Reflecting on the Bybit salary incident, what kind of financial management concepts do we need?

Author | TaxDAO

Wu said that the blockchain reported the "Full Text of Bizarre Case: Bybit Salary Leader Steals a Large Number of USDT, Singapore Court Explains Cryptocurrency Property Attributes" on July 28, which caused a lot of discussion in the industry. This paper will analyze and summarize from the perspective of financial management.

Event Summary

Crypto exchange Bybit sued Ms. Ho, who was in charge of salary payments within the company, for abusing her position by transferring large amounts of USDT to addresses she secretly owned and controlled. The Ordinary Division of the Singapore High Court upheld the judgment on July 25 that Ms. Ho should immediately pay Bybit all transferred funds and interest.

Event details analysis

1. ByBitFintech Limited (“ByBit”) seeks judgment against the first defendant, HoKaiXin (“Ms. Ho”). The charges against her are that she violated her employment contract, abused her position, and transferred some USDT to an "address" that she secretly owned and controlled, and some fiat currency to her own bank account. The primary relief sought is a statement that Ms. Ho is hosting USDT and fiat currencies for ByBit. Therefore, ByBit requires the return of the same or retroactive proceeds, or payment of an amount of equivalent value.

From the above details it follows that:

1. Ho has full control over the salary-related cryptocurrency accounts and fiat currency accounts, without multi-level authorization;

2. There are large loopholes in the fund control process (the lack of internal control related to the account is a large loophole even if it only loses 1 US dollar).

3. As part of her duties, Ms. Ho maintains a Microsoft Excel spreadsheet that records monthly cash and cryptocurrency payments due to ByBit employees (respectively “Fiat Currency Excel File” and “ Encrypted Excel File"). ByBit employees can, and often do, change their assigned address by communicating the new address to Ms. Ho, who then updates the cryptocurrency Excel file. Only Ms. Ho is able to update the encrypted Excel files, and only she has access to these files, except that the encrypted Excel files need to be submitted to her immediate supervisor, Casandra Teo, for approval every month.

From the above details it follows that:

1. The collection process of the payroll address is relatively random and can be modified at will without leaving any traces;

2. The review of the salary address is not only formal, but also the review data is from a single source, and there is no way to confirm whether the receiving address is true or fake.

3. On September 7, 2022, ByBit discovered that eight unusual cryptocurrency payments (“unusual transactions”) occurred between May 31 and August 31, 2022, involving payments to four addresses (i.e. Call them simply addresses 1, 2, 3, and 4) to transfer large amounts of USDT. A total of 4,209,720 USDT (“Crypto Assets”) were transferred. USDT gets its name because its value is pegged to the U.S. dollar, and each USDT gives its holders (i.e., "verified customers" of the issuer Tether Limited) the contractual right to exchange U.S. dollars for their USDT. These unusual transactions were compiled into an Excel spreadsheet (“Reconciliation Excel File”), and Ms. Ho was assigned to interpret the discrepancies. Ms. Ho initially blamed the unusual transactions on unintentional mistakes or technical errors, and proposed to calculate the amount that needs to be recovered from ByBit's employees.

From the above details it follows that:

1. There should be a reconciliation process within Bybit, but the time is relatively lagging, which may be related to the reason why the middle and background support cannot keep up with the large business volume;

2. The cost of repairing the hole afterwards is far greater than the cost of planning in advance.

3. ByBit also found that Ms. Ho caused $117,238.46 (“fiat assets”) to be paid into her personal bank account in May 2022. It is indisputable that Ms. Ho is not entitled to fiat currency.

From the above details it follows that:

1. The fiat currency account has also been compromised, and it is puzzling. There should be countless cases of traditional work such as paying salaries in fiat currency, whether it is a process or a tool;

2. Even if it needs to be handed over to HR for payment and authorization due to salary confidentiality (some work is out of financial control), the basic salary table production, bank payment action and authorization also need to be separated.

Financial concepts for Web3

After years of development, in addition to the emergence of many business giants, Web3 is also attracting more and more people from Web2. Combined with the evolution of the regulatory and compliance environment in the past two years, the necessary financial management ideas and methods need to attract more and more attention. Many Web3 companies attach importance to it.

1. Protect the security of encryption & fiat currency accounts: isolate risks, separate basic information collection nodes, operation nodes and authorization nodes, and verify the same information from different sources at each node, so as to avoid that there is only one information source and cannot be compared and traced.

2. Financial verification mechanism: such as regular reconciliation and bookkeeping, the same verification of the same information from different sources, to avoid only one source of information that cannot be compared and traced, and the frequency should not exceed one month. The verification mechanism ensures the "business closed loop" (I didn't expect a better word to replace "closed loop"), that is, the correctness and on-orbit mutual verification of the occurrence and whether the event occurs.

3. Accounting records - including cryptocurrencies: Complete and effective accounting records and a traceable chain of evidence will greatly reduce the risk of internal control failure, and use accounting records to manage operations and deal with external compliance obligations (the collapse of FTX and its chaotic accounting There is also a certain relationship between records).

4. Necessity of internal control: It is important to have a sense of operation management and internal control. If you can cooperate with excellent automated management software that has a lot of practical experience in internal control, accounting, and taxation, you can maximize your encryption business stability. Zhiyuan.