The cautionary tale of Sam Bankman-Fried remains a book in progress, but there are more than enough chapters to provide leaders across all industries with some important lessons on running a business without ruining the business.
Bankman-Fried, the former CEO of FTX, was an MIT graduate and the son of two Stanford law professors. His net worth peaked at an estimated $26 billion in March 2022, then slipped to around $16 billion over the next seven months before a 72-hour crash left him basically penniless – all before his 31st birthday. He now faces criminal charges for wire fraud, among other things, and if convicted on all counts, he could spend the next several decades behind bars.
FTX, the cryptocurrency exchange Bankman-Fried founded in 2019, once was valued at $32 billion, but it filed for bankruptcy in November 2022 along with its more than 130 affiliated companies.
The demise began when Binance, a rival cryptocurrency exchange, announced it was going to sell off its holdings of FTX’s token, FTT, and then later backed out of an offer to acquire FTX. Binance’s decisions were driven by a report that something was amiss with FTX’s sister company, Alameda Research. A large portion of Alameda’s balance sheet purportedly consisted of FTT assets and liabilities, the coin that FTX created.
It’s also been reported that Alameda borrowed billions of dollars’ worth of FTX customer funds – secretly and without any sort of disclosure to FTX’s customers. This led to insufficient available cash for FTX users, such as Binance, if they wanted to cash out.
1. Implement Governance and Risk Management. FTX lacked any semblance of governance or risk management. There was no board of directors overseeing FTX or Bankman-Fried, no audits by established firms, and no coherent record keeping. In the words of John Ray, III, the new FTX CEO, there were “absolutely no internal controls whatsoever.”
Employees submitted invoices and expenses on Slack, a communications app, with thumbs-up emojis serving as an approval. QuickBooks was the accounting software for this multi-billion-dollar company. Customer funds flowed freely between FTX and Alameda Research. And in at least one instance Bankman-Fried signed as both the issuer and recipient of a loan.
FTX was nothing more than a fraudulent house of cards.
Governance and risk management practices should have a place in every company, regardless of size. They may be simple at the beginning, but these practices must grow and become more sophisticated as the company grows. Furthermore, a lack of regulation is not an excuse for a lack of internal governance. The management of any company, regulated or not, is charged with enacting governance and internal controls.
2. Avoid FOMO and Beware of Star Power. Fear of missing out on the next big thing, the hype around cryptocurrency in general, and Bankman-Fried’s charisma and star power clearly contributed to FTX’s downfall.
Fear of missing out (FOMO) caused investors to pull back on independent due diligence before investing. Many seemed to rely on the research by what they deemed to be another reputable source. But making assumptions about the quality of someone else’s work and buying into hype is a dangerous strategy. The rule of thumb here is to do your own due diligence and form your own opinion, a best practice that would have surfaced the red flags on FTX governance much sooner.
As for charisma, it’s an important ingredient for a CEO who has the job of inspiring the troops. But beware of things that seem to be too good to be true – they usually are. Star power without substance leads you to become an emperor with no clothes.
3. Centralize the responsibility for enterprise-wide risk management. FTX had more than 130 affiliated companies, but no centralized responsibility for risk management. It was truly a company run amok. Without a centralized view of risk management, you’re left with silos of information but no context for the bigger picture and no understanding of how a risk in one part of the organization relates to a risk in another part.
Diffuse silos allow for management at the micro level, but not at the macro level. Both are necessary for an effective enterprise-wide approach to risk. Risk management functions such as finance, legal, and ethics and compliance should be connected within an organization for overall corporate responsibility. If they are not, it’s a red flag that should be addressed.
4. Strengthen relationships between management and the board. FTX had no board, and that was one of the primary problems, particularly since it was operating in an unregulated space. Companies of all sizes are well-served by having a board that includes independent members. This drives a culture of accountability and oversight that is critical to the health of any organization, but especially so for companies that are not public.
The healthiest companies exhibit a relationship of trust between management and the board, built on open and transparent communication about challenges and opportunities. Discussing those openly, along with successes, creates a relationship of candor and authenticity.
5. Assess risks and develop processes for early warning signs. The tolerance level for risk at FTX knew no limits. There was no assessment of risks or appreciation of the need for early warning signs of trouble. It was an all-or-nothing strategy with no solid foundation of business processes.
Companies should regularly assess their risks, and senior management should engage in exercises to identify the top risks that could cause the business to go under or kill its reputation. Once identified, management should ensure the company has processes in place for appropriately managing problems before they get out of hand. This assessment process should be revisited frequently because new risks are always emerging in business, particularly around technology and new markets like cryptocurrency.
6. Share cultural stories to learn from mistakes. Too often companies miss this point entirely. Examples like FTX offer a golden opportunity for fruitful discussions. Employees can examine what went wrong at FTX, discuss what’s different inside their organization and why, and by doing so create a strong cultural bond of purpose and integrity.
No company is perfect, and the best companies will use examples like FTX to reflect on their vulnerabilities, share stories about where they have stumbled, and then set about shoring up their risk management practices so that they don’t repeat their own mistakes or those of others.
FTX joins a long list of companies that shined like a star only to flame out because of poor management practices and unethical leadership. Some survived, but others (e.g., Enron, Theranos) did not. Leaders who are blinded by their own light are almost sure to lose their way.