CFTC Enforcement Action: $1.14 Million Penalty and 15 Months Jail Sentence for Crypto Trader

On 9 November 2018, the U.S. Commodity Futures Trading Commission (CFTC) announced that it had issued an Order filing and settling charges against crypto trader Joseph Kim, requiring him to pay a penalty of over $1.1 million for "a fraudulent Bitcoin and Litecoin scheme." Furthermore, Kim was given a 15 months sentence by the U.S. District Court for the Northern District of Illinois.

Kim, a 24-year-old University of Chicago economics graduate, was employed as a trader at Consolidated Trading, a Chicago-based proprietary trading firm from approximately July 2016 through November 2017 (when his employment contract was terminated).

According to the CTFC, here are the summarized facts of the case:

  • "Between September and November of 2017, Kim misappropriated approximately 980 Litecoins and 339 Bitcoins from his employer to cover personal trading losses in his own personal virtual currency trading accounts."
  • "When questioned by his employer about the transfers, Kim concealed his misappropriation and provided false explanations for the transfers."
  • "Kim’s employer suffered a loss of approximately $601,000 as a result of Kim’s scheme."
  • "After Kim ’s employment was terminated, he fraudulently solicited approximately $545,000 from at least 5 individuals between December 2017 and March 2018 to continue trading virtual currencies in an ill-fated attempt to cover his previous losses."
  • "In soliciting customers, Kim made a number of false statements, including that he left his employment on his own terms and that he would invest funds in a low-risk arbitrage virtual currency strategy."
  • "Kim lost all $545,000 of the customers’ funds trading virtual currencies in his personal trading accounts." (CFTC says that he made the losses by making "high-risk, directional bets on the movement of virtual currencies", and concelaed them by "sending false account statements to customers reflecting profitable trading.")

CFTC's press release says that "Kim was able to misappropriate the Firm’s Bitcoin and Litecoin through a series of transfers between the Firm’s accounts and Kim’s own personal accounts", and that when Kim was questioned about the missing LTC and BTC, he "falsely represented that there were security issues with a virtual currency exchange that necessitated transfers into various accounts." 

According to the Order, "virtual currencies such as Bitcoin and Litecoin are encompassed in the definition of 'commodity' under Section 1a(9) of the Commodity Exchange Act, and the Commission used its authority under Section 6(c)(1) of the Act and Regulation 180.1 to take action against Kim, who admitted to the findings and conclusions in the Order, and submitted an Offer of Settlement, which the Commission decided to accept.

In addition to "requiring Kim to pay $1,146,000 in restitution to his company and customers", the Order "imposes permanent trading and registration bans on Kim, including virtual currency trading and solicitation bans, and permanently enjoins him from further violations of the Commodity Exchange Act and CFTC Regulations."

CFTC's Director of Enforcement, James McDonald, stated:

“Today’s Order stands as yet another in the string of cases showing the CFTC’s commitment to actively police the virtual currency markets and protect the public interest. In addition, the criminal indictment and sentence reaffirms the CFTC’s commitment to working in parallel with our partners at the Department of Justice to root out misconduct in these markets. My thanks to U.S. Attorney Lausch and his staff, as well as the Federal Bureau of Investigation, for their assistance in this case.”

Also, in a separate criminal action brought by "the U.S. Attorney for the Northern District of Illinois", Kim "pleaded guilty to one count of wire fraud in connection with the misappropriation of approximately $601,000 (USD value) of Litecoin and Bitcoin from his employer, and fraudulent solicitation of $545,000 in funds from investors." According to a report in the Chicago Sun-Times, Kim was given a 15-month prison sentence by U.S. District Judge Andrea Wood "at the conclusion of a 2 ½-hour hearing," during which Kim made the following apology to his victims:

“I betrayed your trust with my desperate actions. I’m still desperately trying to make things right.”

The report also mentions that Kim’s attorney, William Ziegelmueller, pointed out that "while Kim may have defrauded people of millions of dollars, he did not spend any of it on himself":

“The whole reason he did what he did … was because he had a big debt. He was desperate about it. He didn’t know how to react. Mr. Kim’s intent was always to invest,” Ziegemueller added. “He didn’t blow it on Ferraris — he just lost it.”


Featured Image Credit: Photo via

CZ Explains How Binance Dealt With Aftermath of $40 Million Theft

On Sunday (May 19), Changpeng Zhao (aka "CZ"), the Co-Founder and CEO of digital asset exchange Binance, told the crypto community what he and his team had been up to since the May 7 security breach that resulted in a theft of over 7,000 BTC from their Bitcoin hot wallet. 

What Happened on May 7?

According to CZ, the hackers involved in the security breach somehow managed to get control over a number of user accounts and structured large withdrawals from these accounts in such a way thay managed not to be detected/noticed by Binance's "pre-withdrawal risk management checks." Their "post-withdrawal risk monitoring system" only noticed something was wrong after the hackers had moved the stolen BTC off of the exchange via a single transaction, at which time it immediately suspended all "subsequent withdrawals." 

At first, the Binance team was not exactly sure what had happened, and so they decided that the safest course of action was for CZ to send out a tweet to say that the "withdrawal servers" were in "unscheduled maintenance mode" while the team was investigating the incident. 

Communication With the Crypto Community

Once the team had confirmed that the exchange had been hacked, information about the security incident was broadcast to the outside world via all of Binance's communication channels (such as Telegram, Twitter, and Medium). 

Since the team could not be sure which user accounts the hackers had access to, it was decided that it would be too risky to allow further withdrawals to be made until the team had the chance to make "significant changes" to the platform (to make it more secure). Binance's announcement on May 8 estimated that the exchange needed to do "a thorough security review" and estimated that this would take about "ONE WEEK," and that during this period, "deposits and withdrawals" would need to "REMAIN SUSPENDED."

By being fully transparent in their communication with Binance users, they were able to receive "tremendous support" from them.

CZ's Periscope AMA Session on May 8

Seeing CZ live put much of the Binance community "at ease." Unfortunately, because CZ had been up all night, he was not in an ideal mental state when he did the AMA. Just before the AMA, his team told him that a Bitcoin Core developer had suggested that it would be technically possible to roll back the single Bitcoin transaction carried out by the hackers by "hugely incentivizing the miners." CZ made the unfortunate mistake of mentioning this "reorg" idea (which he now realizes is a "taboo topic") during the AMA, for which he took a heavy beating (especially from hardcore Bitcoin maximalists) on Twitter (and elsewhere). 

CZ's Mental State Right After Being Told About the Bitcoin Theft

Although he was in a "F***, F***, F***” state" for around 10 seconds, a few moments later, he "began to come to terms with it," and a quick mental calculation told him that the theft of around 7000 BTC (equivalent of around $40 million at the time) could be fully covered by their SAFU fund. Meanwhile, his team had already gone into "War Mode", and their professionalism and support cheered up CZ. 

Support From the Crypto Community

Binance received support from many sources: people defending him and Binance on social media platforms, and helping to answer questions; the Binance Angels (who are all volunteers) "addressing questions" and "reassuring" users on "multiple communities"; analytics firms helping with the tracking of the stolen funds; exchanges and wallet services offering to help by blocking "any deposits associated with the hacker addresses"; and "numerous offers for help from law enforcement agencies around the world."

A Blessing in Disguise?

"Speaking with various team members, and as correctly analyzed by community members, such as Gautam Chhugani, this incident may actually be a good thing for us in the long run. Security is a never-ending practice. There are always more things to do in security, and we have implemented many of them in this last week and will continue to implement more in the future. Given this incident, Binance has actually become far more secure than before, not just in the affected areas, but as a whole."