
Pillars of wealth protection
For Xapo Bank, our members’ trust is something we have to earn. We never take it for granted. This is why we insist on exemplary standards of physical and digital security.
These robust pillars of protection offer you a unique, all-encompassing combination of safeguards to protect both your deposits and your personal information.
Licensed in a global financial jurisdiction
We enjoy the rare privilege of having a banking license that is issued and regulated by the Gibraltar Financial Services Commission. We offer members the added reassurance of being part of the Gibraltar Deposit Scheme.
Fully regulated
We protect our members’ wealth by adhering to strict regulatory frameworks. Xapo Bank and Xapo VASP are legal entities regulated by the Gibraltar Financial Services Commission. Eligible USD deposits are covered up to 100,000 US Dollars*.
Unrivalled cyber security
As pioneers in Bitcoin, we constantly invest in new security tech to ensure our members’ wealth is kept safe at all times. We utilise dedicated best-in-class security tools and intuitive cyber intelligence to monitor market activity and predict potential issues.
Secure Headquarters
The peace of mind that comes from being able to visit our bank in person is immeasurable. Our headquarters, housed in a 19th century army barracks on the Rock of Gibraltar, is a physical manifestation of the rock-solid safety that our members rely on. We look forward to welcoming you here.
Uncompromised financial protection
The future for Xapo Bank and our members is exceptionally bright. We continue to harness our skills and ambition to build our business for the long-term. We have one of the largest Bitcoin reserves in the world, which, together with our liquid financial assets and solid balance sheet, is fueling growth, and generating interest for our members.
A rewarding, member-centric relationship
We believe that trust is built on open and transparent human connections. Unique to the world of digital banking, all our members enjoy the privilege of a Xapo Bank account manager. Their role is to support and guide you at every stage of your wealth creation journey.

A rewarding, member-centric relationship
Members of Xapo Bank have the reassurance of knowing their wealth is protected by one of the world’s most renowned financial jurisdictions.
Gibraltar is an icon in both modern banking and crypto and is at the forefront of financial innovation. As a champion for the blockchain and Distributed Ledger Technology (DLT) sector, Gibraltar has played a key role in developing market-leading frameworks for this fast changing industry. In 2018, it was the first in the world to deliver a DLT framework, designed to evolve dynamically without compromising core regulatory and legislative principles.
Gibraltar is an icon in both modern banking and crypto and is at the forefront of financial innovation. As a champion for the blockchain and Distributed Ledger Technology (DLT) sector, Gibraltar has played a key role in developing market-leading frameworks for this fast changing industry. In 2018, it was the first in the world to deliver a DLT framework, designed to evolve dynamically without compromising core regulatory and legislative principles.
Xapo Bank License
Xapo Bank is regulated and authorised as a credit institution to provide fiat related services.
USD deposits held with Xapo Bank are covered by the Gibraltar Deposit Guarantee Scheme. Eligible depositors are covered up to 100,000.00 US Dollars*. The GDGS does not regulate us or other banks. Regulation is carried out by the Gibraltar Financial Services Commission.
USD deposits held with Xapo Bank are covered by the Gibraltar Deposit Guarantee Scheme. Eligible depositors are covered up to 100,000.00 US Dollars*. The GDGS does not regulate us or other banks. Regulation is carried out by the Gibraltar Financial Services Commission.
Xapo VASP License
Xapo VASP is regulated under the DLT regulatory framework in Gibraltar. This principle based framework requires us amongst other requirements to protect our members' interests and mitigate risks. For example, our Xapo Bitcoin Reserve covers direct and effective losses experienced by our members as a result of attacks on our systems and/or any other qualifying losses, including bankruptcy.
Unlike other VASPs that provide wallet custodian services, Xapo VASP is obliged to protect our members' assets. This means that any member's Bitcoin must be segregated from Xapo VASP’s own assets and monies. Member assets are clearly designated as such to ensure protection from any third party creditors, and do not at any time represent the property of Xapo VASP.
As a DLT business, Xapo VASP also has to be sufficiently capitalised to operate in a secure and efficient way. This differs from other VASPs which are subject to ‘registration’ rather than ‘regulation’ in different parts of the world. We are subject to both financial and non-financial resource requirements, which includes our regulatory capital. This is calculated on our ability to ensure an orderly wind down, as well as a risk based capital calculation.
Unlike other VASPs that provide wallet custodian services, Xapo VASP is obliged to protect our members' assets. This means that any member's Bitcoin must be segregated from Xapo VASP’s own assets and monies. Member assets are clearly designated as such to ensure protection from any third party creditors, and do not at any time represent the property of Xapo VASP.
As a DLT business, Xapo VASP also has to be sufficiently capitalised to operate in a secure and efficient way. This differs from other VASPs which are subject to ‘registration’ rather than ‘regulation’ in different parts of the world. We are subject to both financial and non-financial resource requirements, which includes our regulatory capital. This is calculated on our ability to ensure an orderly wind down, as well as a risk based capital calculation.
Security Infrastructure
Xapo Bank is fully PCI DSS (Payment Card Industry Data Security Standards) Level 1 compliant to meet the international standards of data protection. The PCI standards cover cardholder data protection, network security, anti-fraud technologies, monitoring and restriction of access to customer data and detecting security threats.
Xapo will always be committed to safekeeping our members' funds. Our self-custody crypto solution relies on state of the art Multi-Party Computing (MPC) "keyless" wallets, whose signing shares are managed by Xapo as well as a trusted SOC2 Type II compliant third party. They are secured using Hardware Security Modules (HSM) devices and we employ strict controls and access rights to both the assets and supporting infrastructure. Cold storage of key material is supported by bank-grade Class III vaults in geographically dispersed locations.
Xapo will always be committed to safekeeping our members' funds. Our self-custody crypto solution relies on state of the art Multi-Party Computing (MPC) "keyless" wallets, whose signing shares are managed by Xapo as well as a trusted SOC2 Type II compliant third party. They are secured using Hardware Security Modules (HSM) devices and we employ strict controls and access rights to both the assets and supporting infrastructure. Cold storage of key material is supported by bank-grade Class III vaults in geographically dispersed locations.
