If anyone thought investing in cryptocurrencies could be managed using conventional due diligence practices, that perspective has been shattered with the stunning collapse of the cryptocurrency exchange FTX. In the aftermath of the collapse, crypto due diligence is now top of mind for investors and regulators alike, as they work through the details to figure out where so many high-profile firms went wrong. Regulatory bodies, such as the Securities and Exchange Commission (SEC) and US Department of Justice (DOJ), as well as the Federal Bureau of Investigation (FBI), among others, are only in the early stages of investigating what happened at FTX.

John J. Ray, its newly-inserted acting CEO, who has overseen some of the highest-profile bankruptcies ever, including Enron, has said he’s never seen anything as bad as FTX. One of the most glaring aspects of the collapse of FTX is the breadth and depth of large, sophisticated investment management firms that were duped into investing vast sums of capital into FTX, seemingly without conducting anything but the most cursory due diligence.

The failure of some of the finance world’s most sophisticated investors to look under the hood of FTX before pouring money into it attests to the ease with which connections, the cult of personality, and “FOMO” (Fear of Missing Out) can obscure the necessity for rigorous standards of due diligence. As the investigation deepens, it has come to light that hundreds of mainstream investors and lenders, including some of the leading venture capital firms, have likely suffered enormous losses from FTX’s downfall. And that’s before factoring in subsequent tumbles for Bitcoin and other crypto investments.

FTX, Alameda, and other affiliates have estimated in their bankruptcy filings that they have more than 100,000 creditors and face liabilities of between $10 billion and $50 billion.

FTX & Insufficient Crypto Diligence: A Disaster Waiting to Happen

Seen from the broadest perspective, the FTX disaster underscores, at an epic scale, how much things haven’t been quite the same in the 14 years since the blockchain first appeared, followed a year later by the first Bitcoins. Along the way, digital currency and the underlying technology that facilitates it has redefined conventional notions of implied value, the nature of financial transactions, as well as privacy.

For their part, governmental regulatory agencies in the US and elsewhere began introducing oversight measures prior to FTX and have launched numerous successful prosecutions. Clearly, though, a higher standard of due diligence is called for in helping stem the tide of crypto-related malfeasance.

Numerous high-profile crypto trading firms, including Genesis and Wintermute, suffered substantial losses due to their exposure to FTX, alongside sophisticated institutional investors Sequoia Capital, NEA, IVP, Iconiq Capital, Third Point Ventures, Tiger Global, Altimeter Capital Management, Lux Capital, Mayfield, Insight Partners, SoftBank, Lightspeed Venture Partners, Ribbit Capital, Temasek Holdings, BlackRock, and Thoma Bravo. In the immediate aftermath of the collapse, many of the affected firms reported that standard due diligence procedures were followed prior to any engagement with FTX. However, in hindsight, the glaring gaps and missed red flags are readily apparent.

Among those who claimed to have conducted extensive due diligence is Singapore’s state-owned investor Temasek, which held a $275 million stake in the now-bankrupt FTX. In a statement published on their website, Temasek details the history of their investment in FTX, as well as the procedures followed during an eight-month-long due diligence process. The statement reads: “During this process, we enquired about the relationship, preferential treatment, and separation between Alameda and FTX, and were given appropriate confirmations that were contractually binding.”

In another case, investment firm Tiger Global Management had a team of expert consulting firms advising their due diligence, yet still missed crucial warning signs and risk indicators that, upon closer inspection, could have revealed that things at FTX were not quite what they seemed. As reported by Bloomberg, “Sam Bankman-Fried’s oversight of a vast web of FTX-linked entities was one of the risks highlighted during the due-diligence process”; however, this red flag did not deter the group from obtaining a stake in FTX worth around $38 million.

Going Beyond FTX: Why Standard Due Diligence Isn’t Enough

While the FTX collapse was an eye-opener for investors of all types, it’s not an isolated trend, and crypto’s appeal to criminals stems from the way blockchain works. Blockchain’s uniqueness as a centralized ledger hinges on something that distinguishes it from previous systems — its ability to preserve anonymity in recording transactions.

Not surprisingly, the rise of crypto has provided bad actors with a new, compelling array of techniques to commit financial crimes. Numerous examples have shone a bright light on why a standard approach to due diligence is falling short.

Though the history of cryptocurrency is short when compared to other asset types, there are numerous other instances of inadequate due diligence leading to investment losses and reputational damage. Some notable examples targeting retail investors underscore the need for specialized and focused due diligence for cryptocurrency and other digital assets:

  • Unlawful use of securities markets: In one case, which resulted in enforcement actions by the Department of Justice, the owner of a cryptocurrency investment platform duped people into investing in an unregistered commodity pool, designed to trade on the futures and commodities markets.

As alleged in the indictment, David Saffron falsely represented to investors that his proprietary trading bot could execute over 17,000 transactions per hour on various cryptocurrency exchanges, promising to generate between 500 to 600 percent returns on the amount invested. Saffron fraudulently raised approximately $12 million from investors. If convicted of all counts with which he’s charged, Saffron could face up to 115 years in prison.

  • Crypto Initial Coin Offering schemes: Initial Coin Offerings (ICO) are another way criminals can exploit unsophisticated investors. In one case, the CEO and founder of a purported cryptocurrency investment platform was charged with securities fraud for his role in a scheme involving a bogus initial coin offering, which raised approximately $21 million from investors in the US and overseas.

The perpetrator in this case falsified documents that prospective investors rely on to understand the technology behind the particular cryptocurrency and the nature of the project. He also promoted other fabrications, all in an effort to create the appearance of legitimacy. He faces up to 20 years in prison.

Due Diligence Must Adapt To The Challenges Of Cryptocurrencies

FTX’s bankruptcy is part of a broader backdrop of standards slipping during a long period of easy money: In “Doesn’t anyone do due diligence any more?” the Financial Times points to sophisticated investors getting duped in other industries — the most glaring example being Theranos, whose founder Elizabeth Holmes was sentenced to 11 years in prison in November 2022. Characterized as a “boring process of checking that potential investments can live up to their promises,” effective due diligence, while rigorously methodical, also needs to be tailored to each unique situation. Part is traditional tire kicking — acting CEO John J. Ray described FTX’s demise as “old-fashioned embezzlement” in his testimony to Congress. However, the red flags and shady investment practices revealed in FTX’s collapse only bolsters the need for due diligence tailored specifically for cryptocurrency. Companies and investors can no longer rely on a one-size-fits-all approach to due diligence; the investigations and research conducted prior to engaging with crypto-focused firms must be unique and tailored to the situation at hand.

This specific approach to cryptocurrency due diligence is more important given that there remains a good deal of uncertainty surrounding enforcement and regulations in various international jurisdictions. One stumbling block in the effort to pursue and prosecute cases of crypto fraud has been continuing debate around the question of whether to classify digital assets as securities, commodities, or as a separate asset class entirely. And, as additional information regarding FTX comes to light, new challenges and priorities for regulatory action will only continue to grow.

Savvy investors, such as Marty Bent, a venture partner at Ten31, a bitcoin-focused venture fund, who identified red flags in FTX’s business practices that caused an almost overnight growth, are questioning why these observations didn’t set off alarm bells for the industry at large. FOXBusiness reports that “Bent said the use of exchange tokens and near total lack of professional oversight should’ve raised red flags across the industry.” FTX’s own rapid-fire dealmaking, which, aside from numerous acquisitions, included roughly 50 corporate venture capital (CVC) investments, should have also raised concern. Bent singles out FTX’s acquisition of Ledger X, a digital currency futures and options exchange and clearinghouse; regulated by the Commodity Futures Trading Commission, this transaction would normally require intensive due diligence by both sides and would likely have exposed FTX’s shortcomings. The SEC also filed a complaint against FTX Ventures, accusing the CVC arm of using $200 million of FTX customer funds that had been diverted to Alameda.

Despite the chaos of the FTX debacle, one thing is certain: crypto is a new, permanent asset that requires a higher than typical standard of due diligence to ensure crypto fraud schemes and shady investment practices are thwarted early on, before they can inflict extensive and, in some cases, devastating consequences.

To learn more about specialized cryptocurrency due diligence and how it can help your firm, contact the experts at Integrity Risk International.