The immutable nature of blockchains prevent accidental transactions from being reversed, while the difficulty in tracing assets makes fund recovery a more complex process. Crypto developers and Foundations have generally been reluctant to fork to reverse investor or asset loss.
Several controls incidents have already been reported in the crypto space. In one instance, a Chicago-based crypto hedge fund trader withdrew fund assets from an exchange and transferred it to his own account. There have also been reports of multiple centralised exchange being victims of insider theft and negligence.
Fortunately for crypto hedge fund managers, there are a number of ways to reduce the likelihood of rogue trading and crypto theft.
Custody & Access Rights
Crypto fund managers can use crypto custodians to ensure crypto are secured. Companies such as Coinbase, BitGo (Kingdom Trust), Gemini and VO1T offer such services.
Access to trading operations and custodian wallet withdrawal can be monitored through multi-factor authentication and access policies.
Investor Notification & Third-party Certification
The risks particular to the crypto space, governance and internal controls can be specified in the Private Placement Memorandums during the fund formation process.
In addition, certification from third-party providers such as auditors and custodians can be disclosed in the PPM.
Various types of contracts can be used. A fund can insert restrictions into a crypto trader’s employment contract. In addition, a specific agreement can be agreed between a custodian and the fund, outlining what a particular trader can and cannot do with fund assets.
Multisig wallets can be used to ensure that funds are not improperly transferred out of the crypto fund’s wallets. Any transaction would have to be approved through the provision of the additional private key.
Hardware cold storage solutions, such as Ledger and Trezor, give funds greater certainty over the security of their crypto.
Traditional employee surveillance methods can be used in conjunction with other control and governance methods. This includes both monitoring of computer terminals and AI-driven behavioural analysis.
Rogue trading and asset theft are less of a concern in the traditional asset classes, as transactions can be reversed and can be easily traced. Given the immutability of the blockchain and the relative privacy offered by crypto, more thought and care has to be taken by crypto hedge fund managers.