The continuing drama of QuadrigaCX, the now shuttered Canadian cryptocurrency exchange, has provided plenty of headline fodder, none of it good for its former customers. John Jefferies, CMO of Ciphertrace, the blockchain forensics firm, has provided CoinGeek insights into what has been uncovered by investigations into the case.

With recent news indicating that Gerald Cotten, the deceased founder of QuadrigaCX, had used customer funds to back his own crypto trading, things have looked increasingly dire for customers hoping to get their funds back. Jefferies’ analysis shows how badly Cotten mismanaged those funds, and how he covered his tracks.

Based on reporting by the court Monitor, Ernst & Young (EY), we now know that Cotten used those funds, totaling at least 9,450 SegWitCoin (BTC), 387,738 Ethereum (ETH) and 239,020 Litecoin (LTC) for over 67,000 transactions on other exchanges, specifically in cryptos that weren’t available on QuadrigaCX. He also transferred out 1,426.2 BTC to a wallet belonging to a still unknown third party.

The investigation into those third party exchanges indicates that Cotten didn’t do very well with his trading, losing funds in the process. He also participated in margin trading, incurring losses that caused the exchanges to liquidate his remaining holdings.

Another exchange received 21,501 BTC, worth over $360 million at the time of publication, with at least some of those funds originating from QuadrigaCX customers. EY still hasn’t accounted for where all of that money went.

Jefferies also points to an alarming lack of protection against Cotten’s bad behavior. One of the accusations against him from the report pertains to false accounts made on QuadrigaCX so that he could create false deposits for trading. Jefferies writes:

“Cotton was able to override know your customer (KYC) requirements within the platform to create these accounts using his administrative privileges. These overrides were never logged because the system never recorded any of Cotten’s activities within the site, per his request. These accounts were then credited with a significant amount of fiat and cryptocurrency, approximately 95% of which was processed through an account under the name ‘Chris Markay.’

“Between 2016 and 2018, the Chris Markay account reported fiat deposits exceeding $220 million and cryptocurrency deposits of 34,806 Bitcoin and 540,011 Ethereum. However, only about 1% of these deposits were supported by any documentation.”

It appears that these fake deposits and trades were used to prop up the exchange and provide it a fake liquidity. The real troubles arose when customers went to withdraw their funds, only to find out that there was no money to withdraw.

Cotten also apparently would allow some of his friends to hand him cash so that he could credit them on the exchange. “Review of Cotten’s unencrypted messages revealed that he would sometimes credit a customer’s account with the understanding that the customer would deliver cash at some point in the future,” Jefferies notes.

The court monitor indicated a laundry list of bad behavior that contributed to the catastrophe that became QuadrigaCX, including a general lack of accounting, mixing of Cotten’s and customer funds, completely fabricated funds, and a lack of controls or traceability of Cotten’s actions.

Of the $100 million that was originally “missing” when the exchange shut down, EY has only been able to locate $32 million so far, Jefferies concludes. They haven’t given up trying to find the rest, but considering the story so far, there’s a very good chance its gone.

New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.