordinated fiat-crypto sweep mechanisms; maximize risk-adjusted return after accounting for all applicable XVA components; maintain full regulatory compliance across all applicable jurisdictions; and provide complete audit trails for all digital asset transactions and risk calculations (§3). The policy operates in conjunction with the Short-Term Investment Policy, FX Risk Management Policy, Treasury Sweep and Funding Policy, and In-House Banking Policy.
Governance Chain (§4)
Authority flows from the Board of Directors (approves policy; sets maximum aggregate exposure limits) to the CFO (approves XVA calculation methodologies and risk tolerance thresholds) to the Treasurer (executes digital asset strategies, monitors XVA metrics, manages sweep and funding operations, maintains counterparty relationships). Risk Management calculates and monitors XVA components, validates model inputs, performs stress testing, and escalates limit breaches. The Compliance Officer ensures adherence to all applicable regulations and maintains AML/KYC compliance. The Tax Department manages transfer pricing documentation for intercompany digital asset flows. The Finance Committee of the Board reviews and approves the policy annually and monitors effectiveness against market developments and regulatory changes (§14).
Digital Asset XVA Framework (§5)
The framework is a systematic methodology for quantifying crypto-native risks, grounded in the SSRN working paper §2.1. The fundamental unit is: XVA Component = Probability of Event × Severity of Loss × Discount Factor. The framework maps each position to the surfaces that apply across three architectural tiers and a policy-only residual cluster — this is an open mapping by instrument, regime, and jurisdiction, not a fixed closed roster.
Tier I — Protocol-Level Adjustments (§5.1): Capture risks endogenous to a single protocol's design and operation. Components active include SCVA (smart contract bugs, exploits, upgrade vulnerabilities; typically Level 2), OVA (price manipulation, stale oracle feeds, liveness failures; the TWAP Paradox is an OVA sub-problem), LRVA (pro-cyclical market depth and liquidity regime shifts during stress), BRVA (bridge exploits, message delays, cross-chain liquidity shortfalls; a leading indicator — feeds CompVA infrastructure overlap), and GVA (gas price spikes, network congestion, failed transaction execution).
Tier II — Asset-Level Adjustments (§5.2): Capture risks attached to the asset itself irrespective of venue. Components include SVA (de-peg events and reserve opacity; example: P(de-peg) = 2%, E[discount] = 50 bps, Exposure = $10M → SVA = $1,000), TVLVA (adoption-decline risk where TVL contraction triggers reverse-flywheel outflows), and LCVA (jurisdictional uncertainty, bankruptcy remoteness, custodian failure; example: P(event) = 2%, LGD = 20% → LCVA = 40 bps — often the largest single component for cross-border tokenized exposures).
Tier III — Cross-Protocol / Network-Level (§5.3): Introduced in SSRN v3 following the April 2026 Aave / Kelp DAO / LayerZero cascade. The component is CompVA, operationalised through three sub-factors with weights that aggregate as: CompVA = 0.40 × SCC + 0.30 × UQL + 0.30 × CPBUC. CompVA is not currently hedgeable; management responses are limited to portfolio rebalancing and SCC reduction below the hard limit (§8.2: SCC ≤ 0.55). Note the distinction from CCVA (Compositional Correlation Valuation Adjustment), which is a within-protocol non-additivity term — a separate concept defined in SSRN v3 §5.5.
Level 3 Residual Adjustments (§5.4): Policy-only by design — operational and capital adjustments retained for institutional implementation completeness but explicitly not part of the SSRN academic taxonomy. These include DPVA (NAV mismatch, stale pricing, redemption gates), RWVA (withdrawal queues and liquidity window gates), FXVA (FX volatility during cross-border settlement), QVA (MEV / sandwich attack exposure), OCVA (custodian downtime, API failures), TXVA (cross-border tax treatment uncertainty), KVA (regulatory capital cost), and MVA (initial margin on on-chain derivatives).
Approved Assets & Instruments (§7)
Approved stablecoins include USDC (Circle; GENIUS Act compliant, MiCA EMT authorized; max 25% of digital asset portfolio; SVA 5–10 bps based on reserve attestation recency), EURC (Circle; MiCA EMT; max 15%; SVA 10–15 bps), USDT (Tether; max 15%; SVA 15–25 bps, reflecting reserve transparency discount), and bank-issued stablecoins (per counterparty limits; SVA 5 bps) (§7.1). Approved tokenized assets include tokenized money market funds (Ondo USDY, Franklin OnChain U.S. Government Money Fund, Superstate funds — apply DPVA + RWVA + LCVA, plus CompVA evaluation if used as DeFi collateral), tokenized treasuries (BlackRock BUIDL, Securitize — apply DPVA + LCVA + SCVA), and bank-issued tokenized deposits (§7.2). DeFi protocol interactions are restricted to Ethereum mainnet, Base (L2), and Solana; DEX protocols Uniswap V3/V4 and Curve (stablecoin swaps only, requiring SCVA < 25 bps); and approved bridges (BRVA < 50 bps; currently Wormhole, LayerZero, CCIP, monitored continuously) (§7.3). Any new protocol must pass a Tier III pre-listing test confirming the addition does not push portfolio-level SCC above 0.45, UQL z-score above 2.0σ, or CPBUC above 0.65 (§8.3 warning thresholds).
Risk Limits & Thresholds (§8)
XVA-based position limits apply as a four-band scale: below 25 bps permits up to 100% of approved limit under standard monitoring; 25–50 bps reduces the limit to 75% with CFO notification and enhanced monitoring; 50–100 bps reduces to 50% and requires Risk Committee review; above 100 bps, the position is prohibited and any existing position must be exited immediately (§8.1). Aggregate caps include: maximum 10% of total cash and short-term investment portfolio in digital assets; maximum 25% of digital asset portfolio per single stablecoin issuer (combined across currencies from the same issuer); maximum 15% per single protocol; maximum 40% per single chain; maximum 5% in DeFi protocols; maximum $5 million or 10% of the digital asset portfolio in cross-chain bridge exposure at any time; dependency-graph density (SCC) ≤ 0.55, with rebalancing required if breached for more than 5 consecutive days (§8.2). Key component hard limits per Table 6 are summarised (abridged — not the full Table 6 roster) in the map above — see the Limits & Thresholds and Escalation Matrix articles for the full escalation-path detail (§8.3).
Sweep & Funding Operations (§9)
Stablecoin balances sweep to fiat concentration accounts daily at 4:00 PM local time following settlement finality confirmation. The minimum sweep threshold is $100,000 USD equivalent; the minimum retained operational float is $50,000 USD equivalent. Sweep Amount = Available Stablecoin Balance − Minimum Retained Balance − Projected 24-hour Outflows. Currency matching applies: USDC sweeps to USD, EURC to EUR; cross-currency sweeps require FX conversion per the FX Risk Management Policy (§9.1). Fiat-to-stablecoin funding is initiated by 8:00 AM when projected payment obligations exceed available stablecoin balance, with a 5% safety buffer: Funding Amount = Projected Outflows × 1.05 − Current Stablecoin Balance (§9.2). Tokenized asset redemptions are triggered by: liquidity needs exceeding available stablecoin and cash balances; DPVA or RWVA exceeding warning thresholds; or a regulatory or compliance requirement; T+1 or T+2 settlement windows apply as disclosed by the fund issuer (§9.3). Cross-chain movements require a BRVA calculation for the specific bridge and transaction size, Treasurer approval for amounts exceeding $500,000, real-time monitoring of bridge status and liquidity, and a documented fallback plan for delays exceeding 4 hours (§9.4). See the Sweep & Funding article for full operational detail.
Regulatory Compliance Framework (§10)
In the United States, payment stablecoins must be from GENIUS Act–permitted issuers meeting: 1:1 reserve backing in high-quality liquid assets (USD, T-bills, repos, government MMFs); monthly reserve attestation by a registered public accounting firm; OCC or substantially similar state license; no interest payments to stablecoin holders (§10.1). BSA/AML/FinCEN compliance requires FinCEN MSB registration for all digital asset service providers, transaction monitoring and SAR filing obligations, Travel Rule compliance for transfers exceeding $3,000, and OFAC sanctions screening for all wallet addresses and counterparties. In the EU, only E-Money Tokens from MiCA-authorized credit institutions or electronic money institutions are permissible; EMT issuers must hold 30–60% of reserves in EU credit institutions; custodians and CASPs must comply with DORA operational resilience requirements including ICT risk management, incident reporting, and third-party risk management (§10.2). Asia-Pacific coverage spans Singapore's PSA / MAS framework for digital payment token services and the Hong Kong Stablecoin Ordinance (2025) for HKMA-licensed HKD-backed stablecoins (§10.3). The jurisdictional basis risk — the valuation differential arising from the substantive divergence between Basel SCO60 (higher capital charges for permissionless infrastructure) and the March 5, 2026 OCC / Federal Reserve / FDIC interagency FAQ position (OCC Bulletin 2026-7) — is a priced risk entering through LCVA at the asset level and CompVA cross-tier correlations at the portfolio level (§10.4). See the Regulatory article for the full jurisdiction-by-jurisdiction breakdown.
Tax, Reporting, Exceptions & Continuity (§11–13)
Digital assets are treated as property for U.S. federal income tax purposes; any exchange for fiat, other digital assets, or goods/services is a taxable event. Cross-border stablecoin pooling requires arm's-length transfer pricing per OECD guidelines, with restricted participation for entities in China (prohibited) and India (verify current regulatory status) (§11). Daily reporting covers the Digital Asset Position Report, XVA Dashboard (current XVA by component with limit utilization indicators), Sweep/Funding Execution Report, and Exception Report. Monthly reporting includes the Comprehensive XVA Report with methodology documentation and uncertainty disclosures per SSRN v3 §8.1.4. Quarterly reports to the Board cover digital asset strategy review, XVA model validation back-testing results, and regulatory compliance certification (§12). Exception approval authority scales with severity: Treasurer alone for XVA threshold exceedances under 48 hours; CFO for extended exceedances; CFO plus Risk Committee for non-approved instruments; Board Finance Committee for aggregate limit breaches and policy amendments (§13.1). Business continuity procedures include manual sweep and funding fallback, backup custodian relationships, alternative bridge paths, emergency liquidation procedures, and annual disaster recovery testing (§13.2).
Related Concepts
Limits & Thresholds
Escalation Matrix
Sweep & Funding
Regulatory
Governance
Glossary
CompVA
Abridged from Crypto Risk Management Policy v3 (2026) · The policy document is authoritative · Glossary terms sync from Appendix D · Section references (§) cite v3 sections directly
XVA Use Cases
Five practical application scenarios demonstrating how the Crypto XVA framework drives real treasury decisions.
Use Case 1: Tokenized Treasury Allocation
Scenario
Corporate treasury considering moving 5% of $500M cash portfolio from T-Bills to tokenized treasury funds (BUIDL, Franklin OnChain) for yield enhancement and 24/7 liquidity.
XVA Analysis: T-Bills carry ~2 bps total XVA vs. BUIDL at 42 bps and Franklin OnChain at 24 bps. The yield pickup of 20–40 bps gross is partially consumed by XVA. Franklin OnChain emerges as optimal: highest risk-adjusted yield (4.81%) despite lower headline yield. Decision: Allocate to Franklin OnChain first, BUIDL second; monitor LCVA as SEC guidance evolves.
Use Case 2: Stablecoin Reserve Optimisation
Treasury holds $25M in stablecoins for operational payments. The XVA framework reveals USDC (SVA 18 bps) vs. USDP (SVA 6 bps) vs. USDT (SVA 30 bps). Optimal blend: 60% USDC (liquidity), 30% USDP (lowest XVA), 10% USDT (counterparty diversification with enhanced monitoring). Total portfolio SVA reduces from 18 bps (all-USDC) to 14.4 bps.
Use Case 3: Cross-Chain Liquidity
Treasury needs USDC on both Ethereum and Solana for different payment rails. BRVA analysis: Wormhole currently at 52 bps (breached), CCIP at 18 bps (within limits). Decision: Route via CCIP; hold native USDC on each chain rather than bridging where possible; cap bridge exposure at $5M total.
Use Case 4: Cross-Border Payments
Worked Example: US → Singapore $25M
Traditional route: SWIFT wire, T+1 settlement, FX spread 15–25 bps, correspondent bank fees $35–75.
Net saving: ~5–10 bps per transaction + same-day settlement. At $25M monthly volume, annual saving: $150K–$300K.
Use Case 5: Intercompany Optimisation
Group with $150M monthly intercompany flows across 12 entities. Combining multilateral netting (40% payment reduction) with stablecoin settlement (for approved corridors) reduces total treasury costs by an estimated 25–35 bps on netted flows. Key constraint: jurisdictional rules restrict stablecoin netting in Brazil (BRL only), China (CNY only), and India (INR only).
Related Concepts
Risk-Adjusted Yield
Stablecoins
Tokenized Assets
Sweep & Funding
Smart Contract Architecture
On-chain policy anchoring (TreasuryAnchor.sol) and off-chain sweep engine (sweep-engine.ts).
Architecture Pattern
The system follows a hybrid on-chain/off-chain architecture. Complex policy logic and calculations run off-chain (TypeScript sweep engine) for flexibility and gas efficiency, while state hashes and execution proofs are anchored on-chain (Solidity contract) for tamper-proof audit trails. This separates computation from verification.
TreasuryAnchor.sol — On-Chain Anchor
Solidity contract (^0.8.19) built on OpenZeppelin AccessControl. Provides immutable audit trails for off-chain treasury operations.
Component
Purpose
PolicyAnchor struct
Stores state hash, rules hash, version, timestamp, signer addresses, and policy ID
ExecutionProof struct
Records pre/post state hashes, transaction type, amount, currency, executor
TREASURER_ROLE, CFO_ROLE, OPERATOR_ROLE, AUDITOR_ROLE (maps to DoA)
Key Contract Functions
Function
Access
Purpose
registerPolicy()
TREASURER_ROLE
Register a new policy with initial state and rules hashes
anchorState()
OPERATOR_ROLE
Anchor new state with multi-sig verification (min N signatures from Treasurer/CFO)
recordSweepExecution()
OPERATOR_ROLE
Record sweep proof with pre/post state transition validation
recordFundingExecution()
OPERATOR_ROLE
Record funding proof
triggerEmergencyStop()
TREASURER_ROLE
Halt all anchoring operations
liftEmergencyStop()
CFO_ROLE
Resume operations (different role for separation of duties)
verifyStateHash()
Public
Anyone can verify current state matches expected hash
State Transition Validation
Pre-state hash must match current anchored state → Execute → Post-state hash becomes new anchor
This creates an immutable chain: State_0 → Proof_1 → State_1 → Proof_2 → State_2 → ...
Any gap or mismatch in the chain is detectable by auditors using the on-chain record, without needing to trust the off-chain system.
sweep-engine.ts — Off-Chain Policy Engine
TypeScript class (SweepPolicyEngine) implementing Treasury Sweep and Funding Policy §6. Manages evaluation, execution, compliance checks, and audit trail generation.
Method
Purpose
evaluateSweep()
Determines if sweep should occur: Available Balance − Min Threshold = Sweep Amount. Runs compliance checks, selects payment rail, determines required approvals.
executeSweep()
Executes after evaluation and approvals. Verifies signatures, creates transaction record, updates balances, generates audit hash.
evaluateAllSweeps()
Batch evaluation for all operating accounts (skips concentration and disbursement accounts). Called by scheduler at sweep time.
runComplianceChecks()
Three checks: counterparty exposure limits, bank credit rating (minimum A-), segregation of duties.
getCurrentStateHash()
Returns current state hash for on-chain anchoring via TreasuryAnchor.
Compliance Checks (Policy §8)
Every sweep evaluation runs three automated compliance gates:
Check
Rule
Failure Action
Counterparty Exposure
Projected destination balance ≤ absolute limit AND counterparty-specific limit
Sweep blocked; escalate to Treasurer
Credit Rating
Destination bank rating ≥ minimum (A-)
Sweep blocked; escalate to Risk
Segregation of Duties
Requester cannot both configure rules and execute transactions (unless SYSTEM)
Sweep blocked; audit flag
Related Concepts
Sweep & Funding
Delegation of Authority
Governance
Regulatory
SSRN Paper — Crypto XVA v3.1
The academic working-paper foundation of this framework. SSRN abstract_id 6448638, v3 posted May 2026 · v3.1 revision live June 2026.
Citation
Martin, D. (2026). Crypto XVA: A Valuation Adjustment Framework for Digital Asset Treasury Management. SSRN Working Paper. Available at: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6448638
Abstract (v3.1)
This paper develops a systematic valuation adjustment (XVA) framework for digital asset holdings in corporate treasury portfolios. We identify nine valuation adjustments — SVA, SCVA, LCVA, DPVA, OVA, BRVA, GVA, RWVA, and OCVA — that collectively capture the risk premium embedded in digital assets relative to traditional cash equivalents. The framework is grounded in ASC 820 / IFRS 13 fair-value measurement principles and calibrated against the April 2026 Aave V3/V4 – Kelp DAO rsETH – LayerZero bridge cascade (~$292M primary bridge loss, ~$6.6B system-level cascade). The CompVA (Compositional Valuation Adjustment) extension introduces a Tier III cross-protocol network measure capturing cascade and composability risk not addressable at the per-position level.
Tier III, portfolio-level. Captures cross-protocol cascade and composability risk not addressable at the per-position level.
Core Insight
Per-position XVA components price risk within each instrument. CompVA prices the risk between instruments — the network-level contagion that arises when DeFi protocols compose on one another. The April 2026 cascade demonstrated that a bridge exploit on LayerZero propagated through rsETH (Kelp DAO) into Aave V3/V4 liquidity pools within hours. No per-position XVA component captures this path; CompVA does.
Definition
CompVA is a Tier III, portfolio-level valuation adjustment that quantifies the expected loss from cross-protocol composability cascades. It is computed from three sub-factors aggregated via the §6.3 weighted+operational formula:
CompVA = w₁ × SCC + w₂ × UQL + w₃ × CPBUC
Weights (v3.1): SCC 0.40 · UQL 0.30 · CPBUC 0.30
Sub-Factors
Sub-Factor
Full Name
What It Measures
Data Source
SCC
Smart Contract Composability Coefficient
Degree of cross-protocol dependency in the portfolio; how tightly coupled the positions are via shared contracts, liquidity pools, or oracle feeds
Depth of the unstaking / redemption queue across liquid-staking and restaking positions; a leading indicator of liquidity stress before it shows in price
On-chain queue data (Dune Analytics); position-level queue depth per asset
CPBUC
Cross-Protocol Borrowing Utilisation Coefficient
Aggregate borrow utilisation across DeFi lending pools holding portfolio assets; high utilisation compresses exit liquidity during stress
Aave, Compound, Morpho utilisation feeds via DefiLlama
The April 2026 Cascade — CompVA in Action
The April 15–19, 2026 cascade (Aave V3/V4 + Kelp DAO rsETH + LayerZero bridge) provides the calibration anchor for CompVA. The Live Monitor v2 replay shows CompVA firing a CRITICAL alert at April 17, 2026 12:00 UTC — approximately 20 hours before the bridge exploit propagated into visible market impact. At that point:
SCC was elevated as rsETH cross-protocol dependencies tightened
UQL was rising as the Kelp DAO unstaking queue began to lengthen
CPBUC was spiking as Aave V3 borrow utilisation approached the liquidity compression zone
The per-position XVA components (BRVA, SCVA, OVA) were in warning territory but had not yet reached CRITICAL thresholds individually. CompVA aggregated the three signals and crossed the critical threshold ~20 hours early. Primary bridge loss: ~$292M. System-level cascade: ~$6.6B.
ASC 820 Level Classification
Sub-Factor
ASC 820 Level
Rationale
SCC
Level-3 (model-derived)
Computed from on-chain graph topology; no direct market observable
UQL
Level-2 (observable on-chain)
Queue depth is directly observable from on-chain state (Dune)
CPBUC
Level-2 (observable)
Borrow utilisation is a published protocol metric
CompVA aggregate
Level-2 / Level-3 blend
Driven by SCC model input; overall measurement is Level-3 where SCC dominates
Limits & Escalation
Status
CompVA bps
Action
Normal
< 10 bps
Standard monitoring
Warning
10 – 20 bps
Enhanced monitoring; Treasurer notification
Critical
> 20 bps
Immediate Risk Committee escalation; position review required
Related Concepts
SSRN Paper v3.1
BRVA (Bridge)
SCVA (Smart Contract)
OVA (Oracle)
Stress Testing
Liquidity Monitor
How We Changed the Way We Measure Risk
A visual explainer tracing the evolution of risk measurement across four moves, and where Crypto XVA fits.
Visual Explainer — Gamma Deck
This topic is covered in a public visual deck. Open the deck →
The Four Moves
Risk measurement in finance did not arrive fully formed. It evolved through four distinct conceptual moves, each resolving a failure of the previous approach:
Move
Approach
What It Fixed
What It Missed
1
Summing bilateral exposures
Simple aggregation of counterparty-level credit risk
Each bilateral relationship measured in isolation; no visibility into how exposures connect across the network
Edges between protocols form and dissolve in real time; risk surfaces are instrument × regime × jurisdiction mappings, not static rosters
Active frontier — Crypto XVA framework addresses this directly
Where Crypto XVA Fits
The Crypto XVA framework sits at Move 4. The core insight is that DeFi protocol composability creates non-stationary dependency graphs: two protocols may share no risk surface today and be tightly coupled tomorrow, depending on which assets are listed as collateral, which oracle feeds are shared, and which bridges are active. A static adjacency matrix cannot capture this.
The framework formalises risk as an open mapping R : (instrument × regime × jurisdiction) → active risk surfaces rather than a fixed roster of components. The April 2026 Aave / Kelp DAO / LayerZero cascade demonstrated this empirically: the propagation path (bridge exploit → rsETH liquidity compression → Aave V3/V4 borrow utilisation spike) was not visible in any per-position XVA component in isolation. CompVA was designed specifically to capture this cross-protocol, graph-level signal — and the cascade was subsequently reconstructed through the framework as an empirical validation of that design.
Audience
The visual deck targets an informed-general finance audience — Treasury, Risk, and Accounting readers who know what XVA is but have not necessarily worked through the graph-theoretic evolution of risk measurement.
Related Concepts
CompVA
SSRN Paper v3.1
TWAP Paradox
Calculation Methods
Stress Testing
Fair Value Accounting for Digital Assets
ASC 820 / IFRS 13 measurement, ASU 2023-08 recognition, and how the XVA framework connects to financial statement disclosure.
The Core Disambiguation
Most digital-asset accounting questions conflate two independent axes: fair-value input vs. prudential risk reserve (which ledger the number lives in) and Level 1 / 2 / 3 (how observable its inputs are). They connect — your risk response drives the accounting consequence — but they are not the same question. Untangling them is the single most clarifying move in this body of work.
The Two Governing Standards
Two standards define the accounting landscape for digital assets held at fair value:
Standard
What it governs
Key requirement
Effective
ASC 820 (IFRS 13)
How to measure fair value — the exit-price definition, the Level 1/2/3 hierarchy, and the disclosure machinery that fires at Level 3.
Measurement uses the price in the principal (or most advantageous) market; the orderly-exit assumption is load-bearing.
Ongoing — applied to every fair-value measurement
ASU 2023-08
When to apply fair-value measurement to in-scope crypto assets — recognition, remeasurement each reporting period, and new balance-sheet / disclosure requirements.
In-scope crypto assets must be remeasured to fair value each period; gains and losses flow through net income. Eliminates the cost-less-impairment approach for in-scope assets.
Fiscal years beginning after 15 Dec 2024 (calendar-year filers: FY2025)
ASU 2023-08 answers "must I mark this to fair value?" ASC 820 answers "how do I measure that fair value, and at what level?" They are complementary, not alternatives.
The Two Questions — in Order
Before any number goes in the books, two questions must be answered in sequence. Most audit findings in this space trace back to skipping Question 1:
Question 1 — Which ledger?
Is this adjustment a fair-value input, or a prudential risk reserve?
A fair-value input — a market-participant-observable adjustment — belongs inside ASC 820 and hits the financial statements at whatever level its inputs imply.
A prudential risk reserve — a model-risk buffer, a tail-scenario reserve, an XVA that no market participant would independently price — belongs in the risk ledger, labeled non-GAAP. It is reconciled back to the GAAP number but does not itself appear in the financial statements. Booking a prudential reserve as GAAP fair value is the audit finding the framework exists to prevent.
Question 2 — What level?
If it is a fair-value input: what is its lowest significant input?
The Level is set by the lowest significant input, not by any input. A small observable tweak (e.g., a 25 bps bid-side adjustment on a liquid ETH position) does not drag the measurement to Level 2 if it is not significant to the measurement as a whole — the position stays Level 1. Landing at Level 3 pulls in the full disclosure package: the rollforward, the unobservable-input table, and the sensitivity analysis.
ASC 820 Level Hierarchy — Digital Asset Applications
Level
Input type
Digital asset examples
Disclosure burden
Level 1
Quoted prices in active markets for identical assets. No adjustment to the price.
ETH spot on a principal exchange; BTC; liquid large-cap tokens with deep order books and high daily turnover.
Minimal — disclose the quoted price source and fair-value total.
Level 2
Observable inputs other than Level 1. Adjustment required but inputs are market-observable.
Liquid staking tokens where the basis (stETH/ETH discount) is market-observable; tokenized treasuries whose NAV derives from observable T-bill prices; stablecoins with thin secondary markets but observable reserves.
Disclose valuation technique and observable inputs used.
Level 3
Significant unobservable inputs — the entity's own assumptions about what market participants would use.
LP positions in thin DEX pools; governance tokens with blockage concerns; de-peg reserves where no comparable market data exists; XVA reserves that reflect model-risk overlays the market would not independently price.
Full package: Level-3 rollforward, unobservable-input table, sensitivity to significant assumption changes, and valuation-technique narrative.
The Blockage-Factor Prohibition
Under ASC 820, a holder of a large block of a thinly-traded token cannot mark it below the quoted price solely because selling the block would move the market. The unit of account is the individual unit, not the block — the blockage factor is explicitly prohibited at Level 1. This is the most common misapplication for governance-token and concentrated-position holdings.
ASU 2023-08 — In Scope, Out of Scope, Contested
The scope determination is the first accounting decision for any new digital asset position:
Asset type
Scope
Accounting treatment
Bitcoin, Ether, major liquid crypto assets
In scope
Fair value each period; gains and losses in net income. Prior cost-less-impairment approach eliminated for in-scope assets.
Natively staked ETH
In scope
Staked principal in scope; staking rewards recognized as income at receipt. Lock-up / unbonding period triggers a restriction disclosure.
Liquid staking tokens (stETH, rETH)
In scope (likely)
Subject to enforceable-rights confirmation. Peg/basis risk → Level 2 for the observable component; de-peg tail reserve may be Level 3.
Wrapped / bridged assets (wBTC)
Contested
Wrapper creates a new instrument; ASU scope is debated. Bridge counterparty risk (BRVA) compounds the measurement uncertainty.
AMM / DEX LP positions
Out of scope (likely)
LP token is a claim on a pool, not a crypto asset under the ASU definition. Falls back to general ASC 820; impermanent loss recognition is the key accounting challenge.
Tokenized treasuries (BUIDL, USDY)
Out of scope
Underlying is a regulated fund with enforceable rights to the T-bill / MMF portfolio. Account under ASC 320 / 321 for the underlying. Wrapper smart-contract risk is an XVA overlay, not a scope driver.
The Four Risk Responses — and Their Accounting Consequences
The classic risk-management taxonomy (price / hedge / disclose / avoid) connects directly to accounting consequences. They are not the same concept, but they are coupled — your risk response determines which ledger the resulting number lives in:
Risk response
Accounting consequence
Price it
If a market-participant fair-value input → reduces GAAP fair value (inside ASC 820, hits the books at the implied level). If a prudential buffer → risk ledger only (non-GAAP, reconciled but not booked).
Hedge it
Introduces a derivative that is itself fair-valued under ASC 815. Hedge accounting (if designated) changes the timing of gain/loss recognition but does not remove the measurement obligation.
Disclose it
ASU 2023-08 disclosures (significant-holdings table, annual rollforward, cost-basis policy) + ASC 820 leveling table + the full Level-3 package if a reserve genuinely sits in GAAP. Disclosure is never a substitute for measurement — you can and usually must both price and disclose.
Avoid it
No position → no measurement. The decision to avoid still belongs in the governance record.
The Three-Statement Interlock
Fair-value accounting under ASU 2023-08 threads through all three statements. The cash-flow linkage is where most preparers make errors:
Balance sheet — carrying value at fair value on its own line, separate from other intangibles. ASU 2023-08 requires cost basis disclosed alongside fair value.
Income statement — unrealized gains and losses hit net income each period (the key change from prior cost-less-impairment treatment). Realized and unrealized gains must be shown separately — never netted.
Cash flow statement (ASC 230) — an unrealized gain lifted net income, but it is non-cash. Under the indirect method, it must be reversed out in the operating section. At sale, full proceeds appear in investing, and the cumulative gain is reclassified. Failure to reverse the unrealized gain overstates operating cash flow — the most common ASU 2023-08 cash-flow misstatement in practice.
Who Does This at a Firm?
The competency required is the derivative-accounting / XVA skill set. Most firms holding crypto today are corporates with a treasury, a controller, and an external auditor — with no Product Control or Model Risk function. That structural gap is where the advisory opening sits.
Function
Owns
Treasury / Trading desk
The position, P&L, the hold / hedge / sell decision.
Market Risk
The risk ledger, limits, the daily monitor, escalation, XVA reserve methodology.
Product / Valuation Control
Independent price verification (IPV), validating marks, the practical ASC 820 leveling for the books.
Technical Accounting / Controllers
ASU 2023-08 application, journal entries, disclosures — how the number hits all three statements.
Model Risk Management
Independent validation of XVA models under SR 26-2 / OCC 2026-13 (superseding SR 11-7) / CRR Art. 105 AVA / DORA.
External Auditor
Tests all of the above under PCAOB AS 2501 (auditing fair-value estimates).
Model Governance — The Other Axis
Fair-value accounting (ASC 820 / ASU 2023-08) and model governance (SR 26-2 / OCC 2026-13) are distinct regulatory requirements, but they are tightly coupled in practice: a Level-3 number that appears in the financial statements must be produced by a model that has been independently validated. Complying with ASC 820 while skipping model governance leaves the valuation methodology exposed — auditors and regulators increasingly treat model documentation as a pre-condition for accepting Level-3 estimates.
The Governing Regime
SR 26-2 / OCC 2026-13 (effective April 17, 2026, superseding SR 11-7 / OCC 2011-12) is the primary US model risk management standard. It extends the SR 11-7 three-pillar framework (development & implementation, independent validation, governance & controls) to cover AI/ML models and novel quantitative approaches — both of which the Crypto XVA components squarely implicate. Any model whose output influences a financial statement figure or a risk limit falls within scope.
CRR Art. 105 / AVA (Additional Valuation Adjustments) is the closest EU regulatory analog for XVA-style prudential reserves. Under the AVA framework, fair-value positions must carry valuation adjustments for market price uncertainty, close-out costs, concentrated positions, and model risk — each mapping to a component in the Crypto XVA taxonomy. For EU-regulated entities, AVA is arguably the more direct fit than SR 26-2, though the conceptual requirements are similar. CRR Art. 105 makes model risk an explicit capital deduction, not merely a governance requirement.
DORA adds a third layer for EU financial entities: the model infrastructure itself (data feeds, computation, validation pipelines) must satisfy ICT risk management and third-party risk requirements — relevant wherever XVA relies on external oracle feeds or off-chain data providers.
Governance requirement
What it demands for Crypto XVA
Accounting consequence if absent
Model documentation SR 26-2 §III.A
Written methodology for each XVA component: inputs, assumptions, calibration sources, limitations, and the link between the model output and the ASC 820 Level determination.
Auditor cannot assess Level-3 unobservable inputs — likely a disclosure deficiency or qualified opinion.
Independent validation SR 26-2 §III.B
A function independent of the model owner validates the methodology, tests conceptual soundness, and performs ongoing monitoring. For most corporates this means external validation for high-risk-tier models.
Without validation, a Level-3 reserve may not satisfy PCAOB AS 2501’s “sufficient appropriate evidence” standard for fair-value estimates.
Model inventory & risk tiering SR 26-2 §III.C
Each XVA component model must be registered, risk-tiered (high / medium / low), and validated at a frequency commensurate with its tier. Tier III cross-protocol models (CompVA) warrant high-risk classification given their novelty and consequential scope.
An unregistered model whose output appears in the financial statements is a material internal control weakness under SOX §404.
AVA — model risk component CRR Art. 105(10) / EBA RTS 2016/101
For EU-regulated entities, a separate model-risk AVA must be calculated and deducted from CET1, distinct from the GAAP accounting reserve. The AVA and the GAAP reserve are parallel, not interchangeable.
Failure to compute AVA is a prudential reporting violation; auditors increasingly cross-check the GAAP reserve and the AVA for consistency.
The Practical Coupling
A Level-3 XVA reserve flows through two separate approval chains simultaneously: the accounting chain (Technical Accounting signs off the GAAP journal entry and ASC 820 disclosure) and the model governance chain (Model Risk Management validates the underlying methodology under SR 26-2 / OCC 2026-13). Neither chain substitutes for the other. In practice, the model validation report becomes the primary exhibit in the auditor’s Level-3 evidence file — a validated model is a necessary, though not sufficient, condition for a clean opinion on a Level-3 position.
Coming: Worked Examples — Digital Asset Accounting Manual
A chapter-by-chapter worked example set is in development, running a full 10-beat skeleton (position → Tier × Level map → risk measurement → risk-ledger entry → ASC 820 measurement → journal entries → three-statement interlock → disclosure → audit note → the one lesson) for eight instrument types: ETH spot, natively staked ETH, liquid staking tokens, restaking positions, wrapped assets, AMM LP positions, governance tokens, and tokenized RWAs. Each chapter escalates exactly one new accounting dimension. Contact david@crypto-xva.app for early access.
Related Concepts
Accounting Trap
RWVA — Redemption Window
LCVA — Legal/Custody
Tokenized Assets
SSRN Paper v3.1
CompVA
Glossary
All terms from the Crypto XVA framework — alphabetized. Includes DeFi explainers for prospect audiences and policy definitions from Crypto Risk Management Policy v3 Appendix D.