Two recent developments regarding former Canadian cryptocurrency exchange QuadrigaCX and its late founder and sole director Gerald Cotten provide strong indications that QuadrigaCX was the locus for a massive fraud that victimized QuadrigaCX’s customers. First, on June 3, the Federal Bureau of Investigation announced that it, the Internal Revenue Service Criminal Investigation {IRS CI), the United States Attorney’s Office for the District of Columbia, and the United States Department of Justice’s Computer Crime and Intellectual Property Section (CCIPS) “are conducting an ongoing investigation” and seeking information from potential victims of QuadrigaCX.
Second, on June 19, the consulting firm Ernst & Young (EY) filed its latest report with the Nova Scotia Supreme Court, in its capacity as Monitor in the bankruptcy proceedings pertaining to the business and affairs of QuadrigaCX and related companies and Cotten. Although it noted that “the lack of formal books and records and inability to access certain encrypted devices have limited [its] review”, and that Cotten’s death and lack of other “key corporate representative” deprived EY of the ability to seek an explanation or justification, if any,” for the actions under review, EY provided the Court with a number of preliminary observations and findings.
Some of the most significant observations and findings are as follows:
- “No accounting records have been identified by [EY] and there appears to have been no segregation of assets between Quadriga Funds and User Funds. Funds received from and held by Quadriga on behalf of Users appear to have been used by Quadriga for a number of purposes other than to fund User withdrawals. With its available infrastructure, Quadriga does not appear to have had visibility into its profitability, if any.”
- “The Company appears to have engaged in significant “cash” transactions. The Monitor has been unable to verify if cash deposits were deposited into accounts containing User Funds and or properly recorded; (d) The Monitor has been unable to locate basic corporate records including the location and security passwords associated with Quadriga’s Fiat and Cryptocurrency inventories between TPPs, bank accounts, wallet addresses and third-party exchanges. In addition, the Monitor understands passwords were held by a single individual, Mr. Cotten and it appears that Quadriga failed to ensure adequate safeguard procedures were in place to transfer passwords and other critical operating data to other Quadriga representatives should a critical event materialize (such as the death of key management personnel).”
- “User Cryptocurrency was not maintained exclusively in Quadriga’s hot and cold wallets. Significant volumes of Cryptocurrency were transferred off Platform outside Quadriga to competitor exchanges into personal accounts controlled by Mr. Cotten. It appears that User Cryptocurrency was traded on these exchanges and in some circumstances used as security for a margin trading account established by Mr. Cotten. Trading losses incurred and incremental fees charged by exchanges appear to have adversely affected Quadriga’s Cryptocurrency reserves. In addition, substantial amounts of Cryptocurrency were transferred to wallet holders whose identity the Monitor has been unable to confirm.”
- “Mr. Cotten created Identified Accounts under aliases where it appears that Unsupported Deposits were deposited and used to trade within the Platform resulting in inflated revenue figures, artificial trades with Users and ultimately the withdrawal of Cryptocurrency deposited by Users.” The Report stated that those accounts “had no [Know Your Customer] information and were maintained under various pseudonyms (examples include Chris Markay, Aretwo Deetwo and Seethree Peaohh).”
- “Substantial Funds were transferred to Mr. Cotten personally and other related parties,” and EY “has not located any support justifying these transfers.” For example, in one case, EY reported that it appears that Cotten liquidated nearly all of the bitcoin deposited in a particular exchange account, for the equivalent of approximately CDN $80 million over the course of three years. To date, EY stated, it “has been unable to account for what happened to the proceeds of the sale” of that cryptocurrency.
Note: While the Monitor’s Report contains numerous facts reflecting Cotten’s putative fraud, the FBI’s announcement contains a number of facts from which one can infer how the Justice Department is conducting its investigation with the FBI and the IRS CI. Although both Cotten and his companies were Canadian, it is likely that a substantial number of the 76,000 users of QuadrigaCX’s services were American. Should the FBI and IRS-CI find evidence of international transfers of funds or email communications between Cotten and U.S. QuadrigaCX customers, those acts could provide the basis for wire fraud charges, and any subsequent transfers of victim funds could provide the basis for money laundering charges, against Quadriga or its related companies.
In addition, the announced involvement of both the United States Attorney’s Office in Washington, DC and CCIPS suggests that the investigation warrants collaboration between CCIPS, whose attorneys have considerable legal and technological expertise with cybercrime investigations, and the United States Attorney’s Office. That expertise may be especially important as investigators continue to try to access Cotten’s encrypted devices and text messaging services and to trace customer funds.
Dipping Through Geometries 