Colonial Pipeline CEO’s 8 June Testimony -- Annotated

 

No Need for an Extensive Hunt
Just Read Below

On June 8^th Joseph E. Blount, Jr., President and CEO of Colonial Pipeline testified before the US Senate Committee on Homeland Security and Governmental Affairs.

I have annotated quotes from his prepared statement before the Committee to provide further context and set the stage for a following post on the Committee’s reaction.

Quote 1

Colonial Pipeline is cognizant of the important role we play as critical infrastructure. We recognize our significance to the economic and national security of the United States and know that disruptions in our operations can have serious consequences.

That certainly sounds promising, Colonial acknowledges its “significance to the economic and national security of the United States”.

Based on that we can expect a description of the robust measures that Colonial took to prevent hacking and ransomware attacks.

Quote 2

I recognize that the attackers were able to access our systems. While that never should have happened, it is a sobering fact that we cannot change. 

Indeed it should never have happened.

It is as well a “sobering fact”.

While great philosophers have debated whether a “sobering fact” is more urgent than a “wake-up call”, I think it’s safe to say that they largely agree that for a fact to be “sobering” one must not have been a “sober” state prior thereto.

Quote 3

We take our role in the United States infrastructure system very seriously.

With a previously reported 30%+ net profit margin, very seriously no doubt.

That aside, I guess we’re about to hear about Colonial’s robust preventive measures and the millions spent on cybersecurity.

I’d note that I take my role as a parent very seriously with respect to the safety of my children while traveling in our car.

That means of course that the Prince of Wails is secured in a baby seat and the two other little ones are buckled in before we embark.

Madame Arqala generally rides “shotgun” in these cases. 

And makes ample use of the “phantom” brake and periodic verbal warnings to moderate any perceived excesses in my speed.

Note that those steps are undertaken before not after a crash.

So you’re probably as excited as I am to hear from Joe.

Quote 4

Colonial Pipeline is an accountable organization, and that starts with taking proactive steps to prevent an attack like this from happening again.

It seems that CP’s “accountability” is focused on the future. 

They're looking "forward not backward."

Unspoken is the extent of accountability for pro-actively securing the stable gate before the horses bolt.

That can’t be quite right after all Joe of his statements so far about Colonial’s attitude to protecting critical infrastructure.

There’s got to be more to come.

Quote 5

Although the investigation is ongoing, we believe the attacker exploited a legacy virtual private network (VPN) profile that was not intended to be in use.

Ah, the answer.

When you hear the word “legacy”, you immediately know that its not current management’s failure. 

It’s like the fraternity or college that has to accept an applicant because he’s a “legacy”. Neither can be blamed if the “legacy” doesn’t work out.

Or “legacy” can also mean something unwanted that you inherited, like your Aunt Stella’s collection of glass figurines. Just stick them in a box and forget about them.

With a name like “Colonial” you might well expect that John Murray, Fourth Earl of Dunmore, George Washington, or Alexander Hamilton probably set up the VPN.

Before you rush to blame any of them, let me remind you that internet security was not as advanced then as it is now. 

Also we learn that the system “was not intended” for use.

But it certainly seems that it was  “left on”.

So Colonial’s management is filled with good intentions among other things.

I guess in some quarters that counts for more than “effective actions”.

But that doesn’t mean that Colonial isn’t taking action now.

Quote 6

We have worked with our third-party experts to resolve and remediate this issue; we have shut down the legacy VPN profile, and we have implemented additional layers of protection across our enterprise. We also recently engaged Dragos’ Rob Lee, one of the world’s leading industrial and critical infrastructure and OT security specialists to work alongside Mandiant and assist with the strengthening of our other cyber defenses. We have also retained John Strand from Black Hills Information Security, another leader in the cybersecurity space, who will provide additional support to strengthen our cybersecurity program.

Clearly quite a bit work is being done now—that is to remind you after the hack.

Can we infer from the long list of remedial items that there were widespread and serious security weaknesses pre-hack?

It sure sounds like it.

With this as backdrop, you probably expect that Joe is about to get a quite grilling from the Senators on the Committee.

Let me remind you that “expectations” just like “intentions” don’t always deliver the wished for results.

Once the transcript of the hearing is published we’ll take a closer look.

Games Fund Managers and Investment Advisors Play and How to Avoid Getting Played

Sometimes the Best Way to Avoid Being Played
Is Not to Play

Among other things, Alicia McElhaney at II keeps a close eye on academic research on the “investment space”.

She’s had quite a run with outlining the games fund managers play.

Here are just two examples.

• 27 May - VC Firms ‘Inflate’ Portfolio Valuations Ahead of Fundraising, Study Shows 
• 9 February - Private Equity Firms ‘Try to Manipulate Their Performance’ When Raising Money

Anyone who is sentient on the buyside has experienced this. 

But it is nice to see academics confirm what we've learned.

So how does one minimize getting “played”?

The first thing to understand is that similar to other sellers of goods fund managers are looking to make a sale and a profit. Sales pitches run from “puffery” to outright misrepresentation.

The second is that these PE and VC and similar products are sold to “sophisticated” investors--the so-called “big boys”. 

Regulators make the laughable presumption that the “big boys” don’t need the usual protections given retail investors.

That means disclosures and sales materials are allowed to be less robust and less detailed. One example relates to presentation of past returns, modelling, etc.

Professional standards of care are also lesser because the imaginary big boys are imagined to be able to take care of themselves. 

Careful investors will draw the following conclusions from those “facts”.

Healthy skepticism is warranted.

Verify first, then give provisional trust, but keep verifying.

If it seems to be too good to be true, you're probably right. 

Begin by carefully reading the prospectus/offering memorandum.

I have had representatives of major firms misrepresent products to me.

During one pitch, I commented that apparently their prospectus was wrong and cited “chapter and verse” from the prospectus to contradict the statement an earnest sales rep had just made.

Whenever I’m given a 1,000 page offering memorandum for all the seller’s products with a central definitions section separate from the product description so that the reader has to jump from here to there to make sense of a product, my antennae get more sensitive.  

Complexity is not the friend of the investor.

Be sure you understand the product.

That means you need to do your own research if this is your first "rodeo" with a product.

But also ask the sales rep to explain the product.  

Be wary of excessive use of jargon which is sometimes designed to deflect questions.  Who wants to admit that they don't really understand "vol" or the "greeks" on derivatives?

As well be wary of vague phrases,  waving of hands, and then the implication that a miracle occurs and you get rich.

The risk section and product/transaction description in the prospectus/offering memorandum can provide a good source of questions. And a check on the what is said in the "pitch".

Presentation of results that do not comply with CFA Institute GIPS (Global Investment Performance Standards) should not be relied on.

Non GIPS results can generally be managed to show whatever the seller wants.

GIPS also requires certain disclosures and prohibits certain practices.

Make sure benchmarks and historic performance make sense.

No one beats the market consistently.

Benchmark selection can affect relative performance.

See my earlier post on Infinity Q Diversified Alpha Fund.

If you do not understand how financial models may be “gamed”, you really should NOT invest in Level 2 and Level 3 assets.

This isn’t just about growth and discount rates, but also how “multiples” that are used to “determine” terminal value can disguise unrealistic assumption about those two previous factors.

If return is tied to or dependent on derivatives, you would be well advised to make certain you understand the downside risks.  

Ask the utilities in Texas who found derivatives a rather costly tuition.  

Or you could ask the good folks at JBS Spain about the derivatives they purchased.

Upward revisions of valuation should be examined carefully.

If one is being pitched, a very simple question is when the last revaluation took place and what the direction and impact was.

Amounts, timing, and the basis for the upgrade.

New funding provided by the fund manager at a higher valuation should not be considered as definitive proof the value has actually risen.

Sales of investments from one of the fund manager’s investment vehicles to another should be questioned, especially when the sale results in increasing the IRR of the selling fund. 

Or sloughing off a dog into a fund that can bear a subsequent loss of value.

Yes this occurs.

Watch out for debt financing tricks that drive IRRs and presumed value. Oh and just incidentally affect the fund manager’s compensation.

On the “outgoing” cash flow from LPs: funding LP drawdowns with debt to delay capital calls.

On the “incoming” cash flows to LPs: refinancing equity with debt to generate a “return of capital” without any realisation of the investment, e.g., trade sale or IPO.

Be sure you understand the skill set of the fund manager and how deals are accessed.

When the fund manager's primary skill seems to be the use of leverage, you may want to consider fund managers with skills in developing the underlying business. 

If the fund manager is buying assets from other funds or via auctions, ask whether he or she is getting a good price?  

If the fund manager is buying an investment from another fund, why does he or she think they can turn another fund manager's "cast off" into gold?  And is it credible?

Be sensitive to offers of preferential treatment.

Once we had a major fund management firm tell us that they were poised to revalue (upwards) investments in their existing fund. 

We could invest in that fund now and take advantage of the lower current (entry) price before mark-up.  Thus, earning a "guaranteed" return.

Needless to say, we not only declined the invitation for this investment opportunity but put them on our “blacklist” on the basis that if they were going to “screw” their existing LPs, we would be better off not becoming one.

Sometime later that fund had what might be charitably described as “disappointing” returns.

The New Era of Due Diligence Likely to be Pretty Much Like the Old

 

Latest Technology, But Still the Same Spots

Over at Institutional Investor on 27 May Nathan Yates wrote how "The Old Era of Due Diligence Is Over. Here’s What the Post-Pandemic Future Might Hold"

A very good article.

Lots of sensible points about why in-person due diligence is better than that conducted over Zoom.

What caught my eye was the comment of one “expert” he interviewed.

Clear, frequent, and honest communication among stakeholders is especially important during remote due diligence and will stay in place post-pandemic.

Three reactions.

As an introduction, I presume that there was some context that is now missing around that quote because it doesn’t make much sense.

It seems to me that “clear, frequent, and honest communication” would be especially important no matter how the due diligence was conducted.

One could also read the phrase “will stay in place” to suggest that it did not widely exist pre-pandemic. 

That’s probably not an unwarranted assumption.  That is, that it did not exist pre-pandemic.

The unwarranted "bits" are that (a)  it currently exists and (b) will so in the future. 

There are many fund managers and investment advisors who come up short in the "clear" and "honest" categories no matter how they pitch prospective and existing clients.

Can we really expect those leopards to change their spots just because they're now using new technology?

Does Zoom have an honesty enhancing effect?

Caveat emptor and some prophylactic measures are probably better steps than hope for change.   

More on that topic to come in a subsequent post on games fund managers play.

Tether - How to Correct Deficiencies in Reporting on Reserves and Simultaneously Set Boundaries

So You'll Have to Read the Post Below

The central premise and promise of Tether is that it will maintain the value of its “stablecoin” at US$ 1 for each tether in circulation.

As outlined in previous posts, there are gaps in the information Tether provides that a careful investor would require to evaluate this promise.

1. The strategy that Tether applies to maintain this “stability” so that an investor could check whether that strategy is appropriate. As noted in this post, Tether has not explicitly done this and from the composition of the reserves I find it hard to believe their strategy is fully appropriate.

2. Sufficient periodic disclosure so that an investor could confirm that Tether is adhering to the promised strategy. As noted in this second post, Tether’s current disclosure of its “reserves” is insufficient to enable this. What were the NYS AG thinking when they set the disclosure requirements for reserves in the settlement agreement?

On the other hand, one could make the argument that someone who buys Tether is not a careful investor but rather a speculator or punter. So any information is likely to be ignored.

Or that the best strategy for careful investors is to avoid any investment in Tether. 

If you want a stablecoin backed by the US dollar wait until the UST issues one.

But let’s presume that this information would be useful to some investors. 

Equally it would also set boundaries within which Tether would have to operate. Perhaps, very advisable given past questionable stewardship of the reserves.

Now as we all know and will be told by cryptocurrency aficionados that one of their main reasons for investing in sh*tcoins is that one certainly can’t trust the government.

That same skepticism should be directed to non-governmental entities, especially a party with Tether’s track record.

How do we implement those information requirements? And not just for Tether?

Here’s a suggested minimum standard model: Fidelity’s Money Market Fund SPRXX.

The prospectus and monthly fact sheet set forth the fund’s objectives and strategy.

An investor would therefore have the information necessary to make a determination whether that strategy is appropriate.

Each month Fidelity discloses each of the holdings in the fund.

It also issues a semi-annual and annual audited financial report with that same information. You can access those here.

Similar reports on holdings from Tether would allow an investor to check whether the promised strategy is being adhered to.

As a holder of a stablecoin, wouldn’t you like to have a commitment as to what are the permitted asset classes, issuers, obligor credit ratings, tenors, concentrations, use of derivatives, etc. that your money can be “parked” in?

So you know if your money is on deposit with Oz at Crypto Capital in Panama or with HSBC London? Or invested in less liquid instruments?

Wouldn’t you also like to check periodically to make sure that the commitment was being adhered to?

Apparently the answer to both questions is no.

The February settlement agreement with the NYS AG had little impact on Tether.

As of 31 March the value of outstanding Tether was some US$ 42 billion.

In early June some US$ 62 billion.

There is as they say no vaccine for stupidity.

The “Big Boys” Market – Ransomware Insurance

 

The Underwriter's New Suit

In the 3 June FT, Ian Smith had an article Cyber Premiums Jump in Face of Acute Threats.

Two quotes from the article and my reactions.

Surge in attacks prompts vigilant insurers to question clients closely about culture, attitude to security and training.

And 

Nor are insurers simply jacking up prices. They are also becoming more vigilant about controls at the companies to which they sell cover.

A big “shout out” for the use of “vigilant”.

The clear implication is that many, perhaps most, have been asleep at the switch.

If you’ve been following my “Big Boy” series of posts, you know I like to puncture the unwarranted myth of the imaginary “sophisticated” investor.

In that vein let’s reflect on Ian’s article using my own personal experience.

When I went to take out an insurance policy on Chez Arqala, my insurance company asked a raft of questions.

• About smoke detectors, their locations, and presence of fire extinguishers and other such equipment.

• I was also asked if we have a home security system, whether in addition to intrusion detection it also had a fire detection capability. Was it set to ring up the authorities? Who were the providers of the home security system?

• Did it have a back-up battery in case of power disruption?

• How far we were from the nearest fire station?

• Whether we stored any flammable or dangerous materials in the house.

• Other than the little people who live with Madame Arqala and me we were clean on that score.

No questions about culture, though. 

I guess he could tell just by looking at me. Or perhaps at Madame Arqala.

The decision to “write” the policy and the premium depended on our answers to those questions as well as our post code.

It boggles the mind that insurance companies writing cover multiples of that provided our house wouldn’t be asking similar questions for cyber cover.

And come to think of it, quite a lot more.

Apparently, they were not doing this.

Now to be fair, the general “take” on insurance underwriting standards is that only life insurance consistently makes a profit.

With other “lines” irrational exuberance and shoddy standards lead to highly cyclical swings in profits.

So much for the “big boys” of insurance. 

At least they are not an outlier among the "big boys"

Tether Reserves - Verify Then Trust

As Argued Below, Verification Should Come Before Trust

First post in this series here.

If you’re old enough or have access to the internet, you may recall a US politician who announced a major international agreement by quoting a Russian proverb “Trust, but Verify”.

If you think about it carefully, you might come to the contrary conclusion that one should verify first then trust.

Or as in the hadith relayed by al-Tirmidhi (2517) “ اعْقِلْهَا وَتَوَكَّلْ “ or “Tie your camel first and then trust in God”. 

The point of that hadith being that one has to take responsibility for one's affairs.

Wise words in all facets of life, including investments.

Even more so when the prior behaviour of the counterparty was less than would instill confidence.

As paragraphs 14-54 of the February 2021 settlement agreement between Tether et al and the NY State Attorney General revealed Tether had been less than candid in disclosing the fact the status of its reserves and that they were not always backed 1 to 1 with US dollars on deposit. 

In fact at times “reserves” were “held” in the form of loans to an affiliated company Bitfinex, whose own funds were frozen.

That’s not very comforting.

Nor is the fact that as per paragraph 57 of the settlement agreement, Tether was compelled to provide quarterly disclosure on its “reserves” for two years.

Shouldn’t a responsible fiduciary (and that’s the role that Tether assumed in issuing stablecoins) have been more (a) careful and (b) candid about the reserves?

That was as they say the “past”.

So how are Tether doing now?

Risk Disclosure

On Tether’s website here under the tab labeled “Risk Disclosure” you will find a set of risks outlined.

Missing is the fact that Tether’s reserves are subject to market risk. Why this isn’t mentioned is surprising. Well maybe not so surprising given their past behaviour.

Reserves Disclosure

Here is the link to Tether’s “disclosure” of its reserves as of 31 March 2021.

Some observations.

Some 75.85% of the “reserves” are grouped under the heading “cash & cash equivalents & other short term deposits & commercial paper”.

Now if we wanted to evaluate the reserves in terms of backing for tethers, we would want to know the amounts of each of these three components.

Why?

Because each of these three categories is likely to have differing liquidity.

Liquidity being the ability to sell a financial instrument quickly at face value or with a minimum deviation from face value. 

Why is liquidity important?  

Because if holders of tether want to exit and can't find buyers, if the reserves are insufficient, they won't get US$1 for each tether.  

Imagine a scenario in which a Techo-King or perhaps just a Techo-Prince tweets that CatCoin is the new investment meme of the day.

Also if the "market" thinks the reserves are inadequate, then the price of a tether should go below US$ 1. 

This could arise from liquidity or credit concerns about the "reserves".

Cash and cash equivalents are highly liquid, not subject to penalty or delay on withdrawal and typically maturities of three months from date of acquisition. Note that word – acquisition not date of the report.

This category would be likely to be realized at face value or very close.

You will note that roughly one-half of total reserves is in commercial paper (75.85% x 65.39%).

This amount is not included in “cash and cash equivalents” That means it does not have the characteristics described above.

As a consequence it is likely to be redeemed at less than face value prior to maturity.

The CP also bears the credit risk of the obligor/issuer on the CP.

And we have its amount.  It's almost 50% of reserves.

Some 18.36% is in “fiduciary” deposits. (Same calculation as above)

Since short-term deposits are listed as a separate category from cash and cash equivalents we can assume that some of the "fiduciary deposits" are not “cash and cash equivalents”. So less liquid.   

And likely to be redeemed for less than face value prior to maturity. That may reflect the penalty for early withdrawal on the deposit.  

But we don't know the amount that might be "cash equivalents".

You may derive “comfort” from seeing that these are “fiduciary” not “regular” deposits.

But all that means is that when placing the deposits, Tether acknowledged that it was acting on behalf of the owners of the deposits, presumably the owners of outstanding tether. 

However, these do not appear to be “trust” deposits, though we don’t know based on Tether’s incomplete disclosure.

Thus, the deposits are subject to the credit risk of the institution holding the deposits.  That is, they would be claims against the depository institution's estate in bankruptcy.

If they were trust assets, they would not.

And we don’t have any details on the depository institutions to get a sense of their credit risk. 

Are they IFIs in Puerto Rico, Oz Bank and Trust, Panama, or HSBC?

Some 4.96% in Treasury Bills and Reverse Repo Notes (same calculation as above).

We don’t know if all these qualify as cash equivalents, but since they are a relatively small amount, let’s ignore them.

Let’s also assume that all “fiduciary deposits” qualify as cash equivalents, though this is unlikely to be the case.

On that basis the CP (49.6%) and the other categories (secured loans, bonds commodities, and other) equal almost 74% of total reserves.

The stability of Tether therefore rests on what are very likely to be less liquid assets. And some of which, e.g., CP and secured loans may not be susceptible to early redemption.

Discounted sales of these instruments might be possible depending on the identity of the obligors/issuers. 

But a wise investor wouldn’t count on it.

Attestation Report

Moore Cayman an accounting firm issued an “attestation report” on Tether management’s “assertions” about the reserves (the CRR).

Two things to note about this report.

First, Tether has not issued a financial statement for Tether “stablecoins”. 

Rather what we have are their “assertions”.

Note that many fund managers do issue financial statements on their funds.

If you’re following my advice to “verify”, you may well wonder why Tether didn’t issue a financial statement or its equivalent.

Cost control? Or some other motive?

Second, an ISAE 3000 Revised Assurance Engagement is not an audit.

Here is an AICPA paper which asserts that the typical “assurance” engagement under ISAE 3000 (Revised) is less rigorous than that required under AICPA Standards. Though you’d expect “exceptional” folks to hold that they are “exceptional”.

It is less than an audit.

Given the problems with audits, that ought to send a chill up the spine of the sentient.

We don’t even have the imperfect work of an audit to hang our “investment hat” on.

Luckily for Tether, the sentient segment appears to be highly underrepresented in their “investor” base.

It is very important for investors to understand the nature of MC’s work and report, particularly in terms of the valuation of the “reserves” that “back up” outstanding Tether “coins”.

So what do we have from MC?

It is almost certainly less than a “review” of financial statements in both scope and rigour.

Why?

Because Tether hasn’t issued a financial statement. Rather it has made what MC describes as “assertions”. 

If you're like me, you might find the use of the term "assertions" to inspire less than confidence in their contents.

I didn’t see enough detail to find “comfort” in MC's report because I don’t know what standards and principles the “assertions” were based on and what work MC did as part of its engagement.

In describing its conclusion on the financial information in the CRR. MC states that it is “based on our investigation of the balances stated herein”.

That’s rather short on detail.

• Did MC rely on Tether’s accounting records for the values?

• Or on account statements from third parties holding the assets?

• Did it send balance confirmations to which those third parties responded?

• On the US$ 5.3 billion in secured loans, did it review documentation on the nature and value of collateral? Did it check Tether’s procedures for determining credit impairment and needed loan loss provisions?

I suspect that it did not go much beyond the first step – accounting records and internal controls. I also hope that I am wrong.

All that being said, in their report MC did express an “emphasis of matter”.

This is typical accountant-speak for relatively important matters that do not change the accountant’s opinion or in this case “attestation”, but are significant enough that the accountant feels the need to bring them t to the attention of interested parties.

In my view the following is the key point from that section. Italics are mine.

Management’s accounting policy is to value assets and liabilities at historic cost plus any accrued interest and less any expected credit losses, or otherwise the redemption value where applicable. The realisable value of these assets and liabilities could be materially different if any key custodian or counterparty incurs credit losses or substantial illiquidity.

First the use of historic cost. One sells assets at market price if they are not held to maturity. 

Changes in interest rates can affect the value of financial instruments which is why the "cash equivalent" definition has 3 month maturity limit.

Second credit and liquidity risk. Note the comment about “realisable value” being potentially "materially different" that than shown on the report.

MC is waving a redflag here.

In the next post I’ll offer some unsolicited advice on what should be done. 

( الفاضي يعمل قاضي.  )

Tether: How Stable Are This Stablecoin’s “Reserves” ?

If You're Buying "Stable"coins, You Should Be
Reasonably Certain the Reserves are "Stable"

The 3 June FT Lex Column had a call-out box on Tether “Stablecoins/bitcoin: unTethered to reality”.

Citing information published by Tether, Lex noted that only 2.94% of the value of outstanding Tethers is backed by pure cash.

The remainder is “backed” by a variety of instruments:

• commercial paper (49.6%),

• short term deposits (18.36%),

• Treasury Bills and reverse repo notes (4.96%)

• secured loans (12.55%),

• corporate bonds, funds, and precious metals (9.96%), and

• other investments (1.64%), which include “digital tokens”

No real disclosure on the other items, except that “secured” loans weren’t to affiliates.

The lack of disclosure is troubling as will be discussed in the next post.

Lex dryly noted that not all of Tether’s reserves were held in risk free assets.

Indeed!

That directly impacts stability.

If the reserves are subject to volatility, then so is the value of the “stablecoin”.

So much for the “stable” in “stablecoin”.

But there’s a bit more here to think about.

This is quite a diverse set of assets.

1. What is Tether’s overall investment objective and strategy? It sure doesn’t look like “preservation of capital”.

2. How does this collection of assets achieve the objective and strategy?

3. What are the required criteria for investments, e.g., asset class, industry, individual investor or counterparty characteristics (credit grade, etc), tenor, etc?

4. Is Tether’s management capable of designing, executing, monitoring, and adjusting the strategy and portfolio as needed? They are by all accounts either certified tech geniuses or perhaps self-certified tech geniuses. But are they really financial geniuses as well?

5. If not, is Tether using third parties? If so, how are these selected?

6. Who are they? Goldman Sachs or Oz at Crypto Capital in Panama? What additional risk do these third parties pose in addition to obligor and counterparty risks?

7. Given the “diversity” of assets in the reserves, it might also be worthwhile to ask if any of these were used to purchase Tether. That is, has a customer or have customers bought Tether with any of the “reserve” assets rather than with cash.

8. If you’ve read paragraph 38 of the settlement agreement with the NYS AG, you’ll notice that in October 2018 Bitfinex “repaid” US$ 400 million in loans from Tether via the “redemption of 400 million tethers”. That is, via a non cash transation. It doesn’t seem likely that these were clients’ Tethers, assuming no sketchy dealing by Bitfinex. So were they Bitfinex’s own Tethers? And, if so, how did it obtain them?

It the next post we’ll look a bit more into other issues surrounding the valuation of the reserves.