A real good takeaway here is how even a single gap in compliance controls can lead to unbounded failures, here I think largely access controls and tracking.
If an exec can just go and cook the books, or like sbf did, "secretly transfer 4bn to alameda", it doesn't matter if you have strict auditors. It doesn't matter if you have compliance and control rules around comingling. This will literally never be visible to anyone in your exchange since their data source is fundamentally wrong.
Nothing they did was proper or legal in the first place! It's already quite regulated in that regard. But they were able to do so in the first place since the required compliance frameworks weren't completely in place.
If an exec can just go and cook the books, or like sbf did, "secretly transfer 4bn to alameda", it doesn't matter if you have strict auditors. It doesn't matter if you have compliance and control rules around comingling. This will literally never be visible to anyone in your exchange since their data source is fundamentally wrong.
Nothing they did was proper or legal in the first place! It's already quite regulated in that regard. But they were able to do so in the first place since the required compliance frameworks weren't completely in place.