Institutional Trust Company is seeking a South Dakota trust charter and is not currently accepting accounts.
AccountsAssetsLearnSecurityPartnersLog inOpen an account
Home › Trust Center

Trust Center

Security, custody, and compliance in one place

Most platforms check who is calling. We also decide what each request may touch — one record at a time, refused by default — and we hold your assets to a custody and compliance standard built for scrutiny.

Denied by default

Most systems ask a single question at the door: who is calling? Ours asks a second, harder question at every step: what is this specific request allowed to touch? Each request is authorized against the individual record it tries to reach, and refused unless explicitly permitted. That closes broken object-level authorization — the quiet flaw behind a large share of modern data breaches, in which a valid user reaches records that were never theirs.

Your data stays sealed

Sensitive details are tokenized and remain sealed until a request has earned a specific, per-record grant to see them. A leak of one layer does not spill the rest, because access is never ambient — it is decided, each time, for each record.

A tamper-evident record of every action

Every access and change is written to an append-only, tamper-evident trail: who touched which record, when, and under what authority. That same trail is what makes the platform’s compliance ledger litigation-ready — the evidence exists because the system produced it in the ordinary course, not after the fact.

Authorization built for the agent era

When an AI agent acts on your behalf, it is held to the intersection of two permissions — what you may do and what the agent may do — and never more than either allows. As automated actors take on more of financial operations, that ceiling matters.

How enforcement works

Per-record authorization is enforced by B5 Secure, with cryptographically signed requests (RFC 9421) and a post-quantum path, running on the FISCP platform. Security is not a banner on the page; it is the layer every request passes through.

How your assets are held

Assets are held in your account’s name and kept separate from the custodian’s own property. Positions are reconciled, and alternative holdings carry a recorded annual valuation for reporting. Custody is about safekeeping and accurate records — the unglamorous work that matters most when something goes wrong elsewhere.

Account protections, and what they cover

Institutional Trust Company is a trust company, not an FDIC-insured bank. Uninvested cash may, under certain program conditions, be eligible for pass-through FDIC insurance at participating banks; that coverage protects only against the failure of an insured depository institution, and only when its conditions are met. Investments themselves are not FDIC-insured, are not guaranteed by any bank or government agency, and may lose value. Nothing here is a promise of investment results.

What a custodian does — and does not do

A custodian holds assets and processes the transactions you direct. It does not, by holding an asset, recommend it, verify its value, vouch for a sponsor, or determine that it complies with tax or securities law. We are a directed, non-discretionary custodian: the diligence and the decisions are yours or your advisor’s.

Responsible disclosure

We welcome reports from security researchers and operate under a good-faith safe harbor. See our Security Policy & Responsible Disclosure for scope and how to report.

Open an account   Legal Center

Educational only. This page is general information, not individualized investment, legal, or tax advice. Rules depend on your account type, transaction, tax year, and circumstances — consult a qualified professional.