Skip to main content
You can build product for your end clients on top of Anchorage Digital today. The organization model—vaults and wallets with configurable permissions—gives you the building blocks to segregate, fund, and govern accounts for the clients you serve, without standing up a parallel ledger of your own. This guide explains the structures you can use now and how to pick between them.

ADx vs. wealth

This page covers business-to-business-to-anything (B2B2X) structures inside a standard ADx organization, where you segregate and manage your end clients yourself using vaults and wallets. The wealth organization type is a separate path for retail wealth-specific custody and trading use cases. If that describes your use case, see the Wealth management overview instead.

Key concepts

A few terms used throughout, defined precisely because they’re easy to conflate. Both fiat and crypto sit on the same org model—you segregate end clients using vaults and wallets, regardless of asset.
  • FBO account — a “for benefit of” arrangement where you hold the account relationship, and the funds within it belong to your end clients. You are the account holder of record.
  • End client — the client of our client. The party you serve in a B2B2X relationship.
  • Vault — the top-level container in the org model. Carries its own permission set and governance (quorum, approvers).
  • Wallet — sits inside a vault and holds a single asset. Every wallet maintains a true balance and transaction history. The mapping of a given wallet to a given end client is maintained at the Anchorage Digital Bank (ADB) level.
A vault holds at most one fiat (USD) wallet and any number of crypto wallets. This is why fiat segregation is done at the vault level (one USD wallet each), while crypto can be segregated by adding wallets within a vault.

Fiat: deposit information is client-specific identity

A fiat deposit is a wire. It needs a name, an address, and routing and account numbers. So the question that drives every fiat structure is whose identity sits on the deposit instructions:
  • Sub-account — a wallet whose deposit instructions resolve to your legal name as the account holder of record. This is what Anchorage Digital supports today. Fiat wallets are sub-accounts with real balances, not pass-through virtual accounts.
  • Named account — a sub-account whose deposit instructions bear the end client’s name rather than yours, so the end client can receive wires addressed to them directly. In development.
  • True virtual account — a pure pass-through set of deposit instructions in the end client’s name, where Anchorage Digital doesn’t track the end client’s balance. Not available.
Today, fiat deposit instructions resolve to your name, not the end client’s. The end-client-to-wallet mapping is maintained at the ADB level, and isn’t surfaced as a distinct named account at the bank.

Crypto: the wallet address carries no identity

A crypto deposit is just a wallet address that follows the chain’s standard. There’s no name, address, or bank identity attached to it. That means:
  • There’s no client-specific deposit instruction to name. The address can stay obscured to the end client without losing anything, because it conforms to crypto standards rather than carrying identity.
  • There’s no crypto FBO or named-account concept, because there’s nothing on the address to name. Segregation is handled entirely by which wallet maps to which end client at the ADB level.
So the sub-account, named account, and true virtual account distinctions are a fiat story. For crypto, segregation is simply wallet-to-client mapping, and it works today.

Structures available today

In the segregated model, each end client’s funds sit in their own vault and Anchorage Digital keeps them separated for you. In the omnibus model, funds are commingled in shared wallets and you decide how to use the native vaults and wallets, tracking each end client’s balance in your own sub-ledger. Segregated is the default; omnibus is available by approval.
Today, vaults are created in the web dashboard (not via API), and a vault holds a single USD wallet. The patterns below reflect those constraints.

Segregated vaults and wallets per end client

This is the structure most B2B2X clients use today, and the one we recommend. Each end client gets their own vault and wallet, so balances are segregated natively by the org model. You don’t build or maintain a ledger on top. Every account sits under your FBO relationship and is held in your legal name. Each end client is segregated into their own vault, with wallets per asset underneath, and deposits and withdrawals flow between the end client and their wallet. How it works
  • You submit a KYC package for the end client to Anchorage Digital’s compliance team.
  • Once compliance approves, you create a vault in that end client’s name with a dedicated wallet, used exclusively for that client.
  • The wallet holds a real balance. The end-client-to-vault association is tracked at the ADB level.
  • Deposit instructions on the wallet resolve to your legal name as the account holder of record.
Recommended setup pattern Because compliance approval is the gating step and vaults today hold a single USD wallet, the cleanest pattern is to pre-provision vault shells:
  1. In the web dashboard, create vaults in advance as empty shells: unfunded, unnamed, and not exposed to the end client.
  2. Pre-assign each vault the permission set you want to govern it (quorum, approvers).
  3. Upon KYC approval, name the vault to the end client and put it into use. The USD wallet already exists from vault creation; add any crypto wallets with POST /v2/vaults/{vaultId}/wallets.
This keeps you ready to onboard quickly while ensuring no end client can access or transact in an account before compliance has cleared it. Named accounts are in development: today the wallet’s deposit instructions carry your name, not the end client’s. Named accounts will let a wallet bear the end client’s own name and instructions, so end clients can receive wires addressed to them directly.

Step 1: Confirm or create the wallet

Wallet provisioning differs by asset:
  • USD — the vault already has its USD wallet (vault creation provisions it). You don’t create one. Fetch it with GET /v2/wallets/{walletId} to read its wire instructions.
  • Crypto — create a wallet per asset in the end client’s vault. Use POST /v2/vaults/{vaultId}/wallets with the assetTypeID set to the asset ticker (for example BTC, ETH), then fetch it to read its deposit address.
Provide each end client a deposit wallet per asset within their associated vault.

Step 2: Fund the wallet

There’s no “create deposit” call. You share the wallet’s deposit details with the end client and monitor for the incoming deposit. In both cases you can monitor with webhooks or by polling GET /v2/transactions. Fiat (USD wire) Fetch the wallet to read its wire instructions, then share them with the end client. When the wire arrives, it carries a fiatDetails object you use to tie out the deposit:
The name and bank fields let you match the incoming wire to the sending end client. No deposit attribution step is required for fiat wires. You can also have the depositor set a known memo to make matching unambiguous. Crypto Fetch the wallet to read its deposit address, share the address with the end client, and monitor with webhooks. The address follows the chain standard and carries no client identity, so it can stay opaque to the end client.
A crypto deposit from a non-whitelisted address lands pending and is excluded from availableBalance until you attribute it. Attribute it on the web platform or with PATCH /v2/deposit-attributions. If the end client will deposit from the same address again, add it as a trusted source.

Step 3: Withdraw

Withdrawals use one endpoint for both fiat and crypto. The assetTypeID and destination set the type. The destination must be a Trusted Destination that has been created and quorum-approved before you call this. POST /v2/transactions/withdrawal
Where:
  • assetTypeIDUSD_R in staging and USD in production for fiat, or the asset ticker for crypto.
  • source — the end client’s wallet (type: WALLET, id: the wallet ID).
  • destination — the approved Trusted Destination. Fiat withdrawals use a standing instruction (STANDING_INSTRUCTION); both fiat and crypto can target a TRUSTED_DESTINATION.
  • clientReferenceId — your idempotency and reconciliation key.
For crypto, set assetTypeID to the asset ticker and point destination at the approved crypto Trusted Destination. Monitor status with GET /v2/transactions, GET /v2/transfers, or webhooks. To move funds between two wallets inside your organization rather than out to a Trusted Destination, use a transfer with destination.type: WALLET.

Omnibus plus your own sub-ledger (reliance)

If you’re approved for a KYC reliance arrangement, you can hold pooled funds in a single account and run your own sub-ledger to track each end client’s balance. Two conditions apply:
  1. Reliance approval. Anchorage Digital’s compliance team must approve a reliance arrangement with you, relying on your KYC program for your end clients rather than KYC’ing each one directly. This is granted case by case and isn’t available to every client.
  2. You maintain the sub-ledger. Anchorage Digital tracks the pooled balance. Per-end-client balances are yours to maintain. Building and operating that sub-ledger is non-trivial work that sits on your side.
Under reliance, deposits arrive into your account in your name, and Anchorage Digital doesn’t see which end client each deposit belongs to. That attribution lives in your sub-ledger. If you need to distinguish incoming funds, direct end clients to include an identifying memo on the wire.
Most clients who want native per-end-client identification without running their own sub-ledger are better served by segregated vaults and wallets today, or by named accounts once available.

What’s coming

These are in scope or in build, and aren’t available today. They’re listed so you can plan, without committing to dates:
  • Named accounts — sub-accounts that carry the end client’s own name and deposit instructions, so end clients receive wires addressed directly to them while funds still settle within your account. In active build.
  • True virtual accounts (native pass-through) — pass-through deposit instructions in the end client’s name where Anchorage Digital doesn’t maintain the end client’s balance, with native sub-ledgering on Anchorage Digital’s side. A known future need, not currently being built. Clients who require native sub-ledgering at retail scale today typically use a third-party ledger provider.
If a true virtual account or native sub-ledger is a hard requirement for your build, talk to your Anchorage Digital contact so we can factor it into prioritization.

Choosing your structure

  • You want Anchorage Digital to segregate and KYC each end client, with real per-client balances: segregated vaults and wallets. Recommended for most clients.
  • You’re a large, sophisticated platform that wants one account and will run your own sub-ledger, and you can qualify for reliance: omnibus plus reliance.
  • You need end clients to receive wires in their own name: named accounts, once available. Use segregated vaults and wallets in the meantime.
  • You’re a retail-scale wealth platform onboarding end clients under reliance: see the Wealth management overview.