Welcome back to Dry Powder. I’m Bill Cohan.

Not all surprises are unexpected, something I recalled while flipping through John J. Ray III’s astounding interim report on the FTX meltdown—a veritable chronicle of Gen Z hubris and financial impropriety. In today’s issue, a close look at the document’s most dramatic revelations, and what it foretells about the next chapter of this remarkable Wall Street saga.

Composing the document was no easy task. According to Ray, he and his team had “to overcome unusual obstacles” due to FTX’s “lack of appropriate record keeping and controls in critical areas, including, among others, management and governance, finance and accounting, as well as digital asset management, information security and cybersecurity.” Normally, he wrote, in a bankruptcy involving a business of the size and complexity of FTX, “there are readily identifiable records, data sources, and processes that can be used to identify and safeguard assets of the estate. Not so with the FTX Group.” In fact, Ray wrote, the lack of records and controls at S.B.F.’s company was so “pervasive,” that he and his team had to “start from scratch,” in order to “simply identify the assets.”

Indeed, despite slapping its name on a Miami sports arena, hiring our beloved Larry David to appear in a Super Bowl commercial, and S.B.F.’s own ubiquitous political fundraising, Ray wrote that FTX was a company run by a small group of impish post-adolescents who “stifled dissent, commingled and misused corporate and customer funds, lied to third parties about their business, [and] joked internally about their tendency to lose track of millions of dollars in assets.” According to Ray, S.B.F. empowered a half dozen staffers with near total authority to hire and fire employees and to direct transfers of dollars and other currencies, as well as crypto assets, without any effective oversight.

Ray provided many examples. To wit: S.B.F. supposedly outsourced the management of Alameda Research, the hedge fund of which he owned 90 percent, to Ellison and then claimed to have no involvement with it. True or not, it was a terrible decision; Ellison ran the hedge fund into the ground, investing billions of dollars in a range of boneheaded opportunities. Ray wrote that Alameda’s recordkeeping was so poor that it was difficult to ascertain how its positions were marked. As for the crypto tokens it owned, Ray found documents urging Alameda employees to just make up some numbers for their values. An email from S.B.F. about Alameda described it as “hilariously beyond any threshold of any auditor being able to even get partially through an audit” and added that Alameda was “unauditable.” S.B.F. then revealed how cavalier Alameda had become toward proper financial controls. “I don’t mean this in the sense of ‘a major accounting firm will have reservations about auditing it’,” he wrote. “I mean this in the sense of ‘we are only able to ballpark what its balances are, let alone something like a comprehensive transaction history.’ We sometimes find $50m of assets lying around that we lost track of; such is life.” Such is life.

The usual financial safeguards either never existed or were simply ignored, while the Alameda Slack channel, among other messaging platforms, morphed into venues for approving large expenses. And some of these messages were set to disappear, making it virtually impossible to track various payments. Ray discovered that many expenses and invoices were submitted on Slack and approved by emoji. Loans in the millions of dollars were made to FTX insiders without “contemporaneous documentation” and without a “clear record of their purpose.” Ray noted that one FTX insider bought some real estate with funds wired directly from Alameda and an affiliate of FTX Trading Ltd. “Only four months after the real estate purchase had closed did the employee enter into a promissory note with Alameda in which he undertook to repay the funds used to purchase the property,” Ray wrote. “Other insiders received purported loans from Alameda for which no promissory notes exist.” You just can’t make this shit up.

Notably, and particularly puzzling, on the same day that Singh had altered the code, S.B.F. claimed on Twitter that Alameda’s relationship with FTX was totally kosher, “just like everyone else’s” as he put it, and that “Alameda’s incentive is just for FTX to do as well as possible,” in response to a question on Twitter about how S.B.F. would “resolve the conflict of interest of running [his] own derivative exchange, AND actively trading against the market at the same time.” As recently as last September, two months before the bankruptcy filing, S.B.F. and Ellison continued to try to push the fiction publicly. In interviews with Bloomberg, S.B.F. said Alameda was a “wholly separate entity” and Ellison claimed that Alameda was “arm’s-length and [did not] get any different treatment from other market makers.”

In actuality, according to Ray, Alameda had special privileges that other FTX customers did not have. Most retail FTX customers were not allowed to trade on the exchange if they had a net-negative balance in their accounts. Other “preferred” customers and “market makers”—large capital providers that stood ready to buy or sell to satisfy market demand—could continue to trade if their balances got as negative as $150 million. Alameda’s trading privileges on FTX were limited only after its net-negative balance reached a comical $65 billion, making its access to customer funds virtually unlimited. Singh added these features to the codebase of the FTX.com exchange on July 23, 2019 and July 31, 2019, respectively.

Ray also shared additional details of the stunning cyberattack that occurred on the date of the bankruptcy filing and that resulted in the loss of $432 million of crypto assets from the debtor, and which would have been more disastrous but for steps taken by the new FTX management. “A malicious actor had just drained approximately $432 million worth of crypto assets in hours,” Ray wrote. “[T]he FTX Group did not have the controls to detect the compromise, much less to stop it[.]” Making things worse, Ray wrote, the cybersecurity experts that he hired found that S.B.F.’s FTX “had no written plans, processes, or procedures that explained the architecture or operation of its computing environment or storage of crypto assets.”

Then, according to Ray’s report, S.B.F. and other FTX executives deceived its customers about the security of their crypto assets held at FTX. The most secure way to hold crypto assets for customers was by using “cold wallets,” that only could be accessed under the most stringent of circumstances. So-called “hot wallet” storage was less secure and more susceptible to the kind of cyberattack that hit FTX on the day of its bankruptcy filing. In a 2019 response to a question on Twitter, S.B.F. lied, according to Ray, that FTX used the “standard hot wallet/cold wallet setup.” FTX further elaborated, in 2022, that it “uses a best practice hot wallet and cold wallet standard solution for the custody of virtual assets” and “aims to maintain sufficient virtual assets in the hot wallet to cover two days of trading activities, which means only a small proportion of assets held are exposed to the internet.”

Alas, that was just another of S.B.F.’s falsehoods. On Slack, FTX employees were all over the map about whether FTX customers’ crypto assets were held in cold or hot wallets. One employee thought it was 70 percent cold and 30 percent hot, information to be shared with regulators only if specifically asked. Another employee responded that for questions from “non-regulators,” the answer was 90 percent cold and 10 percent hot. “In fact, neither of these assertions about cold storage use was true,” Ray wrote. He observed that outside of Japan, where 95 percent of crypto assets are required to be kept in cold storage, FTX “made little use of cold storage.” He noted that an employee at LedgerX, a crypto exchange owned by FTX (and that is not part of the bankruptcy filing) urged that FTX use a cold storage system similar to LedgerX’s. “[B]ut no such system was put in place prior to the bankruptcy,” Ray wrote.

Ray may be biased against S.B.F. and his cadre of Gen Zers but it’s looking more and more like Ray’s reports are going to serve as the rough draft of this astounding piece of financial history. They also may serve as a roadmap for the U.S. Attorney in the Southern District of New York and for the Securities and Exchange Commission, both of which continue to build their cases against S.B.F.

In other words, the FTX fiasco is as bad as it gets, although others such as the scandals involving Bernie Madoff and Enron, the bankruptcy of which Ray administered back in the day, come close. For complexity, I suspect the FTX bankruptcy will rival the Lehman bankruptcy, with a twist of duplicity and criminality. It’s safe to say that books will be written about what transpired here, with our friend Michael Lewis at the top of the queue. In the meantime, most of FTX’s top executives have pleaded guilty to crimes and appear to be cooperating with federal prosecutors. S.B.F. alone has maintained his innocence and remains under house arrest at his parents’ home in Palo Alto. At least, he seems to have come to his senses sufficiently to stop blithering at every opportunity he has had, an indication that he is, perhaps, starting to wise up and take the advice of his high-priced attorneys. His trial is still set to begin in October.