Putting money in bank account may protect you from ordinary theft, but it allows the bank and the government to rob you, LEGALLY.
We are talking of assets of an investment fund (or some other enterprise) that are to be insured against theft. Some of your comments about paper wallets etc. apply to personal funds, I have said that safety there is "solved problem" in theory.
I can't think what could be a "legal theft" of a company's assets by a bank. Loss of deposits due to bank failure is a definite risk, but insurers presumably know how to evaluate that. And funds should not leave their assets in bank accounts anyway.
"Legal theft" of a fund's assets by the government must be seizure because the fund did something wrong. In that case they can seize bitcoins just as easily. (Refusing to hand over the keys to legally seized cois would be stealing government's property.) Or are you thinking of "haircuts" on bank deposits? Again, funds should not leave their assets there.
To prevent insider theft, the insurance company may require COIN to use an M-of-N multi-sig address. N chief officers will generate private keys privately and independently. Each chief officer will physically sign a statement like this:
I,
, am the generator of the private key for . The private key is stored in the vaults of and . Except the copies in the said vaults, there is neither physical nor digital copy of the private key.In case a theft occurred without breaking the vaults, these chief officers would have civil and even criminal liability.
The key could be be stolen as it is generated, without the officer knowing it. (Think of N non-nerd financial managers who get their wallet software installed by the same Chief Security Officer.) Therefore the officer cannot meaningfully sign the last part of that statement.
I suppose that, each time some coins have to be taken out of cols storage, the affected addresses would have to be completely emptied, due to the risk of the private keys being captured at that time; and any remainder would then be transferred to a new cold address, previously generated.
It will be interesting to see how that works out (if we get to know it).