FTX: The $8 Billion Safeguarding Failure, and What MiCA Now Requires

Part 3 of our "Crypto Enforcement Files" series. The previous cases were about dirty money moving through crypto. FTX is different: the funds were customers' own deposits, and the failure was that the exchange treated them as its own. It is the definitive case for why asset safeguarding is a hard rule, not a best practice.

FTX did not collapse because it was hacked or sanctioned. It collapsed because there was a hidden door between customer deposits and a hedge fund's trading account, and billions flowed through it for years. MiCA's safeguarding regime — segregation, reconciliation, custody rules — is in large part a response to exactly this failure mode. Here is what the forensics found, and what the rules now demand.

The Backdoor

From FTX's inception in 2019, co-founder Gary Wang hard-coded an exception into the exchange's code: Alameda Research, the affiliated trading firm, was the only account permitted to carry a negative balance — that is, to spend money it did not have. In practice that meant Alameda could draw on customer deposits at will. Customer funds were not segregated from the trading operation; they were a credit line for it.

The forensic accounting later put numbers to it. Professor Peter Easton testified that as of June 2022, FTX should have held roughly $11.3 billion in customer funds at Alameda but only about $2.3 billion sat in the relevant bank accounts. The rest had been deployed — into venture investments (SkyBridge, Modulo Capital, a $550 million stake in the miner Genesis Digital Assets), real estate, political donations, and Alameda's own losing trades. When customers tried to withdraw en masse in November 2022, the money to pay them was not there.

What MiCA Art. 70 Now Requires

MiCA's safeguarding regime is written to make the FTX mechanism impossible to run inside a licensed CASP. The core obligations:

• Segregation — clients' crypto-assets and funds must be held separately from the CASP's own, identifiable as clients' at all times, and not used for the CASP's account
• Title protection — client assets must be ring-fenced so that they are not part of the CASP's estate if it fails — the exact protection FTX customers did not have
• Reconciliation — frequent, documented reconciliation between what is owed to clients and what is actually held, with prompt correction of any gap
• Custody records — a register of positions per client, so the "who is owed what" question has a real-time answer, not a reconstruction-after-the-fact
• Restrictions on use — no lending or deploying client assets without explicit, regulated arrangements — closing the "Alameda credit line" door by rule

Proving It On-Chain

The gap between a policy and reality is exactly what on-chain verification closes. Where client assets sit on public chains, the holdings are independently observable: an auditor or the CASP itself can reconcile the wallets that should hold client assets against the liabilities owed, and surface a shortfall before it becomes a collapse. This is the asset side of a proof-of-reserves discipline — not a marketing snapshot, but a recurring control.

How BA helps. BA reconstructs and monitors on-chain holdings across 80+ chains and screens the addresses involved, so the wallets backing client liabilities can be verified against the client ledger on a recurring basis and movements flagged. The FTX shortfall was invisible because no independent party was reconciling the two sides; on public chains, that reconciliation is a control you can actually run. For the regulatory framing, see MiCA in Practice: Asset Safeguarding & Capital Requirements.

Next in the series: The $3.6B Bitfinex Hack — A Forensic Tracing Case Study, where the funds were stolen in 2016 and the on-chain trail took six years and a record seizure to follow to its end.