Cover Article

Taming fraud in crypto’s Wild West

Lessons learned from the fall of FTX

The meteoric rise and sudden downfall of crypto exchange FTX, and its founder Sam Bankman-Fried, is likely to become an essential case study for fraud examiners seeking to understand the new Wild West of the financial markets. Here we look at what happened and lessons learned from possibly one of the largest U.S. financial frauds.

A little over a year before he was arrested on multiple fraud charges in November 2022, Sam Bankman-Fried, the then-29-year-old and ultra-popular CEO of the now-bankrupt crypto exchange FTX, implied in a 2021 interview that if Enron had had its financial books on a blockchain, corrupt executives would’ve had a much harder time fabricating them. The implication was that blockchain is a transparent and immutable technology that would’ve made it difficult for executives at the disgraced energy company to conceal the web of failed businesses and high leverage that ultimately led to its downfall in 2001. (See “Episode #1 Transcript: The $10 BILLION Man; He’s 29, and it’s all from Cryptocurrencies… with Sam Bankman-Fried,” The Jax Jones and Martin Warner Show, June 2, 2021.)

Bankman-Fried, commonly referred to as SBF, now faces his own Enron moment that involves not only blockchain — the digital distributive ledger that records crypto transactions — but, somewhat ironically, older off-chain technologies like QuickBooks, the accounting software package first launched in the early 1980s. (See “FTX Did Its Invoicing, Expenses Over Slack and QuickBooks: New CEO John Ray,” by Stacy Elliott, yahoo!finance, Dec. 13, 2022.)

Among other charges, SBF is now accused of fraudulently transferring billions of dollars of FTX client money to prop up his hedge fund Alameda Research, deceiving investors about the true risks at the company and artificially inflating the price of its FTT token to access funding from investors. The U.S. Securities and Exchange Commission (SEC) says the tech mogul used Alameda as his “own personal piggy bank” to buy luxury condominiums, support political campaigns and make private investments, while Damian Williams, the U.S. attorney for the Southern District of New York, has called FTX “one of the biggest financial frauds in American history.” (See “FTX ‘One of the Biggest Financial Frauds in American History’: Prosecutor Damian Williams,” by André Beganski, Decrypt, Dec. 13, 2022.)

In just a few turbulent days in November, SBF went from tech wunderkind with one of the largest crypto exchanges to declaring bankruptcy and losing over $8 billion in client money. (See sidebar below for timeline.) Adding to the irony, John J. Ray III, who worked on behalf of Enron’s creditors to claw back billions of dollars of losses, has now replaced SBF as CEO of FTX and has very publicly excoriated the company’s bookkeeping practices and controls.

“Never in my career have I seen such a complete failure of corporate controls and such a complete absence of trustworthy financial information as occurred here,” Ray said in a Chapter 11 filing. (See “Declaration of John J. Ray III in support of Chapter 11 Petitions and First Day Pleadings,” U.S. Bankruptcy Court for the District of Delaware, Nov. 17, 2022.) “From compromised systems integrity and faulty regulatory oversight abroad, to the concentration of control in the hands of a very small group of inexperienced, unsophisticated and potentially compromised individuals, this situation is unprecedented,” Ray said.

While acknowledging his failures to properly oversee multiple operations under the complex FTX corporate umbrella, the disheveled tech entrepreneur, who often wears shorts and oversized T-shirts, denies any wrongdoing and has pleaded not guilty, in contrast to Gary Wang, FTX co-founder, and Caroline Ellison, Alameda CEO, who’ve admitted guilt to multiple charges and are acting as cooperating witnesses. (See “FTX Founder Indicted for Fraud, Money Laundering, and Campaign Finance Offenses,” DOJ, Dec. 13, 2022, and “SEC Charges Caroline Ellison and Gary Wang with Defrauding Investors in Crypto Asset Trading Platform FTX,” SEC, Dec. 21, 2022.)

[See sidebar: “FTX collapse timeline”.]

Case study material

As of publication, SBF’s fate remains unclear. He continues to very publicly profess his innocence, most recently giving his side of the story through a January 12 Substack blog. In whatever way the scandal plays out, FTX is likely to be a major case study for fraud examiners in years to come and possibly a turning point for a crypto industry that has already had its fair share of scandals.

Like many new markets, crypto has a lawless quality to it and arguably more so thanks to its libertarian roots, and because until now many in the industry have managed to remain outside the reach of U.S. regulators. “Code is law” has been the rallying cry among certain crypto enthusiasts who believe coded protocols in the crypto ecosystem eliminate the need for outside regulation and laws.

“A lot of cryptocurrency enthusiasts are anti-regulation, and that is one of the reasons it was created,” says Kendrick Christie, CFE, assurance and forensic partner at accounting firm Crowe in the Bahamas. “That should be a warning sign that we need to trust but verify and increase scrutiny over these entities.”

FTX may have catered mostly to offshore and non-U.S. clients, but SBF’s once high standing among U.S. politicians, investors and celebrities has made his downfall all the more shocking and likely to sharpen U.S. regulators’ and lawmakers’ focus on crypto. Those relationships have drawn parallels with Bernie Madoff whose close ties with some SEC officials and other market luminaries helped him prolong his Ponzi scheme for decades. (See “How Sam Bankman-Fried ‘Madoff’ with regulators,” by Charles Gasparino, Opinion, New York Post, Dec. 31, 2022.)

“If SBF is truly the Bernie Madoff of crypto, then his prosecution should inevitably trigger stronger regulations and much-needed reforms within the crypto industry, with a more unified regulatory and enforcement regime,” says John Powers, CFE, president of Hudson Intelligence, a private investigation firm specializing in asset searches and investigations of complex frauds and financial crimes.

“It could bring about a sea change akin to a crypto version of the Dodd-Frank Act,” Powers says. The 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act overhauled financial regulation following the global financial crisis of 2008.

SEC Chair Gary Gensler has likened crypto to a Wild West asset class rife with fraud, scams and abuse. He’s pushed for more regulatory supervision to protect investors from the snake oil salesmen of a crypto market that until recently provided very tempting returns. (See “Remarks Before the Aspen Security Forum,” SEC Chair Gary Gensler, SEC, Aug. 3, 2021 and “‘Modern-day snake-oil salesmen’ accused of $124 million crypto-mining con. Brother-and-sister team advertised their business on a billboard in Times Square,” by Lukas I. Alpert, MarketWatch, March 9, 2022.)

Whether U.S. lawmakers will enact legislation as far reaching as the Dodd-Frank Act or the Sarbanes-Oxley Act, passed in 2002 to improve auditing and public disclosure in response to the Enron and WorldCom scandals, remains open to debate. In December, Democratic Senator Elizabeth Warren of Massachusetts and Republican Senator Roger Marshall of Kansas introduced a bill to curb the use of digital assets for money laundering, protect U.S. national security and force crypto firms to comply with the same regulations as banks and other firms. Warren told CNN that crypto was “under serious scrutiny across the political spectrum.” (See “Warren pushes bipartisan bill to regulate crypto firms after FTX collapse,” by Ed Pilkington, The Guardian, Dec. 14, 2022, and “A Bill To Require the Financial Crimes Enforcement Network to issue guidance on digital assets, and for other purposes,” Warren and Marshall, 117th Congress, 2nd Session.)

But some experts warn that lawmakers shouldn’t necessarily crack down on cryptocurrencies and the blockchains that drive them — technologies that aren’t necessarily to blame and indeed have the potential to better protect investors against fraud. Rather, these experts say, lawmakers should regulate centralized exchanges like FTX and the people who run them. The logic is that those centralized exchanges often act as fraudulent and corrupt intermediaries that this crypto technology was designed to eliminate in the first place.

“Go after digital assets all you want,” says David Utzke, Ph.D., CFE, senior director of cryptoeconomic technology for MasterCard. “But the people running the exchanges are always going to be the problem. They need to regulate the exchanges and treat them more like banks and trading operations rather than regulate the digital assets like commodities and securities.”

Tokens vs. coins

Utzke says regulators and fraud examiners must distinguish between cryptocurrencies, such as bitcoin, and tokens like the one FTX created. While the two terms are often used interchangeably, they differ in their uses and security protocols.

Both are defined as digital assets, but tokens comprise the largest portion of that asset class by far, says Utzke. That’s largely because tokens can sit on any blockchain and anyone can essentially create them out of thin air, which is what FTX did with its token FTT. Cryptocurrencies like bitcoin, on the other hand, belong to and stay on a specific (native) blockchain and can only be produced (or mined) after miners solve a computational puzzle.

Cryptocurrencies are designed to be of limited use, namely as a peer-to-peer medium of exchange to acquire goods or services, or as an asset that stores value. In contrast, tokens have multiple uses, a function that SBF allegedly used to its full advantage. Cryptocurrencies are driven by protocols (a defined set of coded rules) on their native blockchains, which use cryptography and participant authentication to secure and safeguard the structure. Token behavior, on the other hand, largely depends on a “smart contract,” whose protocols can be exploited by fraudsters. (See “Cryptocurrencies Vs Tokens – What’s The  Difference,” by Ayushi Abrol, Blockchain Council, April 19, 2022, and “Crypto Coins vs. Tokens: The Difference Explained,” Vladimir, Zerion, July 28, 2022.)

This is important to understand because FTT, the token that FTX created, in many ways lies at the center of the alleged fraud that took place at the exchange.

The token, which offered a myriad of privileges to the VIP members who bought it, functioned in many respects as a sophisticated marketing tool to lure more customers to the exchange and in turn bolster its value. Customers could use it as payment in the FTX ecosystem and as a type of loyalty reward card that gave holders discounts on trading fees, better market pricing and other types of rebates. It also acted as collateral for traders wishing to leverage a position. [See “FTX Token (FTT): What It Is & Why You Should Care,” BYBIT, Nov. 9, 2022.]

Launched in 2019 through an initial exchange offering (IEO), FTT’s value soared from $4 in December 2020 to a high of $85 in September 2021. The idea was that FTX would control the outstanding supply of the token, and hence its value, through a buyback program and the elimination (or “burning” in the jargon of the market) of FTTs. Indeed, the value of the token hardly reflected a true market price as millions of FTTs were held by FTX and its affiliates and not widely distributed among various buyers. (See “FTX made a cryptocurrency that brought in millions. Then it brought down the company,” by David Gura, NPR, Nov. 15, 2022.)

Maintaining FTT value was vital for FTX and Alameda, which relied heavily on the token in the capital markets. Not only did SBF exchange these tokens for investment dollars, but FTT also served as currency in acquisitions. Perhaps more important Alameda used FTTs as collateral on loans from investors. If the price of FTT tumbled or investors lost confidence in the crypto market, FTX’s access to cheap and easy capital could easily evaporate.

That’s what happened in May 2022 when Terra’s stablecoin, a type of crypto asset designed to be less volatile but also likened to a Ponzi scheme by some, broke its peg to the U.S. dollar, rattling market confidence and sending the price of crypto tokens and coins, including FTT, south. (See “More than $200 billion erased from entire crypto market in a day as sell-off intensifies,” by Ryan Browne, CNBC, May 13, 2022. Terra is a blockchain protocol and payment platform used for algorithmic stablecoins.)

According to court documents, that was when lenders started to demand payment on billions of dollars of loans Alameda had taken out with the help of falsely inflated FTT collateral. Some experts think that FTX may have bailed out crypto lender BlockFi and crypto broker Voyager in June last year because of their large holdings of FTT amid fears of further price pressures on the token if those entities went under. Unable to satisfy Alameda’s loan obligations, Bankman-Fried diverted even more of FTX’s customer assets to pay off Alameda’s debt and maintain its lending relationship and access to capital, according to court documents. (See “SEC v. Caroline Ellison and Zixiao ‘Gary’ Wang,” U.S. District Court Southern District of New York, Dec. 21, 2022.)

The hidden backdoor

SBF reportedly was able to move client funds from FTX to Alameda undetected thanks to bespoke software that created a “backdoor” in FTX’s bookkeeping system to alter financial records without alerting internal or external compliance offices. (See “Exclusive: At least $1 billion of client funds missing at failed crypto firm FTX,” by Angus Berwick, Reuters, Nov. 13, 2022, and “FTX founder Bankman-Fried secretly moved $10 billion to Alameda Research using a ‘backdoor’ he built into FTX software without alerting external auditors,” by Daniel Levi, Nov. 12, 2022.)

Court documents released in December and January revealed some of the details of how the alleged deception took place. Wang simply inserted a single number into millions of lines of code to create a $65 billion line of credit for Alameda using FTX’s customer funds without permission. When customers deposited fiat currency into, the funds were unknowingly wired to Alameda bank accounts. At the same time, Alameda personnel manually credited those customers on an FTX Trading internal ledger to hide that they were violating the terms of service, which said customers owned and controlled their digital assets. FTX customers could see those deposits on the website or their apps, but in reality, Alameda held them. (See “Ad Hoc Committee of Non-US Customers of v. FTX Trading Ltd.,” U.S. Bankruptcy Court for the District of Delaware, Dec. 28, 2022, and “Sam Bankman-Fried’s secret ‘backdoor’ discovered, FTX lawyer says,” by Pete Syme, Business Insider, Jan. 13, 2023.)

Big investors, big money

FTX had garnered funding from deep-pocketed venture funds such as SoftBank and Sequoia Capital to big name investors like Singapore’s sovereign wealth fund Temasek, Tiger Global Management, BlackRock and the Ontario Teacher’s Pension Plan, pushing the valuation of the privately held entity to as high as $32 billion in just three short years since its founding in May 2019. American football legend Tom Brady and fashion model Gisele Bundchen also bought stakes in FTX. (See “Exclusive: These FTX Investors Stand To Lose The Most From The Crypto Exchange’s Implosion,” by Chase Peterson-Withorn, Forbes, Nov. 10, 2022.)

SBF’s popularity among those investors — not to mention regulators, politicians and celebrities — made the FTX downfall even more shocking, embarrassing and potentially liable for those who’d previously sought to bolster FTX’s value. Many are questioning how far the blame goes and whether investors and other participants had spied some of the obvious red flags but stayed mum.

[See sidebar: “Red flags and other warning signs”.]

FTX clients have already filed a lawsuit alleging that SBF and celebrities like Tom Brady engaged in deceptive practices to sell FTX yield-bearing digital currency accounts. And the cozy and circular relationship that SBF had with some venture capital firms — which had piled substantial sums into the crypto exchange and in turn received investments in their funds from the CEO of FTX — has also been the focus of media attention. (See “FTX’s Bankman-Fried Quietly Invested More than $500 Million in Sequoia and other VCs,” by Kate Clark, Exclusive, The Information, Nov. 10, 2022, and “Bankman-Fried invested in venture capital backers of his FTX exchange,” by Kadhim Shubber, Arash Massoudi and Tabby Kinder, Financial Times, Nov. 10, 2022.)

“There are millions and millions of dollars in private capital, which people are investing in their funds and are sent  into the crypto market, and there is limited financial diligence being done,” says Patrick Westerhaus, CFE, a former FBI special agent and CEO of CT6, a cybercrime prevention company. “When are venture capital firms going to be held accountable for enabling this type of fraud is a question I hope leadership in U.S. law enforcement and regulatory agencies is asking themselves.”

While investors say they were in the dark about the wrongdoing taking place at FTX, critics have expressed surprise at how easily Bankman-Fried raised capital from sophisticated investors, and the apparent lack of due diligence and oversight. Not one investor sat on FTX’s board, which comprised SBF, a lawyer and another FTX employee. The tech mogul reportedly showed little interest in bringing in outside experts, and if investors suggested that he should, FTX would likely shut them out of the next funding round. (See “Investors Who Put $2 Billion into FTX Face Scrutiny, Too,” by Erin Griffith and David Yaffe-Bellany, The New York Times, Nov. 11, 2022.)

If the portrayals of SBF in the press are true, it appears he skillfully manipulated the hype around crypto to his advantage. He told Bloomberg reporters that venture firms cut deals based on the fear of missing out (FOMO) rather than faith in financial models employed to assess the company’s financial strength and growth potential. He also surprisingly revealed to those same reporters how decentralized finance, or DeFi, works like a Ponzi scheme. In one widely reported instance, SBF played the video game League of Legends while making a funding pitch to Sequoia Capital, behavior that did little to prevent him from garnering substantial sums and praise from the venture capital firm. (See “Transcript: Sam Bankman-Fried and Matt Levine on How to Make Money in Crypto,” by Tracy Alloway and Joe Weisenthal, Bloomberg, April 25, 2022, and “Sam Bankman-Fried was once caught playing the video game ‘League of Legends’ during a pitch meeting for FTX,” by Britney Nguyen, Business Insider, Nov. 10, 2022.)

Parallels with past corporate frauds

The market’s glassy-eyed view of FTX and all things crypto makes for parallels with other corporate frauds of the past, though ultimately the crypto exchange may be in a category all its own. The way a likable SBF cultivated relationships across the spectrum of movers and shakers in the media, Wall Street and Washington D.C. is comparable to how sophisticated politicians and investors fawned over Elizabeth Holmes, enabling her to sell her fraudulent blood-testing device. And the labyrinth of terms and knowledge required to understand crypto markets carry echoes of dodgy Wall Street financial engineering such as the collateralized debt obligations and other derivatives blamed for the global financial crisis, or Enron’s web of special-purpose vehicles. In those settings, especially during boom times, poor diligence often prevails as investors put their faith in the experts. “Nobody questioned Enron because nobody understood Enron,” says Mary Breslin, CFE, president of Verracy, a consulting company specializing in risk management, fraud and corruption. “It is the same thing here. Nobody understands crypto.”

But that may be where the comparison with Enron stops. Sherron Watkins, who famously blew the whistle on accounting irregularities at Enron, sees few similarities with FTX. “Enron was a sophisticated accounting fraud with top accounting firm and law firm sign offs. FTX had no board of directors, unknown auditors and was both incompetence and embezzlement, but it did hire amazing celebrities to state that they were investing in it,” she tells Fraud Magazine. “I’d say FTX is the marriage of various fraud schemes in the age of the Kardashians.”

And like Bernie Madoff’s scam, there were some Ponzi-like qualities to FTX. Class lawsuits by investors against SBF are riddled with the term. Plaintiffs in separate cases argue that the company operated a Ponzi scheme by shuffling “customer funds between their opaque affiliated entities, using new investor funds obtained through investments in the YBAs [yield-bearing accounts] and loans to pay interest to the old ones and to attempt to maintain the appearance of liquidity.” They accuse FTX of using big names in the investment and sporting community to promote those YBAs without disclosing the scope of compensation they were offering these celebrities. (See court documents, Case 1:22-cv-23753 and Case 1:22-cv-23817.)

Proof of reserves

Those types of complaints from FTX clients have focused attention on so-called proof of reserves — a method to confirm whether a crypto lender or exchange is safely holding their customers’ assets. This means verifying that the correct amount of tokens or coins exist, and sufficient assets are backing them if that’s a requirement. Methods for establishing these proofs vary among the private crypto exchanges. CoinBase — one of the few publicly traded crypto exchanges — says it discloses that information in filings at the SEC. (See “How crypto companies can provide proof of reserves,” by Coinbase.)

Proof of reserves is supposed to instill some added trust, but they aren’t complete audits and don’t necessarily provide a full picture of a company’s financials, such as total liabilities (deposits) owed back to clients and other types of debt. Nor do they assess the quality of a crypto exchange’s controls. (See “What Are Proof of Reserves And Why Do They Matter?” by Andrew Asmakov, Decrypt, Dec. 20, 2022.)

Jesse Powell, CEO of cryptocurrency exchange Kraken, has called for a more thorough proof of reserve audit that would include a sum of client liabilities, user-verifiable cryptographic proof that each account was included in that sum, and proof that the exchange or custodian has control of the wallets holding customers’ assets. This would prevent what happened at FTX, which stands accused of fraudulently handing control of those deposits to Alameda. (See a tweet posted by Powell.)

Getting up to speed with crypto

As with all new technologies and market innovations, participants are learning as they go. The process can be complicated and often misunderstood. Auditing firms such as Armanino, which has been named in a class-action lawsuit that accuses it of facilitating SBF’s scam, and Mazars, which conducted proof of reserves for FTX rival Binance, are backing out of the space amid fears of reputational risks. While some auditing and accounting firms have boasted specialty knowledge in this area, auditors and fraud examiners say the industry has a long way to go before it can produce an abundance of crypto experts.

“There aren’t many experts in this world,” says Breslin. “They put out white papers written by the Big Four and try to spread the word, but there aren’t really any classes yet to go deep enough to give an auditor the skill set to even ask the right questions.”

Even how to classify cryptocurrencies, which suffer wild price swings in a matter of minutes, remains a subject of debate among industry experts.

“You have one standard classifying it as inventory and another classifying it as an intangible asset, so there is a need to improve guidance,” says Christie.

“Anytime there is financial innovation, and there is little time to prepare an accounting standard and framework for evaluating it, it is going to be dicey in terms of any audit and quantifying the value of those assets and the risks they pose,” says Powers.

Christie says that the speed of change in the crypto space and the volatility of the underlying assets means that monitoring and auditing of these types of exchanges should be done more regularly. “Things can happen very quickly,” he says. “The issue here is around management and oversight of the entity. Having a CFE on board and/or cryptocurrency expert auditing in real time is the first line of defense.”

Skills, old and new

Christie advises that fraud examiners bolster their knowledge of a technology that’s increasingly becoming part of our everyday lives. “We need to beef up our understanding and training in it, not to mention knowledge of the blockchain,” he says. “Blockchain is helping investigators to investigate where funds are transferred to and is proving to be a useful resource for capturing individuals who commit criminal acts using cryptocurrency.”

But basic investigative skills are still relevant, not least the importance of asking simple questions and getting straight answers. That worked with Enron and it applies to crypto as well.

“Cryptocurrency can be complicated, particularly to newcomers, but that does not mean these companies and their financial books and operations should be regarded as a black box,” says Powers. “There should never be an inverse relationship between the complexity of an organization and the strength of its controls.”

Paul Kilby is editor-in-chief of Fraud Magazine. Contact him at