Bit Mining, formerly 500.com, was a doomed company from the beginning,  When a CEO orchestrates a bribery scheme with the assistance of other senior executives, shareholders and the public have little chance of ensuring a business operating with ethics and integrity. 500.com’s future was sealed when it embraced bribery as a means to avoid head-to-head competition against established US and European companies seeking to enter the IR casinos market in Japan.

The Bit Mining case stands as poster child for the dangers of C-Suite misconduct.  All too often, companies seek to assess its risks and ignores the motives and opportunities that C-Suite members may have to engage in misconduct and the importance of appropriate financial controls governing C-Suite use of corporate monies.

In reviewing a company’s risk profile, risk professionals have to be sensitive to the company’s participation in significant project tenders and competition.  Typically, these projects are very lucrative, involve stiff competition, and present multiple opportunities for company actors to engage in bribery or other improper conduct. Many companies respond to these risks by integrating comprehensive compliance controls to prevent misconduct.

Criminals are adept in fashioning a variety of forms of bribery.  Several recent cases have underscored attempts to “legalize” otherwise improper travel and hospitality arrangements by including brief visits to corporate offices or presentations on legitimate products and services.  500.com included such a visit and presentation in such a trip.  Such arrangements only highlight the overall intent to engage in bribery while seeking to disguise the true purpose of the trip. 

The 500.com case underscores the need to enforce third-party retention and due diligence procedures. CEO Pan pushed for the retention of the three consultants with a singular purpose — to funnel bribes to Japanese officials.  No attempt was made to comply with internal onboarding and due diligence procedures to ensure prior engagement and contracting with third party consultants. Again, 500.com made no attempt to follow its own internal controls.

Coupled with its failure to follow its own internal controls concerning third-party onboarding, 500.com failed to follow its own basic financial controls.  In this regard, 500.com failed to properly verify that payments to consultants were used for their stated purposes, and it failed to have mitigating controls to verify that services were properly rendered before paying the consultants and corresponding expense reimbursements.

Executives at 500.com were able to direct employees to pay invoices without having supporting documented deliverables and to pay cash bribes. Furthermore, 500.com failed to provide anti-bribery and anti-corruption training to employees and third-party consultants who interacted with government officials on its behalf.

From August 2017 to August 2018, 500.com engaged Company 2 as a consultant and paid a total of $240,000. While the company received no legitimate deliverables from Company 2, the expense was nevertheless recorded as management expense-advisory fees for the Japan IR project. Similarly, from January 2018 to September 2019, 500.com also engaged Company 3 as a consultant and paid $310,785 for purported consulting services related to IRs. As with Company 2, despite lacking support for the existence of legitimate deliverables, the Company 3 expenses were also recorded as management expense-advisory fees for the Japan IR project.