casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
August 25, 2013, 03:50:27 PM Last edit: August 25, 2013, 04:07:35 PM by casascius |
|
I've been privately and publicly prodding Gox to get an independent audit since Jan 2012 and got nothing but low-quality "dog-ate-my-homework-esque" excuses as to why they can't/shouldn't/won't.
This, was when they were presumably solvent, or clearly at least didn't have a 5-million dollar ball & chain on them as reported today.
So I have every reason to believe that the answer today, now that things are ostensibly worse, is a big fat NO.
The type of audit I have in mind is a SAS 70 or a SSAE 16 audit. This sort of audit is a private for-hire engagement where you bring in an auditor to express an opinion as to the effectiveness of the "controls" a company places internally. In other words, when a company says "We do backups every day", they confirm things like this. Some of their excuses include the notion that Japan doesn't "require" this, never mind the fact that neither does anybody else (not even the USA), since the purpose of it is to assure customers that the organization is telling the truth, and not to comply with some law.
Two other lame excuses they've given me are the following: 1) that their "subsidiaries" are located all over the world and use bank accounts that don't offer internet banking and so any auditor would have to globetrot and visit these subsidiaries and their banks in person at a cost so great as to be unbearable, and 2) that the audit has actually already been done in Japan, but that we can't see it because it's "copyrighted".
I run a payroll/timekeeping business, and an annual audit is something my customers expect of me just in the normal course of business, and I don't even handle anybody else's money, just their data that is fairly worthless to steal (it's records of time worked, time in and time out). The audit is so easy that, if I provide the auditors access to the people and things they need to do their job, I barely even have to show up for it. The cost is plenty managable ($15-$35k). Gox made it clear that they didn't consider such an expectation even remotely reasonable for them
For most of 2012 the only business I did with Gox was to buy BTC strictly on an an "in-and-out" basis: wire money to Gox and immediately withdraw BTC the minute it was posted. At the end of 2012 I sent them a sizeable USD wire and was basically told (after having sent the wire, without any advance notice to this effect) "the team is on vacation and we'll get back to you in 2 weeks when they're back". When they finally posted the deposit, I took my BTC out immediately and have not logged into my account since.
|