Crypto XVA™ Knowledge Base
A comprehensive reference for the Digital Asset XVA framework, risk management policies, and treasury operations methodology.
What is this?
This wiki documents every concept, formula, threshold, and governance structure in the Crypto XVA™ framework — the methodology for risk-adjusting digital asset treasury positions. It is designed for quick lookup during policy development, client conversations, and Finance Committee presentations.
XVA Components
The valuation adjustments that make up the Crypto XVA framework — an open mapping from instrument, regime, and jurisdiction to active risk surfaces. Current documented components: SVA, SCVA, LCVA, DPVA, OVA, BRVA, GVA, RWVA, and OCVA.
Articles
Core Concepts
The TWAP Paradox, the Accounting Classification Trap, risk-adjusted yield methodology, and calculation approaches.
4 articles
Instruments
Approved stablecoins, tokenized treasuries & MMFs, and DeFi protocols with their XVA profiles and eligibility criteria.
3 articles
Risk Framework
Position limits, escalation matrix, sweep & funding operations, regulatory compliance, and governance structure.
5 articles
Treasury Policies
FX hedging, intercompany netting, short-term investments, delegation of authority, and jurisdictional rules.
5 articles
Use Cases & Technology
Five XVA application scenarios with worked examples, plus the on-chain smart contract architecture.
2 articles
SVA — Stablecoin Valuation Adjustment
Quantifies the risk that a stablecoin de-pegs from its reference currency.
Definition
SVA captures the expected loss from a stablecoin losing its 1:1 peg to the reference fiat currency. It is the single most important XVA component for stablecoin holdings because it directly challenges the assumption that $1 USDC = $1 USD at all times.
SVA = P(de-peg) × E[severity] × Notional × (1 + 0.4 × HoldingPeriod / 365)
The holding-period multiplier reflects that longer exposures increase the probability of encountering a depeg event.
Typical Values by Stablecoin
| Stablecoin | SVA (bps) | Driver | Historical Reference |
|---|
| USDC (Circle) | 18 | Low depeg history, GENIUS Act compliant, MiCA EMT | Depegged to $0.87 during SVB crisis (March 2023), restored in 7 days |
| USDP (Paxos) | 6 | Tight peg, NYDFS regulated, T-Bill reserves | Minimal deviation (<0.5%) historically |
| PYUSD (PayPal) | 22 | Limited stress-test history, fintech issuer | Launched Aug 2023, limited track record |
| USDT (Tether) | 30 | Multiple depegs, improving but lagging transparency | Depegged during LUNA (May 2022) and FTX (Nov 2022) |
Limits & Escalation
SVA has specific thresholds defined in the policy (§8.3):
| Level | Threshold | Action |
|---|
| Warning | 15 bps | Treasurer notification; enhanced monitoring |
| Hard Limit | 30 bps | Position prohibited; immediate exit if existing |
Calculation Method
SVA is calculated using Bayesian inference. The prior on P(de-peg) is updated with each new reserve attestation, on-chain depeg event, and issuer credit signal. For example, when Tether’s reserve attestation is 12+ days stale, the Bayesian prior shifts upward (e.g., from 1.5% to 1.8%).
Real-World Example
In the risk positions prototype, USDT shows SVA at 14.2 bps approaching the 15 bps warning threshold, driven by a 12-day-old attestation that increased the Bayesian P(de-peg) prior from 1.5% to 1.8%.
SCVA — Smart Contract Valuation Adjustment
Captures the risk of loss from smart contract exploits, bugs, or vulnerabilities.
Definition
SCVA quantifies the expected loss from smart contract failure — whether from code exploits, logic errors, upgrade vulnerabilities, or governance attacks. Unlike traditional counterparty credit risk, this is a purely technological risk with fat-tailed loss distributions.
SCVA = P(exploit) × LGD × Notional
For the TWAP Paradox context, SCVA also has a lag component: SCVA_lag ≈ LGD × P(mismatch) × σ × √(τ), capturing the staleness risk of oracle pricing mismatches over the TWAP window.
Key Inputs
| Input | Source | Typical Range |
|---|
| Audit score | Trail of Bits, OpenZeppelin, etc. | 0.78 – 0.95 |
| Critical findings | Audit reports | 0 – 2 |
| Months since audit | Tracking | 2 – 4 |
| P(exploit) | Bayesian posterior | 0.1% – 1.0% |
| LGD | Historical exploit database | 20% – 100% |
Limits
Warning at 10 bps, hard limit at 25 bps. Escalation to Risk Committee. In the positions prototype, BUIDL carries SCVA of 8 bps (P(exploit) = 0.3%, LGD = 25%).
LCVA — Legal/Custody Valuation Adjustment
Captures the risk of loss from legal uncertainty, custody structure, and regulatory change.
Definition
LCVA is the valuation adjustment for legal and custody risk — the possibility that regulatory changes, adverse legal interpretations, or custodial failures cause a loss of access to, or value of, digital asset holdings. It compounds over time, reflecting the cumulative exposure to regulatory uncertainty.
LCVA = P(legal event) × LGD × Notional × (1 + 0.3 × HoldingPeriod / 365)
Drivers
LCVA is the largest single XVA component on average across positions (18.2 bps portfolio-weighted). Key drivers include:
- Pending regulatory guidance — e.g., SEC guidance on tokenized fund custody under the Investment Company Act
- Custody structure — whether assets are segregated, bankruptcy-remote, and held by regulated custodians
- Jurisdictional variation — different legal treatment across US, EU, Singapore, Hong Kong
- Issuer regulatory status — GENIUS Act compliance, MiCA authorization, state licensing
Limits
Warning at 25 bps, hard limit at 50 bps. Escalation to CFO + Legal. In the positions prototype, BUIDL’s LCVA is at 27 bps (above warning), driven by pending SEC guidance. Outside counsel opinion expected by 18 Apr 2026.
DPVA — NAV/Redemption Valuation Adjustment
Captures the risk that tokenized fund NAV diverges from par or redemptions are delayed.
Definition
DPVA applies specifically to tokenized assets like BlackRock BUIDL, Ondo USDY, and Franklin OnChain. It quantifies the expected loss from NAV deviation under stress and redemption delays.
DPVA = P(stress scenario) × E[NAV discount under stress]
For BUIDL: P(stress) = 20%, E[NAV discount] = 75 bps → DPVA = 15 bps.
Values by Instrument
| Instrument | DPVA | Redemption Window | Driver |
|---|
| BlackRock BUIDL | 15 bps | T+1 | Tokenized treasuries; institutional-grade but novel structure |
| Ondo USDY | 12 bps | T+2 | Tokenized MMF; yield-bearing, slightly longer redemption |
| Franklin OnChain | 8 bps | T+1 | SEC-registered fund; established manager, lower structural risk |
OVA — Oracle Valuation Adjustment
Captures the risk of loss from oracle manipulation, staleness, or failure.
Definition
OVA quantifies the risk that price oracle feeds are manipulated, stale, or unreliable — leading to mispriced positions. This is the dominant risk factor during crypto stress periods and is central to the TWAP Paradox.
OVA ∝ 1 / (τ × n × f × depth)
Where τ = TWAP window, n = number of oracle sources, f = update frequency, depth = market depth. The inverse relationship with τ creates the paradox: shorter windows reduce staleness but increase manipulation risk.
Sub-Factors
| Factor | Normal | Stressed | Source |
|---|
| Oracle deviation z-score | 0.4 | 3.4 | On-chain, ~12s latency |
| Oracle staleness | No | Yes (feeds delayed) | Heartbeat monitoring |
| Oracle redundancy | Intact (multiple sources) | Lost (single source) | Feed count |
In the Liquidity Monitor
OVA carries the highest weight (30%) in the Crypto XVA Aggregate formula. During the Feb 2026 stress scenario, OVA surged from 0.09 to 0.61 — the dominant driver of the aggregate breaching the critical threshold.
BRVA — Bridge Risk Valuation Adjustment
Captures the risk of loss from cross-chain bridge failures, exploits, or concentration.
Definition
BRVA quantifies the risk unique to cross-chain bridges — the infrastructure that moves assets between blockchains. Bridge exploits have historically been among the largest loss events in DeFi (Wormhole: $320M, Ronin: $625M).
BRVA = f(concentration, decentralization_risk, exploit_history)
Sub-Factors
| Factor | Normal | Stressed |
|---|
| Concentration (single bridge %) | 0.32 | 0.46 |
| Decentralization risk | 0.18 | 0.25 |
| Exploit score | 0.05 | 0.18 |
Limits & Current Status
Warning at 20 bps, hard limit at 50 bps. Escalation to Treasurer. In the risk positions prototype, Wormhole BRVA has breached at 52 bps after TVL dropped 18% over 48h following a validator set rotation. Auto-pause triggered on new bridge transfers.
Approved bridges: Wormhole, LayerZero, CCIP (Chainlink). Maximum bridge exposure: $5M or 10% of digital portfolio.
GVA — Gas Valuation Adjustment
Captures the expected cost variance from blockchain gas/execution fees.
Definition
GVA quantifies the expected transaction cost risk — that gas fees spike during periods of high network demand, increasing the cost of executing sweeps, funding operations, or emergency exits.
GVA = E[gas cost] + P(gas spike) × E[excess cost above normal]
Typically a small component (0.5–2 bps) for Ethereum mainnet operations, but can spike during network congestion.
Limits
GVA is often combined with OVA for reporting. Combined GVA + QVA warning at 5 bps, hard limit at 15 bps. Escalation to Treasury Ops. Current worst: 2.5 bps combined.
RWVA — Redemption Window Valuation Adjustment
Quantifies the fair-value discount arising from contractually constrained redemption windows in tokenized assets.
Definition
RWVA quantifies the fair-value discount arising from contractually constrained redemption windows (including T+1 or longer queue delays), capturing the cost of time-to-liquidity impairment relative to instantaneous-redemption benchmark pricing under ASC 820 / IFRS 13. It applies to tokenized assets with defined redemption windows (T+0, T+1, T+2) and quantifies the expected cost of being unable to exit a position within the expected timeframe.
RWVA = P(redemption queue) × E[delay cost]
BUIDL: RWVA = 3 bps (T+1 window). Ondo USDY: RWVA = 4 bps (T+2 window).
ASC 820 / IFRS 13 Context
Under ASC 820 / IFRS 13, a contractually constrained redemption window is a valuation input that affects the Level-2 or Level-3 fair-value measurement of the instrument. RWVA prices this constraint explicitly into the risk-adjusted yield deduction, rather than leaving it as an undisclosed liquidity assumption buried in NAV pricing. This is distinct from DPVA, which captures NAV deviation under stress; RWVA captures the time-to-liquidity cost even when NAV is at par.
OCVA — Operational Valuation Adjustment
Captures operational risk: outages, key management failures, human error.
Definition
OCVA is the catch-all for operational risk in digital asset management — wallet infrastructure outages, key management failures, signing errors, and process breakdowns.
OCVA = P(outage) × E[delay cost]
Typically small (0.5–1.3 bps) but can become material during infrastructure incidents. Mitigated by approved service providers (Fireblocks, Coinbase Prime) with SOC 2 Type II attestations.
The TWAP Paradox
There is no oracle TWAP window that simultaneously minimises manipulation, staleness, and regime-shift risk.
Core Insight
Every protocol is choosing a point on a three-way trade-off. The optimal window τ* is an interior minimiser whose location shifts with market conditions. Unlike TradFi counterparty risk, these parameters are controllable at the protocol level — creating a new kind of due diligence for institutional capital.
The Three Competing Risks
| Risk | XVA Component | Behavior with τ | Mechanism |
|---|
| Manipulation | OVA(τ) | Decreases with longer τ | Longer averaging window dilutes attack capital |
| Staleness | SCVA_lag(τ) | Increases with longer τ | Stale prices create mismatch between oracle and market |
| Cascade/Regime-shift | LRVA(τ) | Non-monotonic (U-shaped) | Short windows amplify; long windows delay response |
The Total Cost Function
Φ(τ) = OVA(τ) + SCVA_lag(τ) + LRVA(τ) + CCVA(τ)
CCVA is the correlation/non-additivity term that scales with volatility. The optimal window τ* minimises Φ and is sensitive to four controllable parameters:
- Volatility (σ) — higher volatility shifts τ* shorter
- Market depth — deeper markets allow shorter windows
- Oracle sources (n) — more sources reduce manipulation risk
- Update frequency (f) — faster updates improve freshness
Typical τ* Values
At default parameters (σ=80%, medium depth, 3 sources, 5s updates): τ* ≈ 6–15 minutes with total Φ(τ*) around 55–85 bps. Under stress (σ=200%, shallow depth): τ* compresses to 2–5 minutes.
The Accounting Classification Trap
A stablecoin and a T-bill can both be “cash equivalents” under ASC 230 — but they carry fundamentally different risk profiles.
Core Insight
The accounting is solved. The risk-adjustment is not. ASC 230 and IFRS equivalents can classify both T-bills and stablecoins as cash equivalents, creating an illusion of equivalence that masks materially different risk profiles. The Crypto XVA framework exists to close this gap.
The Problem
A 3-month T-bill and a USDC stablecoin holding may receive identical accounting classification, but the T-bill carries ~2 bps of XVA (sovereign credit only) while USDC carries ~60 bps (SVA + SCVA + LCVA). The headline yield spread of 5–10 bps in favor of stablecoins is often more than consumed by the XVA deduction.
Risk-Adjusted Comparison
| Metric | 3-Month T-Bill | USDC (Circle) |
|---|
| ASC 230 Classification | Cash Equivalent | Cash Equivalent |
| Gross Yield | 4.80% | 4.85% |
| Total XVA | 2 bps | ~60 bps |
| Risk-Adjusted Yield | 4.78% | ~4.25% |
This is why risk-adjusted yield is the correct metric for treasury decision-making, not headline yield.
Risk-Adjusted Yield
The true return on a digital asset position after deducting all XVA components.
Formula
Risk-Adjusted Yield = Gross Yield − Total XVA (annualized bps)
This is the central metric of the framework. It answers the question: “What is this instrument actually returning once we account for all the digital-asset-specific risks?”
Portfolio Comparison
| Instrument | Gross Yield | XVA (bps) | Risk-Adj Yield |
|---|
| T-Bills (3m) | 4.80% | 2 | 4.78% |
| Stablecoins (blend) | 4.90% | 55 | 4.35% |
| Tokenized Deposits | 5.25% | 75 | 4.50% |
| DeFi Lending | 7.20% | 145 | 5.75% |
DeFi lending has the highest headline yield AND the highest risk-adjusted yield, but also the widest risk band. The portfolio question is how to allocate across these instruments to maximize risk-adjusted return within position limits.
Calculation Methods
The three-tier methodology for computing XVA components: Deterministic, Bayesian, and Monte Carlo.
Method Selection Framework
| Method | Components | When to Use | Status |
|---|
| Deterministic | GVA (base), OCVA, simple FXVA | Inputs are observable and stable; closed-form sufficient | Always active |
| Bayesian Inference | SVA, SCVA, OVA, BRVA, LCVA | Sparse historical data; need to update priors with new signals | Calibrated periodically (every ~2 days) |
| Monte Carlo | DPVA (stress), KVA, MVA | Path-dependent risks with fat tails; need loss distributions | 10K paths per simulation |
| Hybrid Bayesian + MC | De-peg cascades, black swan scenarios | Extreme tail risk with cascading dependencies | Quarterly run |
Data Sources
| Source | Feed | Latency |
|---|
| On-chain | TVL, gas, MEV, oracle liveness | ~12s |
| Off-chain | Reserve attestations, NAV | Daily |
| Market Micro | FX vol, slippage curves | ~5min |
| Event DB | Exploit history, de-pegs | Manual updates |
Stablecoins
Approved stablecoin holdings with XVA profiles, regulatory status, and concentration limits.
Approved Stablecoins (§7.1)
| Stablecoin | Regulatory Status | Max Exposure | SVA Range | Key XVA Components |
|---|
| USDC (Circle) | GENIUS Act ✓ MiCA EMT ✓ | 25% of digital portfolio | 5–10 bps | SVA + LCVA + GVA |
| EURC (Circle) | MiCA EMT ✓ | 15% of digital portfolio | 10–15 bps | SVA + LCVA + GVA |
| USDT (Tether) | Varies by jurisdiction | 15% of digital portfolio | 15–25 bps | SVA + LCVA + GVA + OCVA |
| Bank-issued | GENIUS Act subsidiary | Per counterparty limits | ~5 bps | SVA + LCVA |
Current Portfolio ($21.5M total)
USDC: $12.5M (at 25% limit) • USDT: $5.2M (11%) • EURC: $3.8M (8.1%)
Tokenized Assets
Tokenized treasuries and money market funds with XVA-adjusted yield analysis.
Approved Tokenized Assets (§7.2)
| Asset | Type | Headline Yield | Total XVA | Adj. Yield | Key Components |
|---|
| BlackRock BUIDL | Tokenized Treasury | 5.20% | 42 bps | 4.78% | DPVA(15) + LCVA(12) + SCVA(8) + OVA/GVA(4) + RWVA(3) |
| Ondo USDY | Tokenized MMF | 5.00% | 38 bps | 4.62% | DPVA(12) + LCVA(12) + SCVA(6) + OVA(3) + RWVA(4) + GVA(1) |
| Franklin OnChain | Tokenized MMF | 5.05% | 24 bps | 4.81% | DPVA(8) + LCVA(7) + SCVA(4) + OVA(2) + RWVA(2) + GVA(1) |
| Superstate funds | Tokenized MMF | TBD | TBD | TBD | Approved, no current position |
Key Observation
Franklin OnChain has the highest risk-adjusted yield (4.81%) among tokenized assets despite not having the highest headline yield — because its XVA is materially lower (24 bps vs. 42 bps for BUIDL). This demonstrates why risk-adjustment changes the ranking.
DeFi Protocols
Approved DeFi protocols, chains, and bridges with XVA requirements.
Approved Protocols (§7.3)
| Category | Approved | XVA Requirement | Conditions |
|---|
| Layer 1 Chains | Ethereum Mainnet, Base (L2), Solana | Chain-specific GVA calibration | — |
| DEX Protocols | Uniswap V3/V4, Curve | SCVA + OVA | Stablecoin swaps only; SCVA < 25 bps |
| Bridges | Wormhole, LayerZero, CCIP | BRVA < 50 bps | Continuous monitoring; Wormhole currently breached |
DeFi Lending Risk Profile
DeFi lending carries the highest XVA at 145 bps (blend) but also the highest gross yield at 7.20%, resulting in a risk-adjusted yield of 5.75%. DeFi exposure is capped at 5% of the digital portfolio per §8.2.
Limits & Thresholds
Position limits, XVA-based restrictions, and aggregate exposure controls from §8.
XVA-Based Position Limits (§8.1)
| Total XVA | Max Position | Action Required |
|---|
| < 25 bps | Up to 100% of approved limit | Standard monitoring |
| 25–50 bps | Up to 75% of approved limit | Enhanced monitoring; CFO notification |
| 50–100 bps | Up to 50% of approved limit | Risk Committee review required |
| > 100 bps | Position prohibited | Immediate exit if existing position |
Aggregate Exposure Limits (§8.2)
| Limit | Current | Maximum | Status |
|---|
| Total Digital Assets / Portfolio | 7.8% | 10% | OK |
| Max Single Issuer (USDC/Circle) | 26.5% | 25% | At limit |
| Max Single Protocol | 4.9% | 15% | OK |
| Max Single Chain (Ethereum) | 34% | 40% | Near |
| DeFi Protocol Exposure | 4.9% | 5% | Near limit |
| Cross-Chain Bridge | $1.2M | $5M | OK |
Individual XVA Component Limits (§8.3)
| Component | Warning | Hard Limit | Escalation |
|---|
| SVA | 15 bps | 30 bps | Treasurer |
| SCVA | 10 bps | 25 bps | Risk Committee |
| LCVA | 25 bps | 50 bps | CFO + Legal |
| BRVA | 20 bps | 50 bps | Treasurer |
| GVA + QVA | 5 bps | 15 bps | Treasury Ops |
Escalation Matrix
Who gets notified at each threshold, and what exception authority exists (§13).
Exception Approval Authority (§13.1)
| Exception Type | Approval Authority | Time Limit |
|---|
| Temporary XVA exceedance | Treasurer with CFO notification | < 48 hours |
| Extended XVA exceedance | CFO approval required | > 48 hours |
| Non-approved stablecoin or protocol | CFO + Risk Committee | Until reviewed |
| Aggregate limit exceedance | Board Finance Committee | Until resolved |
| Policy amendment | Board Finance Committee | Annual cycle |
Sweep & Funding Operations
Automated fiat-crypto sweep execution, funding triggers, and cross-chain movements (§9).
Sweep Formula (§9.1)
Sweep Amount = Available Balance − Min Retained ($50K) − 24h Projected Outflows
Execute if Sweep Amount > $100,000 threshold
Sweeps execute daily at 16:00 local (after settlement finality). Currency matching: USDC→USD, EURC→EUR.
Funding Trigger (§9.2)
If (Projected Outflows × 1.05) > Current Stablecoin Balance → Fund at 08:00
5% safety buffer above projected outflows. Same-day settlement for funding triggered at 08:00.
Regional Sweep Timing
| Region | Sweep Time | Funding Time | Cut-off |
|---|
| Domestic (US) | 5:00 PM ET | 8:00 AM ET | After same-day settlement finality |
| European | 4:00 PM CET | 8:00 AM CET | After TARGET2 settlement |
| APAC | 4:00 PM local | 8:00 AM local | After local RTGS settlement |
Minimum Balance Thresholds
Operating accounts retain a minimum balance after sweep to cover next-day operational needs. Standard minimum: $50,000 or local currency equivalent. Emergency threshold: if balance exceeds $5M outside scheduled sweep time, an ad-hoc sweep is triggered with Treasurer notification. Funding horizon: maintain 1.05× projected outflows (5% safety buffer).
Exception Handling
Failed sweeps retry up to 3 times with 15-minute intervals. After 3 failures: alert to Treasury Ops + Treasurer. Manual override available for critical funding with dual approval. Weekend/holiday sweeps: pre-positioned on prior business day for known obligations.
Cross-Chain (§9.4)
Treasurer approval required for bridge transfers >$500K. Bridge failure fallback activates if delay >4 hours. BRVA must be <50 bps for bridge execution. See Smart Contract Architecture for the on-chain anchoring of sweep execution proofs.
Tax Impact (§11.3)
| Activity | Tax Treatment |
|---|
| Stablecoin → Fiat sweeps | Taxable; recognize gain/loss on stablecoin |
| Fiat → Stablecoin funding | Acquisition; establish cost basis |
| Cross-chain bridges | Same-wallet transfer (not taxable) |
| Stablecoin → Stablecoin swaps | Taxable exchange |
Regulatory Compliance
Multi-jurisdictional compliance framework per §10.
Jurisdictional Coverage
| Jurisdiction | Key Regulations | Status |
|---|
| United States | GENIUS Act, BSA/AML, OFAC, SEC, Travel Rule, BitLicense | Compliant (SEC custody guidance pending) |
| European Union | MiCA (EMT/CASP), MiFID II, EMIR, DORA | Compliant |
| Singapore | MAS PSA, SFA classification | Compliant |
| Hong Kong | VASP license, Stablecoin Ordinance | 1 item pending |
United States — Federal Regulatory Landscape
| Agency | Scope | Key Requirements |
|---|
| SEC | Securities classification, custody | Howey test for tokens; custody rule for investment advisers; pending tokenized fund guidance |
| CFTC | Commodities, derivatives | Bitcoin/ETH classified as commodities; DeFi derivatives oversight |
| FinCEN | AML/KYC | BSA compliance, Travel Rule ($3K threshold), suspicious activity reporting |
| OCC | National banks | Interpretive letters on custody, stablecoin reserves, blockchain settlement |
| GENIUS Act | Payment stablecoins | Reserve requirements (100% high-quality liquid assets), issuer licensing, consumer protection |
| OFAC | Sanctions | Wallet screening; Tornado Cash precedent; SDN list compliance |
| IRS | Tax reporting | Digital asset broker reporting (Form 1099-DA); cost basis tracking |
| State regulators | Money transmission | BitLicense (NY), state money transmitter licenses |
European Union
MiCA (Markets in Crypto-Assets): Full framework effective June 2024. EMT (e-money tokens) and ART (asset-referenced tokens) classifications. CASP licensing for service providers. Reserve requirements for stablecoin issuers. MiFID II / EMIR: Applies when tokenized assets qualify as financial instruments. DLT Pilot Regime: Sandbox for DLT-based market infrastructure. DORA: Digital operational resilience requirements for financial entities.
Asia-Pacific & Other Key Jurisdictions
| Jurisdiction | Framework | Status |
|---|
| Singapore | PSA (Payment Services Act), SFA (Securities & Futures Act), MAS guidelines | Comprehensive |
| Hong Kong | AMLO (VASP licensing), HKMA stablecoin framework, Stablecoin Ordinance | Evolving |
| Japan | PSA (stablecoins), FIEA (security tokens), FSA oversight | Comprehensive |
| UAE | VARA (Dubai), ADGM (Abu Dhabi), CBUAE for stablecoins | Progressive |
| UK | FSMA (Financial Services & Markets Act amendments), FCA registration, DSS Bill | In progress |
Global Standards Bodies
BIS / Basel Committee: Prudential treatment of crypto-asset exposures (Group 1a/1b/2). FATF: Travel Rule (Recommendation 16), VASP licensing guidance. IOSCO: 18 policy recommendations for crypto/DeFi markets. FSB: High-level framework for crypto-asset activities (9 recommendations). IMF: Crypto-Asset Reporting Framework (CARF) for cross-border tax transparency.
Restricted Jurisdictions (§11.2)
China: Cross-border crypto prohibited; all crypto trading banned since 2021. India: 30% tax on crypto gains; 1% TDS; restricted but not banned. Venezuela: CADIVI/CENCOEX restrictions; VES-only netting. Capital control jurisdictions require per-transaction regulatory checks.
Approved Service Providers (Appendix C)
All providers must have SOC 2 Type II, segregated custody, and bankruptcy-remote structures: Coinbase Prime (custodian), Fireblocks (wallet infra), Circle (issuer), Anchorage Digital (OCC-chartered custodian).
Governance
Roles, responsibilities, and policy review structure per §4 and §14.
Roles & Responsibilities (§4)
| Role | Responsibilities |
|---|
| Board of Directors | Approves policy, reviews effectiveness annually, sets max aggregate exposure limits |
| CFO | Implements and oversees crypto risk program, approves XVA methodologies |
| Treasurer | Executes strategies, monitors XVA, manages sweep/funding, maintains custodian relationships |
| Risk Management | Calculates XVA, validates models, performs stress tests, escalates breaches |
| Compliance Officer | Ensures regulatory adherence, monitors developments, maintains AML/KYC |
| Tax Department | Transfer pricing, sweep tax implications, gain/loss recognition |
Reporting Cadence (§12)
Daily: Position report, XVA dashboard, sweep execution, exceptions. Weekly: XVA trends, protocol health, regulatory updates. Monthly: Comprehensive XVA, risk-adjusted returns, counterparty exposure, tax lots, compliance. Quarterly: Board strategy review, model validation, compliance certification.
Policy Review (§14)
Annual review by Finance Committee. This policy is subordinate to the Corporate Treasury Policy and overall Investment Policy. Interim amendments can be proposed by Treasurer for material market or regulatory changes.
Risk Positions Dashboard
Real-time position monitoring with XVA decomposition, limit utilization, alerts, and sweep execution tracking.
What This Covers
The Risk Positions prototype is the operational control centre for the Crypto XVA framework. It provides a live dashboard, position-level XVA decomposition, sweep & funding tracking, limit monitoring, alert management, compliance status, reporting, approved asset reference, and governance views — all in a single interface.
Dashboard Metrics (as of 12 Apr 2026)
| Metric | Value | Status |
|---|
| Total Digital Asset Exposure | $47.2M | 7.8% of portfolio (limit 10%) |
| Aggregate XVA | 28.4 bps | Enhanced monitoring zone (25–50 bps) |
| Risk-Adjusted Yield | 4.67% | Headline 4.95% − XVA 28 bps |
| Active Alerts | 3 | 1 Critical 2 Warning |
Position Breakdown (6 Active Positions)
| Asset | Type | Holding | XVA | Adj. Yield | Status |
|---|
| USDC | Stablecoin | $12.5M | 7 bps | — | Normal |
| USDT | Stablecoin | $5.2M | 22 bps | — | Watch |
| EURC | Stablecoin | $3.8M | 12 bps | — | Normal |
| BUIDL | Tokenized Treasury | $15.0M | 42 bps | 4.78% | Enhanced |
| Ondo USDY | Tokenized MMF | $8.2M | 38 bps | 4.62% | Normal |
| Franklin OnChain | Tokenized MMF | $2.5M | 24 bps | 4.81% | Normal |
Allocation: Stablecoins $21.5M (45%), Tokenized Treasuries $12.7M (27%), Tokenized MMFs $10.7M (23%), DeFi $2.3M (5%).
XVA Monitor
Portfolio-weighted XVA of 28.4 bps sits in the 25–50 bps enhanced monitoring zone. Largest single component: LCVA averaging 18.2 bps across positions. Two components in warning status: BRVA (Wormhole breached at 52 bps) and USDT SVA approaching 15 bps threshold.
| Position | SVA | SCVA | LCVA | DPVA | OVA | BRVA | GVA | RWVA | OCVA | Total |
|---|
| USDC | 5 | — | 1 | — | — | — | 0.5 | — | 0.5 | 7 |
| USDT | 14.2 | — | 4 | — | — | — | 2.5 | — | 1.3 | 22 |
| BUIDL | — | 8 | 12 | 15 | 4 | — | — | 3 | — | 42 |
| Ondo USDY | — | 6 | 12 | 12 | 3 | — | 1 | 4 | — | 38 |
| Franklin | — | 4 | 7 | 8 | 2 | — | 1 | 2 | — | 24 |
Active Alerts
Critical: BRVA Limit Breach — Wormhole
BRVA reached 52 bps (hard limit 50 bps). TVL dropped 18% over 48h following validator set rotation. Auto-pause triggered on new bridge transfers. Escalated to Treasurer.
Warning: USDT SVA Approaching Threshold
SVA at 14.2 bps (warning at 15 bps). Reserve attestation 12 days old, increasing Bayesian P(de-peg) prior from 1.5% to 1.8%.
Warning: BUIDL LCVA Elevated
LCVA at 27 bps (warning at 25 bps). Driven by pending SEC guidance on tokenized fund custody. Outside counsel opinion expected by 18 Apr 2026.
Prototype Pages
The full risk positions prototype includes 9 operational pages: Dashboard, Position Monitor, XVA Monitor (with heatmap), Sweep & Funding (execution timeline), Limits (utilization bars), Alerts (critical/warning/info), Regulatory (compliance cards), Reports (daily/weekly/monthly/quarterly), Approved Assets (reference table), and Governance (roles & responsibilities).
Liquidity Risk Monitor
The unified TradFi + Crypto XVA early-warning engine.
Three-Domain Architecture
The monitor tracks risk across three domains simultaneously, using a worst-of approach for consolidated status:
| Domain | Key Metrics | Warning/Critical Thresholds |
|---|
| Liquidity | Unsecured spread, JPY basis, 24h delta, liquidity ratio | Unsecured: 50/100 bps; JPY: 115/135 bps |
| Market / XVA | 30d z-score, 5d % change, FVA cumulative, CVA cumulative | Z-score: 2σ/3σ; 5d%: varies |
| Crypto XVA | Aggregate add-on, adjusted exposure, TVL vs 30d, oracle dev z | Aggregate: 22%/32% |
Crypto XVA Aggregate Formula
Crypto XVA = Exposure × (0.25 × LVA + 0.30 × OVA + 0.25 × SCVA + 0.20 × BRVA)
Weights reflect the relative importance: OVA carries the highest weight (30%) as oracle risk is the most dynamic and consequential factor. SCVA and LVA at 25% each, BRVA at 20%.
Stress Scenario: Jan/Feb 2026
The prototype demonstrates a 42-day stress arc. The Crypto XVA Aggregate climbed from 11.2% to 34.2% (peaking Feb 13), driven by OVA surging from 0.09 to 0.61 (oracle deviation z-score hitting 3.4σ) and BRVA from 0.21 to 0.38 (concentration spike + exploit history). The monitor correctly flagged the transition from Normal → Warning → Critical and recommended specific actions at each stage.
Stress Testing
How the framework behaves under extreme but plausible scenarios.
Design Principles
The stress scenarios are designed to test the framework against historical analogs and hypothetical extremes. The Jan/Feb 2026 scenario in the Liquidity Monitor combines:
- A TradFi liquidity squeeze (unsecured funding spike to 119 bps, JPY basis to 142 bps)
- A crypto-native stress (TVL drop, oracle staleness, bridge concentration, new critical findings)
- Correlation between domains (crypto stress amplifying funding stress)
Peak Stress Values (Feb 13, 2026)
| Metric | Normal (Jan 1) | Peak Stress (Feb 13) | Factor |
|---|
| Unsecured spread | 38.8 bps | 119.3 bps | 3.1× |
| JPY basis | 95 bps | 142 bps | 1.5× |
| Crypto XVA Aggregate | 11.2% | 34.2% | 3.1× |
| OVA | 0.090 | 0.610 | 6.8× |
| LVA | 0.020 | 0.180 | 9.0× |
| BRVA | 0.210 | 0.380 | 1.8× |
FX Hedging Policy
Foreign exchange risk management framework with target hedge ratios, permitted instruments, and recommendation procedures.
Policy Overview
The FX hedging policy covers both traditional TradFi hedging (for multinational corporate treasury) and digital-asset-specific considerations where stablecoin FX pairs (e.g., USDC/EUR via EURC) introduce new hedging dynamics. The framework applies to all entities with non-functional currency exposures exceeding $500K equivalent.
Target Hedge Ratios by Maturity
| Months to Maturity | Target Hedge Ratio | Permitted Range |
|---|
| 0 – 3 months | 90% | 80% – 100% |
| 3 – 6 months | 75% | 60% – 90% |
| 6 – 12 months | 50% | 30% – 70% |
| 12 – 24 months | 25% | 10% – 40% |
Hedge Ratio Formula
Hedge Ratio = Notional Value of Hedging Instruments / Total Exposure in Foreign Currency
Calculated per currency pair. Reviewed weekly; rebalanced when ratio drifts outside the permitted range by more than 5 percentage points.
Permitted Hedging Instruments
| Instrument | Max Tenor | Use Case |
|---|
| FX Forward contracts | 24 months | Primary hedging tool for forecast exposures |
| FX Swaps | 12 months | Liquidity management and rollover |
| Purchased FX Options | 12 months | Protection with upside retention (requires CFO approval) |
| Cross-currency swaps | 5 years | Long-term debt hedging only |
Prohibited: Selling naked options, speculative FX positions, leveraged FX derivatives, binary/exotic options.
Hedge Recommendation Procedure
Step 1: Identify all non-functional currency exposures by entity and currency pair. Step 2: Categorize exposures by maturity bucket. Step 3: Calculate current hedge ratio per bucket. Step 4: Compare to target ratio and determine gap. Step 5: Select appropriate instrument and counterparty. Step 6: Obtain required approvals per Delegation of Authority. Step 7: Execute and confirm. Step 8: Document hedge designation (if hedge accounting applied).
Intercompany Netting
Hub-and-spoke multilateral netting framework with FX rules, transfer pricing addendum, and worked example.
Three-Level Agreement Structure
| Level | Agreement | Purpose |
|---|
| Level 1 | HQ Netting Policy | Group-wide framework, currency rules, frequency, governance |
| Level 2 | HQ ↔ Pool Header | Regional pooling arrangements, target balances, escalation |
| Level 3 | Pool Header ↔ Subsidiary | Entity-specific netting schedules, minimum thresholds, cut-off times |
Hub-and-Spoke Model
Central treasury (HQ) acts as the netting centre. Regional Pool Headers (e.g., EU Pool, APAC Pool, Americas Pool) aggregate subsidiary positions before settling net amounts with HQ. This reduces the number of cross-border payments from O(n²) bilateral to O(n) hub-spoke, cutting transaction costs and FX spread leakage.
Worked Example
4-Entity Netting Cycle
Gross obligations: €2,650K across 4 subsidiaries (Sub A owes B €500K, A owes C €300K, B owes C €450K, B owes D €200K, C owes A €350K, D owes A €400K, D owes B €450K).
Net positions after multilateral netting: Sub A receives €50K net, Sub B pays €300K net, Sub C receives €100K net, Sub D pays €150K net (total: 3 payments vs. 7 gross).
Savings: ~57% reduction in payment count, ~40% reduction in FX transaction costs.
Transfer Pricing Addendum
Intercompany FX conversions within the netting cycle must include an arm’s-length markup to satisfy transfer pricing requirements:
| Currency Type | Markup (bps) | Benchmark |
|---|
| G10 currencies (standard) | 0 – 10 bps | WM/R fix ± observable spread |
| Exotic / restricted currencies | 10 – 25 bps | Local market quotes |
| Stablecoin conversions | 5 – 15 bps | On-chain DEX mid-rate |
Netting Cycle Timing
Standard cycle: Monthly, with cut-off on T-5 business days before month-end. Submission deadline for intercompany invoices: T-7. Dispute resolution window: T-5 to T-3. Net settlement: Last business day of month. Emergency ad-hoc netting available with Treasurer approval for amounts >$1M.
Short-Term Investment Policy
Approved traditional instruments, diversification limits, and category constraints for short-term cash deployment.
Context
This policy covers the traditional (TradFi) side of cash management — the instruments that form the base of the treasury portfolio before digital asset allocations. The stablecoin and tokenized asset policies sit alongside this as the digital extension.
Approved Instruments
| Instrument | Max Tenor | Min Credit Rating | Notes |
|---|
| Bank time deposits | 12 months | A- (S&P) / A3 (Moody’s) | Primary liquidity tool |
| Certificates of deposit (CDs) | 12 months | A- | Negotiable CDs preferred |
| Commercial paper (CP) | 270 days | A-1 / P-1 | SEC Rule 2a-7 eligible only |
| US Treasury bills | 12 months | Sovereign | Benchmark risk-free; unlimited allocation |
| Government agency securities | 12 months | Sovereign / AA- | GSE obligations (FHLB, FFCB, etc.) |
| Money market funds (MMFs) | Daily liquidity | AAAm | 2a-7 Government or Prime funds |
| Separately managed accounts | Per mandate | Per mandate | Requires Investment Committee approval |
Diversification Limits
| Limit Type | Maximum | Current |
|---|
| Single bank counterparty (deposits + CDs) | 90% of total short-term portfolio | Varies by entity |
| Government securities (T-Bills + agencies) | 95% (essentially unlimited) | — |
| Commercial paper — single issuer | 5% of total portfolio | — |
| Commercial paper — category total | 25% of total portfolio | — |
| MMF — single fund | 25% of total portfolio | — |
Prohibited Instruments
Equity securities, structured notes (unless Board-approved), auction-rate securities, inverse floaters, mortgage-backed securities (unless Government agency), and any instrument with embedded leverage.
Delegation of Authority (DoA)
Approval tiers for payments, investments, and digital asset operations with five governing principles.
Five Key Principles
| # | Principle | Rule |
|---|
| 1 | Peer-level delegation | Authority may only be delegated to individuals at the same or higher organizational level |
| 2 | Segregation of duties | Initiator and approver must be different individuals; no self-approval |
| 3 | Self-approval prohibition | No individual may approve a transaction they initiated or that benefits them personally |
| 4 | Documentation requirement | All delegations must be documented, time-limited, and reviewed quarterly |
| 5 | Jurisdictional compliance | Delegation must comply with local laws, including power of attorney and banking regulations |
Payment Approval Tiers
| Amount | Approver(s) | Conditions |
|---|
| < $50,000 | Treasury Analyst | Within budget; standard beneficiary |
| $50K – $500K | Treasury Manager | Documented purpose; budget check |
| $500K – $5M | Treasurer | Dual signature for >$1M |
| $5M – $25M | CFO | Treasurer co-sign required |
| > $25M | CFO + CEO (or Board delegate) | Board notification within 24h |
Digital Asset Approval Tiers
| Activity | Approver | Additional Requirements |
|---|
| Stablecoin purchase <$500K | Treasurer | Approved stablecoin list only |
| Stablecoin purchase $500K–$5M | Treasurer + CFO notification | XVA check < 100 bps |
| New protocol onboarding | CFO + Risk Committee | Full XVA assessment required |
| Bridge transfer >$500K | Treasurer + CFO | BRVA < 50 bps |
| DeFi protocol deployment | CFO + Risk Committee | Smart contract audit current; SCVA < 25 bps |
| Emergency digital asset exit | Treasurer (with CFO notification within 1h) | Any XVA hard limit breach |
Digital Asset Compliance Requirements
All digital asset transactions must satisfy: GENIUS Act compliance verification (US entities), SEC custody rule checks, MiCA authorization (EU entities), approved custodian whitelisting (Fireblocks, Coinbase Prime, Anchorage), AML/KYT screening via Chainalysis or equivalent, and OFAC sanctions screening on all wallet addresses.
Jurisdictional Netting Rules
Country-specific regulatory constraints on intercompany netting, FX, and capital controls with policy engine syntax.
Implementation Note
These rules are implemented as policy engine directives that automate compliance checks within the intercompany netting and sweep & funding systems. Each rule maps to an IF/THEN statement in the treasury management system.
Americas
| Country | Currency Restriction | Netting Rule | Key Constraint |
|---|
| Brazil | BRL only (no USD netting) | RESTRICT currency_netting TO [“BRL”] | Central Bank registration required; IOF tax applies |
| Chile | No restriction | ALLOW multi_currency | Central Bank reporting required for >$10K |
| USA | No restriction | ALLOW multi_currency | OFAC screening mandatory; IRS reporting |
| Venezuela | VES only | RESTRICT currency_netting TO [“VES”] | CADIVI/CENCOEX approval; highly restricted |
Asia-Pacific
| Country | Currency Restriction | Netting Rule | Key Constraint |
|---|
| China | CNY only | RESTRICT currency_netting TO [“CNY”] | SAFE approval; cross-border netting prohibited without license |
| India | INR only for domestic | RESTRICT currency_netting TO [“INR”] | RBI approval required; AD Category I bank routing |
| Japan | No restriction | ALLOW multi_currency | BOJ reporting for >¥30M |
| Singapore | No restriction | ALLOW multi_currency | MAS reporting; PSA compliance for digital assets |
| Australia | No restriction | ALLOW multi_currency | AUSTRAC reporting obligations |
EMEA
| Country | Currency Restriction | Netting Rule | Key Constraint |
|---|
| UK | No restriction | ALLOW multi_currency | FCA reporting; FSMA compliance |
| Germany | No restriction | ALLOW multi_currency | BaFin reporting; EU netting regulation |
| France | No restriction | ALLOW multi_currency | AMF reporting; mandatory cash pooling declaration |
| Switzerland | No restriction | ALLOW multi_currency | FINMA compliance; withholding tax considerations |
| UAE | No restriction | ALLOW multi_currency | CBUAE reporting; VARA for digital assets in Dubai |
| South Africa | ZAR restricted | RESTRICT cross_border TO approved_dealers | SARB Exchange Control; “loop structure” rules |
Policy Engine Rule Syntax
IF entity.country = “Brazil” THEN RESTRICT currency_netting TO [“BRL”]
IF entity.country = “China” THEN RESTRICT currency_netting TO [“CNY”]
IF entity.country = “India” THEN RESTRICT currency_netting TO [“INR”]
IF entity.country IN [“US”,“UK”,“Singapore”,“Japan”] THEN ALLOW multi_currency
IF transaction.amount > reporting_threshold THEN REQUIRE regulatory_filing
XVA Use Cases
Five practical application scenarios demonstrating how the Crypto XVA framework drives real treasury decisions.
Use Case 1: Tokenized Treasury Allocation
Scenario
Corporate treasury considering moving 5% of $500M cash portfolio from T-Bills to tokenized treasury funds (BUIDL, Franklin OnChain) for yield enhancement and 24/7 liquidity.
XVA Analysis: T-Bills carry ~2 bps total XVA vs. BUIDL at 42 bps and Franklin OnChain at 24 bps. The yield pickup of 20–40 bps gross is partially consumed by XVA. Franklin OnChain emerges as optimal: highest risk-adjusted yield (4.81%) despite lower headline yield. Decision: Allocate to Franklin OnChain first, BUIDL second; monitor LCVA as SEC guidance evolves.
Use Case 2: Stablecoin Reserve Optimisation
Treasury holds $25M in stablecoins for operational payments. The XVA framework reveals USDC (SVA 18 bps) vs. USDP (SVA 6 bps) vs. USDT (SVA 30 bps). Optimal blend: 60% USDC (liquidity), 30% USDP (lowest XVA), 10% USDT (counterparty diversification with enhanced monitoring). Total portfolio SVA reduces from 18 bps (all-USDC) to 14.4 bps.
Use Case 3: Cross-Chain Liquidity
Treasury needs USDC on both Ethereum and Solana for different payment rails. BRVA analysis: Wormhole currently at 52 bps (breached), CCIP at 18 bps (within limits). Decision: Route via CCIP; hold native USDC on each chain rather than bridging where possible; cap bridge exposure at $5M total.
Use Case 4: Cross-Border Payments
Worked Example: US → Singapore $25M
Traditional route: SWIFT wire, T+1 settlement, FX spread 15–25 bps, correspondent bank fees $35–75.
Stablecoin route: USD → USDC → XSGD conversion → SGD off-ramp. Settlement: <4 hours. FX spread: 5–8 bps. XVA cost: ~12 bps (SVA + SCVA + GVA). Total cost: 17–20 bps.
Net saving: ~5–10 bps per transaction + same-day settlement. At $25M monthly volume, annual saving: $150K–$300K.
Use Case 5: Intercompany Optimisation
Group with $150M monthly intercompany flows across 12 entities. Combining multilateral netting (40% payment reduction) with stablecoin settlement (for approved corridors) reduces total treasury costs by an estimated 25–35 bps on netted flows. Key constraint: jurisdictional rules restrict stablecoin netting in Brazil (BRL only), China (CNY only), and India (INR only).
Smart Contract Architecture
On-chain policy anchoring (LimFiTreasuryAnchor.sol) and off-chain sweep engine (sweep-engine.ts).
Architecture Pattern
The system follows a hybrid on-chain/off-chain architecture. Complex policy logic and calculations run off-chain (TypeScript sweep engine) for flexibility and gas efficiency, while state hashes and execution proofs are anchored on-chain (Solidity contract) for tamper-proof audit trails. This separates computation from verification.
LimFiTreasuryAnchor.sol — On-Chain Anchor
Solidity contract (^0.8.19) built on OpenZeppelin AccessControl. Provides immutable audit trails for off-chain treasury operations.
| Component | Purpose |
|---|
| PolicyAnchor struct | Stores state hash, rules hash, version, timestamp, signer addresses, and policy ID |
| ExecutionProof struct | Records pre/post state hashes, transaction type, amount, currency, executor |
| TransactionType enum | SWEEP, FUNDING, THRESHOLD_CHANGE, SCHEDULE_CHANGE, EMERGENCY_OVERRIDE |
| Role-Based Access | TREASURER_ROLE, CFO_ROLE, OPERATOR_ROLE, AUDITOR_ROLE (maps to DoA) |
Key Contract Functions
| Function | Access | Purpose |
|---|
| registerPolicy() | TREASURER_ROLE | Register a new policy with initial state and rules hashes |
| anchorState() | OPERATOR_ROLE | Anchor new state with multi-sig verification (min N signatures from Treasurer/CFO) |
| recordSweepExecution() | OPERATOR_ROLE | Record sweep proof with pre/post state transition validation |
| recordFundingExecution() | OPERATOR_ROLE | Record funding proof |
| triggerEmergencyStop() | TREASURER_ROLE | Halt all anchoring operations |
| liftEmergencyStop() | CFO_ROLE | Resume operations (different role for separation of duties) |
| verifyStateHash() | Public | Anyone can verify current state matches expected hash |
State Transition Validation
Pre-state hash must match current anchored state → Execute → Post-state hash becomes new anchor
This creates an immutable chain: State_0 → Proof_1 → State_1 → Proof_2 → State_2 → ...
Any gap or mismatch in the chain is detectable by auditors using the on-chain record, without needing to trust the off-chain system.
sweep-engine.ts — Off-Chain Policy Engine
TypeScript class (SweepPolicyEngine) implementing Treasury Sweep and Funding Policy §6. Manages evaluation, execution, compliance checks, and audit trail generation.
| Method | Purpose |
|---|
| evaluateSweep() | Determines if sweep should occur: Available Balance − Min Threshold = Sweep Amount. Runs compliance checks, selects payment rail, determines required approvals. |
| executeSweep() | Executes after evaluation and approvals. Verifies signatures, creates transaction record, updates balances, generates audit hash. |
| evaluateAllSweeps() | Batch evaluation for all operating accounts (skips concentration and disbursement accounts). Called by scheduler at sweep time. |
| runComplianceChecks() | Three checks: counterparty exposure limits, bank credit rating (minimum A-), segregation of duties. |
| getCurrentStateHash() | Returns current state hash for on-chain anchoring via LimFiTreasuryAnchor. |
Compliance Checks (Policy §8)
Every sweep evaluation runs three automated compliance gates:
| Check | Rule | Failure Action |
|---|
| Counterparty Exposure | Projected destination balance ≤ absolute limit AND counterparty-specific limit | Sweep blocked; escalate to Treasurer |
| Credit Rating | Destination bank rating ≥ minimum (A-) | Sweep blocked; escalate to Risk |
| Segregation of Duties | Requester cannot both configure rules and execute transactions (unless SYSTEM) | Sweep blocked; audit flag |
SSRN Paper — Crypto XVA v3
The academic working-paper foundation of this framework. SSRN abstract_id 6448638, v3 posted May 2026.
Citation
Martin, D. (2026). Crypto XVA: A Valuation Adjustment Framework for Digital Asset Treasury Management. SSRN Working Paper. Available at: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6448638
Abstract (v3)
This paper develops a systematic valuation adjustment (XVA) framework for digital asset holdings in corporate treasury portfolios. We identify nine valuation adjustments — SVA, SCVA, LCVA, DPVA, OVA, BRVA, GVA, RWVA, and OCVA — that collectively capture the risk premium embedded in digital assets relative to traditional cash equivalents. The framework is grounded in ASC 820 / IFRS 13 fair-value measurement principles and calibrated against the April 2026 Aave V3/V4 – Kelp DAO rsETH – LayerZero bridge cascade (~$292M primary bridge loss, ~$6.6B system-level cascade). The CompVA (Compositional Valuation Adjustment) extension introduces a Tier III cross-protocol network measure capturing cascade and composability risk not addressable at the per-position level.
JEL Classification
| Code | Description |
|---|
| G23 | Non-bank Financial Institutions; Financial Instruments; Institutional Investors |
| G32 | Financing Policy; Financial Risk and Risk Management |
| G28 | Government Policy and Regulation |
| G12 | Asset Pricing |
| G13 | Contingent Pricing; Futures Pricing |
| G17 | Financial Forecasting and Simulation |
| G21 | Banks; Depository Institutions |
| M41 | Accounting |
Version History
| Version | Date | Key Changes |
|---|
| v1 | Early 2026 | Initial framework: SVA, SCVA, LCVA, DPVA, OVA, BRVA, GVA |
| v2 | Apr 2026 | RWVA (Redemption Window VA — renamed from prior working label) + OCVA added; TWAP Paradox formalised; ASC 820 mapping |
| v3 | May 2026 | CompVA (SCC · UQL · CPBUC) Tier III extension; §6.3 aggregation methodology; Phase 3 aggregation shipped live |
Framework Structure (v3)
| Tier | Components | Scope |
|---|
| Tier I — Protocol | SCVA, OVA, BRVA, GVA | Per-position, protocol-level risk |
| Tier II — Asset | SVA, LCVA, DPVA, RWVA, OCVA | Per-position, asset-level risk |
| Tier III — Network | CompVA (SCC · UQL · CPBUC) | Portfolio-level, cross-protocol cascade risk |
CompVA — Compositional Valuation Adjustment
Tier III, portfolio-level. Captures cross-protocol cascade and composability risk not addressable at the per-position level.
Core Insight
Per-position XVA components price risk within each instrument. CompVA prices the risk between instruments — the network-level contagion that arises when DeFi protocols compose on one another. The April 2026 cascade demonstrated that a bridge exploit on LayerZero propagated through rsETH (Kelp DAO) into Aave V3/V4 liquidity pools within hours. No per-position XVA component captures this path; CompVA does.
Definition
CompVA is a Tier III, portfolio-level valuation adjustment that quantifies the expected loss from cross-protocol composability cascades. It is computed from three sub-factors aggregated via the §6.3 weighted+operational formula:
CompVA = w₁ × SCC + w₂ × UQL + w₃ × CPBUC
Weights (v3): SCC 0.40 · UQL 0.30 · CPBUC 0.30
Sub-Factors
| Sub-Factor | Full Name | What It Measures | Data Source |
|---|
| SCC | Smart Contract Composability Coefficient | Degree of cross-protocol dependency in the portfolio; how tightly coupled the positions are via shared contracts, liquidity pools, or oracle feeds | On-chain graph analysis; DefiLlama protocol dependency maps |
| UQL | Utilisation Queue Length | Depth of the unstaking / redemption queue across liquid-staking and restaking positions; a leading indicator of liquidity stress before it shows in price | On-chain queue data (Dune Analytics); position-level queue depth per asset |
| CPBUC | Cross-Protocol Borrowing Utilisation Coefficient | Aggregate borrow utilisation across DeFi lending pools holding portfolio assets; high utilisation compresses exit liquidity during stress | Aave, Compound, Morpho utilisation feeds via DefiLlama |
The April 2026 Cascade — CompVA in Action
The April 15–19, 2026 cascade (Aave V3/V4 + Kelp DAO rsETH + LayerZero bridge) provides the calibration anchor for CompVA. The Live Monitor v2 replay shows CompVA firing a CRITICAL alert at April 17, 2026 12:00 UTC — approximately 20 hours before the bridge exploit propagated into visible market impact. At that point:
- SCC was elevated as rsETH cross-protocol dependencies tightened
- UQL was rising as the Kelp DAO unstaking queue began to lengthen
- CPBUC was spiking as Aave V3 borrow utilisation approached the liquidity compression zone
The per-position XVA components (BRVA, SCVA, OVA) were in warning territory but had not yet reached CRITICAL thresholds individually. CompVA aggregated the three signals and crossed the critical threshold ~20 hours early. Primary bridge loss: ~$292M. System-level cascade: ~$6.6B.
ASC 820 Level Classification
| Sub-Factor | ASC 820 Level | Rationale |
|---|
| SCC | Level-3 (model-derived) | Computed from on-chain graph topology; no direct market observable |
| UQL | Level-2 (observable on-chain) | Queue depth is directly observable from on-chain state (Dune) |
| CPBUC | Level-2 (observable) | Borrow utilisation is a published protocol metric |
| CompVA aggregate | Level-2 / Level-3 blend | Driven by SCC model input; overall measurement is Level-3 where SCC dominates |
Limits & Escalation
| Status | CompVA bps | Action |
|---|
| Normal | < 10 bps | Standard monitoring |
| Warning | 10 – 20 bps | Enhanced monitoring; Treasurer notification |
| Critical | > 20 bps | Immediate Risk Committee escalation; position review required |