Sam Bankman-Fried has declared FTX affiliate Alameda Research “unauditable,” joking that it could lose track of $50 million worth of assets, according to a report issued by FTX’s new CEO. Said.
“In internal communications, Bankman-Fried described Alameda as ‘cheerfully over the threshold that auditors could even partially pass an audit,'” it said. report It was filed in the U.S. Bankruptcy Court in Delaware on Sunday. Bankman-Fried’s internal message states:
Alameda is unauditable. This does not mean that the big accounting firms will refrain from auditing. This means that “you can only get an overview of what the balance is, let alone something like a comprehensive transaction history.” Sometimes we find his $50 million worth lying lost. Its the life.
At the very least, the report states, “Bankman-Fried’s statements attest to the challenges that a competent audit firm had to overcome to audit Alameda’s operations.” increase. The new filing is titled “Initial Interim Report to Independent Directors of John J. Ray III Concerning Failure of Controls at FTX Exchange.” There are also security issues, such as using plain text to store private keys linked to his over $100 million in assets, and sloppiness, such as using emojis in Slack to approve bills. accounting practices are also detailed.
FIRST REPORT BY “THE SPIRIT OF TRANSPARENCY”
Ray, who previously oversaw the liquidation of Enron, is leading FTX through bankruptcy proceedings. “In the spirit of transparency we have been committed to since the beginning of the Chapter 11 process, we are releasing our first report,” Ray said. press release.
As FTX’s new leadership seeks to determine how much money can be returned to damaged investors, former FTX CEO Bankman-Fried has announced that billions of dollars in FTX customer funds will be transferred to Alameda. Bankman-Fried himself faces 13 criminal indictments for several types of fraud and conspiracy, including improperly diverting funds to the US. FTX and its related debtors said last month that they had received payments and loans.
Three former executives who worked with Bankman-Fried have pleaded guilty to criminal fraud charges and are cooperating with government prosecutors. They are Nishad Singh, former Director of Engineering at FTX. Gary Wang, former CTO of FTX. Former Alameda CEO Caroline Ellison.
FTX leaders say they tend to “stifle dissent, mix and misuse corporate and customer funds, lie to third parties about their business, and lose track of millions of dollars of assets internally. , which caused the FTX Group to collapse as quickly as it once did.It grew,” the report said.
“Could you give me a number? Yes.”
Ray’s report points out that companies as large and complex as FTX typically have sophisticated accounting systems. Not so with his FTX, which Bankman-Fried co-founded, and its sister company Alameda.
“Fifty-six entities within the FTX Group did not prepare financial statements of any kind. We relied on shared drives, Excel spreadsheets, etc. Non-enterprise solutions for managing assets and liabilities,” the report states.
One of the internal portfolio summaries points out that Alameda does not provide valuation numbers for specific cryptocurrency tokens.
Alameda often struggled to understand what its position was, let alone hedge or explain. For the majority of its assets, Alameda’s recordkeeping is so poor that it is difficult to determine how positions were marked. , and when it comes to rating inputs for specific tokens, an Alameda rep said, “We’ll have to come up with some numbers. idk.”
Slack approved invoice with emoji
Expenses and invoices were sent in Slack and approved with emojis, Ray’s report said.
The FTX Group was made up of many separate entities, and the movement of funds between those entities was poorly documented and extremely difficult to trace. Worse, Slack, Signal, and other informal means of communication were frequently used to document approvals. Signal and Telegram were sometimes used to communicate with internal and external parties who enabled ‘disappearing messages’, making it impossible to review their history.
FTX Group expenses and invoices were submitted in Slack and approved with an “emoji”. These informal, temporary messaging systems were used to obtain approval for transfers of tens of millions of dollars, leaving only informal records or no records of such transfers.
It also noted, “There were ‘numerous’ loans between the former insider and Alameda that were executed without documentation at the time, and the funds were disbursed pursuant to these purported loans without any clear record of the purpose. . “
So far, FTX debtors have “verified over 1 million documents,” including Slack, Signal, emailed messages, Excel spreadsheets and Google Drive documents, the report said. increase. The debtor has verified the customer’s transaction data and financial records, and “verification of relevant documents and customer transaction data continues.”
In a press release, FTX and its debtors said the report was also based on interviews with 19 former FTX Group employees. “This work was carried out by the debtor through a team of legal, restructuring, forensic accounting, cybersecurity, computer engineering, cryptography, blockchain and other experts,” the press release states.
Valuable private key stored in plaintext
FTX’s decision-making and authority rested in the hands of Bankman-Fried, Singh, and Wang, and many important responsibilities were not delegated to others. [Singh] If you get run over by a bus, it’s the whole company.Same problem as Gary [Wang].”
FTX Group “didn’t have a dedicated cybersecurity person…its security was primarily managed by Singh and Wang, both of whom were trained and trained to handle FTX Group’s cybersecurity needs.” I didn’t have the experience,” the report said.
According to the report, the debtors “identified the private keys of more than $100 million in Ethereum assets stored unencrypted and in plaintext on FTX Group’s servers.” There are also third-party exchange private keys and credentials “stored in plain text without encryption across multiple servers”, from which users in many other servers and many locations can access them. I was. These unprotected private keys “allowed access to tens of millions of dollars in crypto assets.”
The report describes the insecure handling of “wallet nodes,” which are installed on blockchain network servers that “help implement and propagate transactions and maintain the security and integrity of the blockchain.” defined as a software program that The report states:
Despite the obvious importance of protecting wallet nodes, FTX Group’s security controls over wallet nodes were grossly inadequate. For example, passwords for encrypting wallet node private keys are stored in plain text, committed to code repositories (which are potentially visible to many users and easily compromised), and reusable across different wallet nodes. was used. If compromised, all other nodes with the same password can be compromised as well. Additionally, wallet node servers were not securely isolated from connected servers, so anyone who compromised FTX Group’s computing environment could potentially compromise that wallet node.
Summarizing the findings, Ray said: We will review the events that contributed to FTX’s decline and identify and recover as much value as possible for our creditors.”