What vault policy controls
Vault policies define approval requirements for:- Deposits — Receiving assets into the vault
- Withdrawals — Sending assets out of the vault
- Transfers — Moving assets between vaults
- Stablecoin conversions/swaps — If enabled
- Policy changes — Modifying the policy itself
- User access — Adding or removing users from the vault
- Large transactions — May have higher approval thresholds
Access vault policy settings
1
Open vault
From the home screen, select the vault you want to customize.
2
Open vault settings
Tap the vault name or Settings icon.
3
Select policies
Look for Policies, Vault policy, or Rules.
4
View current policy
You’ll see:
- Current approval requirements
- Quorum structure (who must approve)
- Any rules or thresholds
- When the policy was last modified
5
Tap customize or edit
Select Edit policy, Customize, or Modify rules.
Customization options
Simple approval structure
Basic single or dual approval:- Single approver — One designated approver for all vault operations
- Two required — Any two approvers must approve
- All required — Every approver must approve
Advanced quorum structures
More complex approval rules:- Tiered by amount — Different approvals for different transaction sizes
- Role-based — Different rules for different user roles
- Time-based — Different rules for certain times of day or days of week
- Operation-type specific — Different rules for withdrawals vs. transfers
Risk-based rules
Adjust approvals based on risk:- Standard operations — 1 approver needed
- Large transactions — (over $X) 2 approvers needed
- To new addresses — (not pre-approved) 2 approvers needed
- To trusted destinations — (pre-approved) 1 approver needed
Create policy rules
1
Open vault policies
Go to Settings > Policies > Vault policy.
2
Tap add rule
Select Add rule, Create new rule, or Add condition.
3
Define rule conditions
Specify when this rule applies:
- Operation type: Withdrawal, deposit, transfer, swap
- Amount: Any amount, or only above/below a threshold
- Address type: Any, trusted destination only, new address
- User role: Initiator, all users, etc.
4
Define approval requirements
Specify approval requirements:
- Number of approvers: 1, 2, all, etc.
- Which approvers: Specific roles, specific people, or any approver
- Voting structure: Simple majority, unanimous, etc.
5
Set timeout (optional)
How long before the approval request expires (default: 24 hours)
6
Save the rule
Tap Save or Create rule.
7
Submit policy changes
Tap Save policy or Submit changes. Vault policy changes may require admin approval.
8
Approve if needed
If the vault has admin policy approval requirements, the change must be approved.
Quorum structures
Different vaults can have different quorum setups:
Choose a structure that matches your organization’s security needs and approval speed requirements.
Vault policy templates
Common templates your organization may offer:Treasury Vault (High security)
- Withdrawals: 2 of 3 senior officers
- Transfers: 1 of 3 senior officers
- Policy changes: All 3 senior officers
- Use case: Large reserves, institutional customers
Operations Vault (Standard security)
- Withdrawals: 1 operations manager + 1 approver
- Transfers: 1 approver
- Policy changes: 2 of 3 administrators
- Use case: Regular operations, moderate amounts
Client Custody Vault (Flexible)
- Deposits: Any operator
- Withdrawals: Client + custodian approver
- Transfers: Client approval
- Policy changes: Custodian admin
- Use case: Client funds, specific approval controls
Settlement Vault (Fast)
- All operations: 1 approver
- Large transfers (>$X): 2 approvers
- Policy changes: Admin
- Use case: Frequent, regular operations, trusted parties
Transaction amount thresholds
Set approval requirements based on transaction size:1
Open vault policies
Go to vault Settings > Policies.
2
Add tiered rule
Select Add amount-based rule or Create tier.
3
Define thresholds
Set approval levels for different amounts:
- Up to $10,000: 1 approver
- 50,000: 2 approvers
- $50,001+: 3 approvers or Anchorage review
4
Save the tier
Tap Save and then Submit policy changes.
Adding custom approvers
Designate specific users as approvers for a vault:1
Open vault users
Go to vault Settings > Users or Team.
2
Find or add user
Select an existing user or add a new one.
3
Change their role
Set their role to Approver or Admin.
4
Confirm
Save the change. The user can now approve operations in this vault.
Policy change requests
When you modify a vault policy:- Submit for approval — The policy change itself is submitted
- Approvers review — Designated approvers review the new policy
- Approval required — Usually requires the same quorum as the vault’s own policy (or higher)
- Effective date — Once approved, the new policy takes effect immediately
- Audit trail — The change is recorded with who changed it and who approved it
Monitoring policy effectiveness
After setting policies, monitor:- Approval times — Are approvals happening in reasonable time? If not, adjust approvers
- Rejection rates — Are too many operations being rejected? Review the policy
- Bottlenecks — Is one person always the bottleneck? Consider distributed approvers
- Compliance — Is the policy still meeting your compliance requirements?
Emergency policy changes
If you need to change a vault policy urgently:- Request expedited review — Explain the urgency
- Temporary policy — Sometimes you can implement a temporary policy and convert to permanent after review
- Escalation — Contact your administrator or Porto account team for assistance
Special cases and exceptions
Anchorage Digital review:- Large or unusual operations may require Anchorage Digital compliance review
- This is an automatic additional step; not affected by vault policy
- Typically takes 1-2 business days
- Operations to new addresses, bridges, or risky assets may have higher approval requirements
- Check your policy’s rules for these scenarios
- Enterprise customers may have negotiated policy terms with Anchorage
- These take precedence over default policies
Testing your policy
Before fully relying on a new policy:- Make a test operation — Try a small withdrawal or transfer
- Verify approvals — Confirm the right people are notified
- Check timing — See how long approvals take
- Document learnings — Note any issues to fix before next time
Policy best practices
- Balance security and speed — More approvers = more security but slower operations
- Right-size approvers — Too few creates risk; too many creates bottlenecks
- Clear thresholds — Make amount-based rules obvious and well-documented
- Separate roles — Different people should submit and approve when possible
- Document why — Record the business reason for your policy structure
- Review regularly — Quarterly policy reviews catch issues early
- Communicate — All users should understand the policy and approval process