Connect with us

Published

on

A Tesla Model Y on a Tesla car lot in Austin, Texas, May 31, 2023.

Brandon Bell | Getty Images

In the fourth quarter of 2021, a Tesla employee and a tech industry researcher jointly filed a whistleblower complaint to the U.S. Securities and Exchange Commission, expressing concerns that Elon Musk’s car company may have violated the law repeatedly, affecting shareholders, employees and customers.

The complaint contained a number of allegations about Tesla’s financials and its business practices, including that it improperly categorized repairs for years and that it had poor control over internal systems used for capturing business data that ultimately rolls up to financial and other company disclosures to shareholders.

In January 2022, the SEC assigned one person to look at one part of the complaint related to accounting firm PricewaterhouseCoopers’ work for Tesla, then closed that ticket a few months later, according to records reviewed by CNBC.

Agency staff have never spoken with the people who filed the complaint, those people say, and have never taken them up on their offer to review about 18,000 files they say they have for review, including internal Tesla emails, spreadsheets, screenshots, recordings and images, along with public records they gathered to support their allegations.

In response to questions from CNBC, the SEC declined to comment on the existence or nonexistence of a possible submission but said the agency evaluates all tips that are submitted. The whistleblowers could earn a financial reward if their complaint leads to the SEC taking some enforcement action and obtaining a monetary settlement or damages.

During the approximately two-year period since the complaint was first filed, Musk sold more than $39 billion of his shares in Tesla, including around $23 billion in 2022, to fund a leveraged buyout of Twitter, the social network he now owns and has rebranded X.

CNBC has reviewed a copy of the complaint — which is known as a TCR, an abbreviation federal agencies use to mean “tips, complaints and referrals” — along with follow-up correspondence to the financial regulator, public records and some of the internal Tesla materials that the whistleblowers wanted the agency to review. The identities of the people who filed the complaint to the SEC are known to CNBC, but they asked to remain unnamed and for their TCR to receive confidential treatment by the agency, citing a fear of retaliation by Musk against employees and critics, especially those who raise issues with government agencies or press. The whistleblower who was a Tesla employee no longer works there.

Tesla's limited product line makes pricing power key to growth, says Bernstein's Toni Sacconaghi

CNBC asked accounting, business and securities law experts to read a version of the complaint with the identities of the whistleblowers redacted to protect their privacy.

Ann Lipton, an experienced corporate and securities law trial attorney who now teaches at Tulane Law School and University of Chicago Law School, told CNBC, “Whistleblowers in general can come off like they have an ax to grind. This complaint contains a long list of concerns and some felt more serious than others — but the people who filed it sound plausible,” in part because they offered so many specific examples and records from within the company. 

Some of the allegations in the redacted complaint, Lipton said, raise questions about whether Tesla has run afoul of federal securities law, including Section 13 of the Securities Exchange Act, Rule 13a-15 and Rule 15d-15, and the Sarbanes-Oxley Act. Broadly, these rules require companies and their management to maintain sufficient internal systems and processes to track and report financial and business information to auditors and shareholders, and to do so accurately and honestly and at regular intervals.

After reviewing the redacted version of the whistleblower complaint, Karen Nelson, a professor of accounting at Texas Christian University who previously served as an advisor to the Public Company Accounting Oversight Board, said the allegations about “internal control systems,” or how Tesla captures its financial and business information for eventual presentation to auditors and shareholders, were concerning.

If the information in the complaint is accurate, Nelson said, “Tesla’s information systems don’t seem to be very transparent and robust for internal people, which then leads to questions about how the auditor navigated those systems in their internal control testing, and became comfortable with using the data being produced by it.”

CNBC reached out to Tesla multiple times with detailed inquiries about this and other contentions. The company did not respond.

Here’s a detailed look at some of the more serious allegations about Tesla in the whistleblower complaint — and at the questions they raise about car quality and financial performance and why these would matter to shareholders or regulators, according to experts in the auto industry, securities and business law, and accounting.

Warranty repairs

Unlike traditional automakers, Tesla operates with a “direct-to-consumer” model meaning that it sells and services the cars it manufactures, rather than relying on franchised dealerships to do so. 

Why service is still Tesla's weakness

When Tesla employees complete a repair, they must classify the job within broad pay type categories, including “warranty,” “extended service agreement,” “customer pay,” “rectification,” “goodwill” and others, according to internal communications, guides and policies available to employees via a Tesla intranet and reviewed by CNBC. 

In their complaint, the tipsters included excerpts from Tesla policies, internal emails, customer service records and other documents to show that they believe employees have been miscategorizing repairs for years and that Tesla management has been aware of the problem.

Under standard warranty accounting practices in the automotive and other industries, companies set aside a portion of each sale to cover future repairs that will be conducted under warranty, Nelson explained to CNBC. These warranty reserves show up as liabilities on a company’s balance sheet and show up on the income statement as part of the costs of goods sold. Later, when repairs are recorded as “warranty,” the costs of these repairs are counted against the warranty reserves.

The complaint does not allege that Tesla deviates from this standard industry practice. It instead alleges that Tesla has allowed employees to miscategorize repairs and thereby hide some of its warranty costs.

With a “goodwill” repair, Tesla essentially foots the bill for labor, parts or accessories given to keep a customer happy. According to Tesla’s financial statements, the cost of goodwill repairs is not counted against warranty reserves and shows up on the income statement under sales, general and administrative costs.

Meanwhile, “customer pay” repairs are booked as revenue, specifically under the “services and other” category, according to its financial filings. Here, too, the repairs are not counted against warranty reserves.

By charging customers for repair work or by designating repairs as “goodwill” when they should qualify as “warranty” repairs instead, Tesla could be misstating fundamental financial information, the whistleblowers said, urging the SEC to investigate further.

“Were Tesla to accurately categorize its ‘goodwill’ repairs as warranty repairs, it would likely need to restate earnings for every quarter since at least 2017,” the tipsters wrote in their submission. “It should also be noted that nothing has ever stopped the company from appropriately sizing its warranty reserve even as its service employees handed out too much ‘goodwill’ repair coverage.”

Watch Elon Musk's full interview with CNBC's David Faber on Twitter, Tesla and A.I. advances

Indeed, Tesla’s goodwill expenses were unusually high for the industry, according to automotive industry veteran Nicholas Parks, who has owned and managed car dealerships in three states, including one in California that sold battery electric vehicles.

In just under two months in late 2021, Tesla was spending over $17 million on “goodwill” in the U.S. alone, which translated to about $70 worth of goodwill on the average repair order across approximately 247,000 repairs, according to internal Tesla dashboards referenced in the whistleblower complaint and reviewed by CNBC.

This is easily 10 times more money than traditional auto dealers would spend on goodwill per repair on average in two months, Parks told CNBC.

Nelson, the accounting professor, explained why miscategorization of repairs might be of interest to financial regulators and investors.

“Where you put stuff in a financial statement matters,” she said. “If I’m taking warranty costs out of the cost of automotive sales, and pushing them down into some other line further down the income statement, that will make my gross profit margin look higher. If I’m moving it from up above in cost of sales, and moving into other expenses, it’s also not as transparent about the quality of the product.”

Because Nelson did not review all the documentation the whistleblowers had to offer the SEC nor interview them, she would not give an opinion on whether Tesla may have run afoul of accounting requirements or securities laws. However, she did say she was “surprised” that the agency didn’t indicate more serious interest in the whistleblowers.

Inconsistent communications and policy apparently contributed to employees miscategorizing items as “goodwill” or “customer pay” that should have been billed under warranty, the filers’ complaint to the SEC said. 

Tesla documents read by CNBC show that employees had to navigate a maze of directives available in internal systems, such as WARP (a Tesla-built enterprise resource planning system), intranets and group emails, to figure out how to track and classify billing for each repair.

In one internal “Goodwill Guide,” Tesla told employees that any “repair/replacement necessary to correct defects in the materials/workmanship of any parts manufactured/supplied by Tesla” should be covered by and categorized as “Warranty/Extended Warranty pay type (post-delivery).” That would apply to any customer’s car that was still under a warranty, while out-of-warranty cars would require a customer to pay for repairs.

For a specific issue — “blistering” headrests in car seats manufactured by Tesla — the company gave employees different directions about how to bill customers for service to replace the part. One internal Tesla document seen by CNBC said the blistering headrest “is not a defect, and therefore not covered under warranty” and that repairs should be offered as goodwill. Confusingly, that document linked to another page in the company intranet saying customers should have to pay to get their headrests fixed.

Tesla also treated replacement of defective tail lamps as “customer pay,” after determining that chemicals used in commercial car washes could cause stress cracks in their lenses, according to internal documents read by CNBC. But in a seemingly contradictory note, an internal e-mail in the second quarter of 2021 referencing the issue said, “First repair and replacement of parts can be covered under Goodwill – Vehicle Quality.” 

The whistleblower complaint says that Tesla has been aware of inconsistencies in how employees treat repairs. During the second half of 2021, Tesla was working to improve data accuracy from its service division, according to internal records reviewed by CNBC. It set up score cards for each region to include assessments of pay type data, and goodwill and warranty costs. The company was aiming for better than 90% accuracy in service centers’ pay type data at that time, the internal records said.

Parks, the former automotive dealer, said with traditional dealerships, 99% or higher accuracy would be expected, and dealerships typically employ a number of specialists to ensure accuracy. “If dealership employees do not enter information about a repair correctly, then a claim may not get paid or you may end up having a warranty audit where the automaker comes in and charges back these claims and that’s painful,” he explained.

Questioning disclosures and data

In their 2021 complaint, the whistleblowers alleged that Tesla’s internal software and systems are constantly changing and have been rife with bugs and vulnerabilities throughout the years, and that third-party accountants or auditors may not have been given full access to, or thoroughly vetted, all of them.

The complaint said the whistleblower who had been a Tesla employee was authorized to access a wide array of records — including policies, internal emails, and sales- and service-related data — at Tesla through software and systems used daily by thousands of employees for normal work, including both custom-built and off-the-shelf programs. 

CNBC spoke with one current and two former Tesla employees who corroborated that most people working for Tesla have broad access to apps and information inside the company by default. They also noted the array of apps within Tesla has grown through the years, as would be expected with a growing business in a complex industry. These people requested anonymity as they were not authorized to speak on Tesla’s behalf.

The complaint embedded images of what the whistleblowers said were emails, spreadsheets and screenshots of some of Tesla’s homegrown software and back-end systems. It said these showed that non-administrative and non-executive employees had access to read and edit data points, via a developer tool called MySQL Workbench, that could later feed into Tesla’s shareholder communications and financial statements.

In one example, the tipsters said screenshots showed other Tesla employees changed the status of material used in manufacturing from “scrap” to “work in progress.” Scrap refers to material generated from a manufacturing job that is unusable waste.

In another example, the complaint said screenshots showed Tesla employees had manually changed the status of “used” cars to “new” in a program that tracked vehicle deliveries data. This could affect Tesla’s delivery numbers, they said, though they didn’t try to estimate the overall impact and instead encouraged the SEC to investigate further. 

Tesla's value is dismissing fundamental challenges, says Barclay's Dan Levy

In early 2022, the whistleblowers wrote to the SEC expanding on their initial complaint. They described multiple databases and a separate, paper-based process for auditors that had been used over time at Tesla for tracking vehicle sales and deliveries. The ever-changing systems led to inconsistent measurements and definitions of “deliveries,” they alleged.

CNBC reached out to Tesla for comment on these specific allegations in the complaint and received no response.

Deliveries are the closest approximation of sales reported by Tesla in quarterly disclosures, and one of the numbers Wall Street watches most closely. If they were recorded inaccurately, the company could have met or beat analysts’ expectations for deliveries on the basis of flawed or falsified data.

In the fourth quarter of 2021, just before the whistleblowers sent their followup email, Tesla reported that it had reached 308,000 vehicle deliveries — a number that handily beat analysts’ expectations. 

Issues related to accurate tracking of deliveries would potentially merit an investigation into the reliability and accuracy of Tesla’s disclosures and financial reporting, and analysis of whether Tesla meets the standards and has safeguards in place that would be required under the Sarbanes-Oxley Act, the whistleblower complaint said.

Under Sarbanes-Oxley, a company’s management is required to disclose the efficacy of its internal controls and identify weaknesses, such as the ability of unauthorized users to access sensitive data. Sarbanes-Oxley also requires auditors to check and report on these controls, so that investors can confidently rely on the financial statements and so that companies can avoid having to restate financials later on.

Business and securities law expert Lipton told CNBC if there are weaknesses in either “disclosure controls” or the “internal controls over financial reporting” at Tesla, there could have been a “potential violation of the substantive requirement that such controls be maintained” under Section 13 of the Exchange Act, and there might have been “false statements by the company, Musk, the CFO, or PwC regarding the effectiveness of internal controls.” 

“To the extent we’re talking about false statements, the kind of bottom-line trouble that might be involved depends on the level of fault,” Lipton said. “If the controls turn out to be faulty, but there was no flaw in the assessment — that is, top management and PwC reviewed everything, but the problems were too far down the chain to detect easily — then they may not be facing penalties for false statements. Obviously, matters become more serious if they intentionally or recklessly or perhaps even negligently misstated the state of the internal controls.”

Going concern

SEC suing Elon Musk to force him to testify in Twitter probe

Accounting expert Nelson told CNBC, in general: “Management should provide an explicit substantial doubt statement in the financial statements if it is probable that the company will not be able to meet its obligations within one year from the date the financial statements are issued. However, if they have plans that will alleviate that doubt, then they should disclose those plans but do not need to make a substantial doubt statement,” following accounting standards of the Financial Accounting Standards Board that have been in effect since mid-December 2016.

Auditors’ work for other Musk companies

Tesla’s auditing firm since 2005, PricewaterhouseCoopers, has also done tax-related consulting work for Musk enterprises SpaceX and The Boring Company, according to internal Tesla materials the whistleblowers offered to the SEC. In correspondence to the agency expanding on their complaint, the whistleblowers alleged this raises questions about the firm’s independence and objectivity in judging Tesla’s financials.

Besides offering internal materials from Tesla, the whistleblowers pointed to obscure public records from the California Alternative Energy and Advanced Transportation Financing Authority that they say also showed PricewaterhouseCoopers did non-audit work for Musk companies while serving as Tesla auditor. 

Although there are only four major auditing firms, there are dozens of reputable firms Musk’s privately held enterprises could have turned to for tax consulting.

Securities law expert Lipton said that generally, auditors are not supposed to do certain kinds of consulting services for their audit clients or for affiliates of their clients if “a reasonable person would question your independence.”

According to records reviewed by CNBC, the SEC assigned an employee to look into possible conflicts of interest in January 2022 but closed that ticket in April without interviewing the whistleblowers or evaluating their documentation.

PricewaterhouseCoopers declined to comment. Tesla did not respond to multiple inquiries for comment.

How the SEC handles whistleblower tips

The people behind the whistleblower complaint have followed up repeatedly with the SEC since late 2021, contacting different attorneys and other appropriate authorities within the agency to ensure they were aware of the tip.

After filing their TCR submission, the whistleblowers said, they emailed and left voicemails for multiple SEC employees, following up on the tip and emphasizing the substantial quantity of records they were making available to the SEC for review. The SEC employees they reached out to included successive San Francisco bureau chiefs for the agency, as well as other SEC attorneys and whistleblower program staff in 2023.

In October 2022, about a year after the whistleblowers submitted their complaint, the Office of the Inspector General publicly voiced concern that the financial regulator, under Chair Gary Gensler, was not properly staffed and that turnover at the senior officer level was abnormally high, over 20%. High attrition in the agency and other factors, the Inspector General’s office wrote, could result in “improper handling of TCRs” and may “impede SEC investor protection efforts.”

According to Alex Platt, a professor at the University of Kansas School of Law, whose SEC whistleblower research was published in the Yale Journal of Regulation, around 30 to 50 SEC staffers have been assigned to the office that screens tips, complaints and referrals. Platt said he believes this office is under-resourced.

Since the agency began offering a bounty for whistleblower tips in 2011, it had received about 52,400 tips and issued 216 awards as of September 2021. From the start of the program through the end of 2020, Platt’s research found, the average SEC whistleblower award amounted to around $6.2 million, with the median around $1.5 million. 

“Generally, you take how much the SEC gets from its enforcement action, and the whistleblowers get between 10% and 30%, based on multiple factors, including how helpful they were,” Platt explained.

Whether a tip gets selected for investigation, enforcement, and awards depends on whether it matches the SEC’s current enforcement priorities, the professor said. Attorneys who are former agency officials have the greatest success in obtaining awards for their clients, using their unique access and insight into the agency’s priorities to pick the “right” clients and shape their submissions, Platt told CNBC.

An SEC spokesperson disputed Platt’s characterization that the agency pays more careful attention to submissions from whistleblowers who have attorneys with prior SEC experience.

The spokesperson said in an email to CNBC: “The priority of the whistleblower program is to incentivize individuals to come forward and report possible violations of the federal securities laws to the SEC. The whistleblower office encourages all individuals with information about fraud or wrongdoing involving potential violations of the federal securities laws to submit their whistleblower tips and any additional information electronically through the Commission’s online TCR portal.”

Continue Reading

Technology

French fintech Pennylane doubles valuation to $2.2 billion as Alphabet’s venture capital arm takes stake

Published

on

By

French fintech Pennylane doubles valuation to .2 billion as Alphabet's venture capital arm takes stake

Seksan Mongkhonkhamsao | Moment | Getty Images

French accounting software firm Pennylane has doubled its valuation to 2 billion euros ($2.16 billion) in a new 75 million euro funding round.

Pennylane told CNBC that it raised the fresh funds from a host of venture funds, with Sequoia Capital leading the round and Alphabet’s CapitalG, Meritech and DST Global also participating.

Founded in 2020, Pennylane sells what it calls an “all-in-one” accounting platform that’s used by accountants and other financial professionals.

The platform is primarily targeted toward small to medium-sized firms, offering tools for functions spanning expensing, invoicing, cash flow management and financial forecasting.

“We came in tailoring a product that looks a bit like [Intuit’s] QuickBooks or Xero but adapting it to the needs of continental accountants, starting with France,” Pennylane’s CEO and co-founder Arthur Waller told CNBC.

Pennylane currently serves around 4,500 accounting firms and more than 350,000 small and medium-sized enterprises. The startup was previously valued at 1 billion euros in a 2024 investment round.

European expansion

For now, Pennylane only operates in France. However, after the new fundraise, the startup now plans to expand its services across Europe — starting with Germany in the summer.

“It’s going to be a lot of work. It took us approximately five years to have a product mature in France,” Waller said, adding that he hopes to reach product maturity in Germany in a shorter time period of two years.

Pennylane plans to end the year on about 100 million euros of annual recurring revenue — a measure of annual revenue generated from subscriptions that renew each year.

Watch CNBC's full interview with Plaid CEO Zach Perret

“We are going to get breakeven by end of the year,” Waller said, adding that Pennylane runs on lower customer acquisition costs than other fintechs. “75% of our costs are R&D [research and development],” he added.

Pennylane also plans to boost hiring after the new funding round. It is looking to grow to 800 employees by the end of 2025, up from 550 currently.

‘Co-pilot’ for accountants

Like many other fintechs, Pennylane is embracing artificial intelligence. Waller said the startup is using the technology to help clients automate bookkeeping and free up time for other things like advisory services.

“Because we have a modern tech stack, we’re able to embed all kinds of AI, but also GenAI, into the product,” Waller told CNBC. “We’re really trying to build a ‘co-pilot’ for the accountant.”

We are seeing a rebound in fintech valuations, says N26 CEO

He added that new electronic invoicing regulations coming into force across Europe are pushing more and more firms to consider new digital products to serve their accounting needs.

“Every business in France within a year from now will have to chose a product operator to issue and receive invoices,” Waller said, calling e-invoicing a “huge market.”

Luciana Lixandru, a partner at Sequoia who sits on the board of Pennylane, said the reforms represent a “massive market opportunity” as the accounting industry is still catching up in terms of digitization.

“The reality is the market is very fragmented,” Lixandru told CNBC via email. “In each country there are one or two decades-old incumbents, and few options that serve both SMBs and their accountants.”

Continue Reading

Technology

TikTok reportedly stays on App Store after assurance from Attorney General Pam Bondi

Published

on

By

TikTok reportedly stays on App Store after assurance from Attorney General Pam Bondi

In this photo illustration, the logo of TikTok is displayed on a smartphone screen on April 5, 2025 in Shanghai, China. 

Vcg | Visual China Group | Getty Images

Apple will keep ByteDance-owned TikTok on its App Store for at least 75 more days after receiving assurances from Attorney General Pam Bondi, according to a report from Bloomberg News.

This comes after President Donald Trump signed an executive order Friday to extend the TikTok ban deadline for the second time. TikTok will be banned in the U.S. unless China’s ByteDance sells its U.S. operations under a national security law signed by former President Joe Biden in April 2024.

AG Bondi wrote in a letter to Apple that the company should act in accordance with Trump’s deadline extension and that it would not be penalized for hosting the platform, according to unnamed sources cited in the report.

Apple did not respond to a request for comment.

After TikTok went briefly offline for U.S. users in January following the initial ban deadline, it remained unavailable for download in the App Store until Feb. 13. Apple had reinstated TikTok to its app store after receiving a similar letter of assurance from Bondi.

The extension comes days after Trump announced cumulative tariffs of 54% on China. Prior to the additional tariff rollout on April 2, the president said he could reduce duties on the country to help facilitate a deal for ByteDance to sell its U.S. operations of TikTok.

“Maybe I’ll give them a little reduction in tariffs or something to get it done,” Trump said during a press conference in March. “TikTok is big, but every point in tariffs is worth more than TikTok.”

WATCH: TikTok deal reportedly halted after China said it would reject it due to tariffs

TikTok deal reportedly halted after China said it would reject it due to tariffs

Continue Reading

Technology

For bitcoin bulls who self-custody crypto, the global risks are growing

Published

on

By

For bitcoin bulls who self-custody crypto, the global risks are growing

Whether to buy cryptocurrency as a long-term holding may be the biggest decision an investor interested in digital assets has to make, but where to store crypto like bitcoin can become the most consequential.

Following the wildfires earlier this year in California, social media posts began to appear with claims of bitcoin losses, with some users showing metal plates intended to protect seed phrases burnt up and illegible or describing the complexity of recovering crypto keys stored in a safety deposit box in a bank impacted by the fires. While impossible to verify individual claims about fires consuming hard drives, laptops and other storage devices containing so-called hard and cold storage crypto wallets and seed phrases, what is certain is that bitcoin self-custody presents a unique set of security issues. And those risks are growing.

Holders of crypto typically use some form of what can be called a “wallet,” and there are a few main features – whether that wallet is connected to the internet, and how much control is directly embedded in the wallet for trades and transfers. There is also the underlying issue of whether a crypto investor uses a third party for custody at all, or maintains total custody and trading control over their holdings.

The standard third-party platform “hot wallet” – think of an offering from a Coinbase or Blockchain.com – is constantly connected to the internet. Cold storage and “cold wallets,” on the other hand, include hardware devices (like a USB stick) that holds private keys offline, or even just a seed phrase (a master recovery code, a collection of 12 to 24 words used to recover access to a crypto wallet) on paper/metal. Hardware wallets or offline backups of seed phrases can be used to access crypto when connected to the internet through another device.

With third-party custodial options, there are steps to help owners remain vigilant against the threat posed by cybercriminals who can gain access to an internet-connected platform, including the use of two-factor authentication, and strong passwords. The U.S. Marshals Service within the Department of Justice, which is responsible for asset forfeiture from U.S. law enforcement, uses Coinbase Prime to provide custody for its seized digital assets.

Many crypto bulls prefer to self-custody digital assets like bitcoin for some of the same reasons they are interested in cryptocurrencies to begin with: lack of faith in some forms of institutional control. Custodial wallets from crypto brokers trade convenience for the risk of exchange hacks, shutdowns, or fraud, as in the case of the high-profile implosion of FTX. And the wildfires are just one example in a recent string of global events that raise more questions about shifts in the crypto custody debate. There is the ongoing conflict in the Middle East and Russia-Ukraine war, which has led crypto bulls from overseas to re-think their approach to self-custody.

Nick Neuman, co-founder and CEO of self-custody company Casa, said physical risks in the world like a natural disaster are an opportunity to revisit how bitcoin security works, and the common security lapses folded into most peoples’ practices. “Most people secure their bitcoin with one private key. If that key is on a single device or written down on paper as a seed phrase, it’s a single point of failure. If you lose that key, your bitcoin is gone,” he said.

It should be obvious that keeping seed phrases on paper offers the lowest level of protection against fire, yet it is common practice, Neuman said. Slipping these pieces of paper into fireproof bags or safes offer some protection, but not much, and even going the extra steps to have the seed phrases on “indestructible” metal storage plates presents a few failure points. For one, they might prove to be not so indestructible, and second, they may be impossible to locate amid the rubble. 

“Logically, given the location of the fires in California and the stories being shared on X, it’s highly likely bitcoin was lost,” said Neuman. “Some of them are pretty convincing,” he said.

Casa performs annual stress tests on seed phrase backups.

Some self-custody services, like Casa, offer multi-signature setups that reduce the risks of single-point failure. A multi-key crypto “vault” can include mobile phone keys, multiple hardware keys, and a recovery key that a company likes Casa holds on an owner’s behalf.

The multi-sig custody approach allows an owner to hold a majority of keys while a trusted partner holds a minority of keys. John Haar, managing director at Swan Bitcoin, says that in such a setup, the owner would need to lose all the physical devices and all copies of the seed phrases at the same time. As long as the owner can access at least one device or one seed phrase, they would be able to recover their bitcoin. This approach should significantly limit the potential for all of the devices to be lost in an event like a natural disaster, Haar said.

“You can spread these keys across multiple regions or even countries, and you need any three of the five keys to approve a bitcoin transaction,” Neuman said of Casa’s five-key approach.

Jordan Baltazor, chief administrative officer at Fortress Trust, a regulated crypto custodian, says best practices that we use in other areas of personal life should apply to cryptocurrency. For one, diversification of storage approach and weighing of risks. Digital assets are no different, he says, when it comes to backing up personal and sensitive data on the cloud to ensure data against loss or corruption.

Companies including Coinbase and Jack Dorsey’s Block offer products that try to merge some of these ideas, creating a more secure version of a crypto wallet that remains convenient to use. There is Coinbase Vault, which includes enhanced security steps before a user can access crypto holdings for trading. And there is Coinbase Wallet and Block’s Bitkey, which have mobile apps that work like a traditional wallet making moving bitcoin around easy, but with the ability to pair with hardware wallets and added security more commonly associated with cold storage.

Bitkey hardware requires multiple authorizations for transactions for added security, similar to “multi-sig wallets.” Bitkey also offers recovery tools so one of the biggest risks of self-custody — losing codes or phrases needed to recover a cold wallet — is less of an issue.

Solutions like Dorsey’s may help to solve the tension between convenience and security; at minimum, they underline that this tension exists and will likely be something of a roadblock to more widespread crypto adoption. Beyond the risks out there in the form of wildfires, all kinds of natural disasters, and wars, bitcoin self-custody can be vulnerable to the biggest personal risk of all: unexpected death of the bitcoin owner. There is arguably nothing more complicated than inheritance when it comes to unlocking the crypto chain of custody.

Coinbase requires probate court documents and specific will designations before releasing funds from custody, while physical wallets offer little to no support, potentially leaving all that digital value stuck on a private key. Bitkey rolled out its inheritance solution in February for what a Bitkey executive called, “kind of a multibillion-dollar problem waiting to happen.”

“People who have a material investment in bitcoin absolutely need to be thinking differently about how to protect it,” Neuman said. He says that after disasters like the California wildfires, or when exchanges go bust like FTX, the industry does see more crypto holders taking action to move to more secure storage setups. “I suppose it’s human nature to wait until ‘bad things happen’ to spur action to improve your own personal situation,” he said. “But I think people would be better off if they were more proactive. Otherwise, they risk having that ‘bad thing’ happen to them, and then it’s too late,” he said.

Continue Reading

Trending