Board allowed a single individual to wire tens of millions without additional approvals
No automated systems flagged the unusual transaction patterns
Previous red flags from Hanes's 2011 firing for questionable loans didn't lead to enhanced oversight
Board continued considering his requests for more money ($18M) even after learning of the initial theft
Reliance on personal trust and reputation substituted for proper institutional controls
No separation of duties or multi-party approval requirements for large transfers
Community banks need strong governance regardless of size or personal trust relationships.
However, I'm absolutely unconvinced the CEO of a small bank wouldn't be able to convince a subordinate in an office of 20, max, to "verify it has no inconsistencies" rather than "gee this sure does seem stupid"
Even our accounting system is integrated with a vendor management platform that first verifies the recipient is a known vendor, and tied to the banking part that actually issues an ACH/wire transfer such that it can't happen until approved.
The fact that there's essentially zero governance at a bank is unacceptable.
The primary system of control for small shops is going out of business when you're dumb enough to lose $47M and getting replaced by more competent people running the competition
The scammers promised him outrageous returns, and he kept giving them more and more money - without ever actually seeing any real returns.
One has to wonder how this bank ever managed to be successful before.
With all the fraud and scams in the world - how did no one find this guy sooner?
A lot of businesses operate on trust networks at some level. The difference is that successful operators in this space will only place calculated bets and will rapidly update their level of trust when someone fails to follow through. This person apparently didn’t learn that lesson.
There is also a tendency to keep digging once a victim is deep in the hole. They know their job is already lost if they stop now, but just maybe there’s a chance that a little more digging will reveal a turnaround that covers up their past mistake. Scammers exploit this to encourage incrementally more digging into an already deep hole.
reminds me of a time I went to an event on meetup, I think I made a new friend so we meet up later together at a coffee shop he starts asking me what I know about marketing... I'm like no way... is this (makes a pyramid shape with my hands) guy stops talking
These scammers aren’t random individuals, they’re business that invest a lot of time and energy into working out how to scam people. They’re professionals targeting amateurs.
Everyone would like to be Charles Lindbergh, but far more common to be Charles Clavier or Noel Davis, failing, dying, and forgotten.
For that reason, we shouldn't over-index our society around the Charles Lindberghs.
Bonus points: You are less likely to empower literal nazis.
I even have IRC transcripts to this day where I would ask the dude “this isn’t a scam right?” and I would be reassured until the next day and I’d think about it more, ask more questions and then deposit more damn monies! The greed will subvert all logic if the daily vig is high enough. Or it did to me and I learned an extremely valuable and costly lesson.
Don’t be greedy. Anything that’s too good to be true in investment terms is exactly that: too good to be true. Anyone that can pay 1% interest daily doesn’t need your money. In retrospect it’s obvious and some of the people participating back then were screaming “ponzi” while depositing more and more possibly trying to break it to prove the point. Eventually it got too big and broke.
“Break it to prove a point” would be an accurate description of your average Bitcoin dweeb in 2012-2014 or so. I spent considerable time Sybil attacking and dusting every namecoin address I could at one point. Not for any specific reason just because I could.
After the smoke cleared I punished myself for years, volunteering for things I had no business getting involved in. I hated that I allowed myself to be scammed but it was a multi-year “friendship” that developed pseudo-anonymously over IRC. I don’t make new friends on the internet anymore because I can’t verify authenticity or identity these days unless I can touch you and see you.
Back then it was $7500 I didn’t actually work to earn and I was just letting it ride for 1% interest daily, compounded. I was famously asked on IRC how much I lost and my answer was and still is “more than car, less than a house” - not an attempt to minimize it but to quantify it.
Trendon did his 18 months and if he’s reading this - Yo dawg please stop skipping out on your apartment rent and stay out of small claims court bro, seriously grow tf up.
(0) https://www.sec.gov/enforcement-litigation/litigation-releas...
Court transcript is a wild read if you can find it. Bitcoin is possibly money today because of this case (and by extension, my actions) was filed in Texas where this guy wiped his AWS account, stonewalled both the SEC and FBI on discovery and attempted the defense “Bitcoin isn’t money, I did nothing illegal”
That defense didn’t work.
In any case the parent comment rings true:
-Escalation of trust -Pushing boundaries to find if they exist -Friend-like communication in what should be a business relationship -Trust networks and/or referrals to participate -“sold out” “sorry not accepting new customers” are the best “For Sale” advertisements -Betting bigger or digging a deeper hole
I went off script a bit here, apologies, but the comment triggered a brain dump. People get scammed for different reasons.
100% this. No one is immune. Not even "savvy tech people;" Theranos and FTX were similar affinity frauds (https://en.wikipedia.org/wiki/Affinity_fraud) commited against Silicon Valley old-money and VC circles, respectively.
That’s what separates competent people from rubes and tech VCs. A bit of due diligence.
It is 2025 - still banks can't do everything through their apps. To Fintech: Stop SMS based OTP , have better apps. You no longer have the excuse that you can't hire engineers.
I am sure he "saw" real returns on a very real looking app or website. As we transition to a cashless society we are all getting use to the numbers on our computers and phones representing real money.
My paystub is digital, it goes into my bank account directly and the numbers on my computer go up. I spend money by taping a computer chip onto another computer chip and then the numbers in my bank account drop. I can also digitally transfer those numbers to a brokerage account and click a few buttons and then the numbers go up and down depending on how people are feeling about the stock market. In the past few years, seemingly always up, which I think is priming young or naive investors to believe investments never fail.
Exactly: "Hanes told Mitchell a confusing story. Not long ago, Hanes explained, he started investing in cryptocurrencies with the help of some people he met online. First, he and his partners deposited money on a reputable U.S. platform for buying and selling crypto. The profits were enormous, he said: He took out his phone to show Mitchell his account balance, which seemed to indicate that the investment was worth $40 million."
Crypto is great for scams even beyond it's infrastructural advantages because a lot of people made a ton of money from investing money they couldn't afford to lose in things that were pretty indistinguishable from the actual scams.
This nuance lost on the common cryptocurrency speculator given that they have no idea what cryptocurrency actually is or how it's supposed to work.
The fact that you're even arguing this point shows how easy it is for people to fall for this crap.
Anyone can make a real looking app that makes it look like you're making money when they've already stolen all your money and spent it on hookers and coke on yachts.
Not anyone can start a real bank in the US, and if they can, you generally have protections in place to not need to worry the bank is that egregiously fraudulent.
Investments fail, there are plenty in the news. Broad market indices, however, don’t fail. There have been numerous bailouts over the previous decades. Why would one assume any future government wouldn’t continue bailouts if all the previous ones did?
When the organization is as big as the U.S. government and has as good credit as the U.S. did in 2008, you can save an awful lot of financial institutions. But if it gets to the point where everybody expects to be bailed out and people start acting accordingly, you can't. Eventually the government ends up falling, as people start realizing that the economy isn't actually working and everybody is just cooking the books with financial transactions.
Government policy makers know this, and their livelihood is dependent upon the continued existence of the government, and so at some point they declare "Nope, bailout is not going to happen this time. You're on your own." At that point, the last group of people who took stupid financial risks are left holding the bag. It's very much like a pyramid scheme: the going is good as long as you can find a greater fool to assume the risk from you, but at some point there are no greater fools, and you find out the greater fool was you.
Isn’t that all the policy makers, old voters, taxpayer funded DB pension funds, etc that depend on broad market equity index fund returns?
Obviously, the system breaks down when it breaks down (when the currency has no purchasing power left to lose), but until then, the entire political apparatus is incentivized to bail out asset prices.
And if that isn’t possible, then the status of your investments/brokerage/bank accounts is going to be the least of your worries, as you will have more immediate concerns about procuring food/energy/shelter/security.
The Crisis of the Third Century, which starts in 235, is where the inflection point between "broadly stable" and "broadly negative" sets in, and the shocks both of the Crisis of the Third Century and the Plague of Justinian are each larger than the shock of the deposing of the last Western Roman Emperor.
However, the point I was trying to make is that Rome's decline sure lasted a very long time indeed.
Additionally, 235 being so important is only obvious in hind-sight. To anyone living in the Empire in 235, I suspect it felt an awful lot like the Year of the Five Emperors (about as far away from 235 as Diocletian is the other direction) and it wasn't until a while later that it became clear that no Septimus Severus type was going to be able to put it all back together quickly.
How long to you have to live, to see a return?
235 to 285 were tumultuous times, civil war and all that goes with it
Famous last words
All economic gains that don't come from real productive activity are Ponzi schemes. Some last orders of magnitude longer than others.
People don't understand that these trust networks are only as strong as the weakest link. Even with everyone having good intentions, they don't understand that people can be blackmailed, have mental health breakdowns, etc.
Or, more cynically, this guy was destined to be scammed and the internet in short order put him to the test. One has to think though that if it were a local scammer we would not be talking tens of millions of dollars.
And while we're at it, find the business owners of the auto dealerships in any metropolitan area. These families and the ones that own the largest construction contractor companies are the lesser-known millionaires living in our midst that might have large bank accounts.
And who knew small town church coffers might have millions lying around.
The article touches on exactly this:
>No one in Elkhart has managed to make sense of the mystery at the center of the betrayal: Why did a successful, financially sophisticated banker, a man the whole town trusted for decades, gamble his life away for a shot at crypto riches?
Though this guy had been previously fired from the same position at the bank in 2011 for financial irregularities under his watch, so they kind of only have themselves to blame:
>But in 2011, the leaders of the Kansas Bank Corporation grew concerned about Hanes, according to Tina Call, who served on the company’s board at the time. They had discovered problems in his loan portfolio — borrowers who lacked sufficient collateral, financial paperwork that didn’t seem to add up.
>Hanes was eventually fired for reasons that remain in dispute years later.
If it wasn't a crypto scam, it would be a lottery scam, or a job offer scam, or romance/pigbutchering scam, or a tech support phone scam, or a meatspace MLM scam like Amway and Herbalife. There is no shortage of ways gullible, financially-illiterate people can be separated from their money.
[1] https://unchainedcrypto.com/how-i-almost-got-slaughtered-in-...
IDK. It's one thing to fall for a scam and lose all your money. It's another thing to, after all that, go to your board of directors, ask permission to invest bank money in the scam, and when they say "We don't feel comfortable with this" tell them "Too late, I already invested the company's money in this for you." This is not a financially illiterate person, but someone who seemingly knew he needed board approval for an investment at scale, yet simultaneously ignored it and assumed he would be given it when asking retroactively.
There's a great many other failures of control here, like staff disobeying policy when he told them to. And perhaps it's my family history speaking here, but I suspect this guy has an undiagnosed mental illness (bipolar?).
One of the companies I work with recently started looking at partnering with this company: https://scamnetic.com/
I like the idea of providing better education about scams to consumers, but this company gives me some pretty weird vibes. I wonder if we're on the cusp of another security theater boom similar to the plethora of companies that sprung up around identity theft and mostly seemed to exist to allow companies to mitigate any responsibility for their poor data and security practices.
Edit: Further, "education" shouldn't even be a factor here. You should not need to protect yourself from being scammed. Taking advantage of people's trust and stealing their money should be illegal, the offenders should be punished, and the victims made whole. There is no reason in a civilized society to permit financial crimes, which is what this shit is. Stealing is fucking stealing, whether you take something from a store, whether a bank issues bullshit fees, whether an employer doesn't pay fair wages, whether a con man tricks you into buying ape pictures.
Under the current administration, you need to protect yourself far more than before.
- The Consumer Financial Protection Bureau is gone.
- The Justice Department will focus on "violent crime", even though that's mostly the job of local law enforcement and the FBI doesn't handle 911 calls. In terms of dollars, white collar crime is far bigger than violent crime. (Burglary in the US is way down, about a fifth of what it was in 1990.)
- The administration plan is to move crypto enforcement from the Securities and Exchange Commission to the Commodity Futures Trading Commission. Heavy payoffs by the crypto industry have enabled this. [1]
It's called "deregulation", suckers. Open season on Americans.
[1] https://www.nytimes.com/2024/11/06/technology/crypto-industr...
>whether a bank issues bullshit fees, whether an employer doesn't pay fair wages, whether a con man tricks you into buying ape pictures.
So basically giving someone a bad deal is therefore theft? This isn't a principled idea to hold, it is pretty much a slippery slope to call any transaction you don't like theft afterwards.
One advantage of cryptocurrency is that it prevents parties from "renegotiating" deals like this after they've made them. Fraud is pretty uncommon on say, the silk road or something for the same reason it's uncommon on ebay or craigslist: when consumers have to actively consider the trust networks they are using, the market becomes more transparent and trustworthy. When you defer to some arbitrary, opaque authority to settle transactions, that's when you get situations like this.
It's not about whether or not I personally like it, it's about whether or not it has the value it's ascribed to. NFTs are murkier in that some people believe they have value, and I guess that's fair. I think it's demonstrably false, but I doubt a person who believes they have value would consider an NFT purchase fraudulent, and therefore would not pursue it.
If however a given person was suckered into buying an NFT by someone, and later realized it was worthless, I think that's absolutely something that at least bears considering in terms of it being fraud, in a court of law. I don't see how it's different from any other situation where a given individual has sold worthless assets.
> One advantage of cryptocurrency is that it prevents parties from "renegotiating" deals like this after they've made them.
One huge disadvantage is that on any cryptocurrency with any decent amount of traffic as a currency is that the value of it shifts wildly from the beginning to end of the transaction. And that can bite either party to the transaction, which is why the only currencies that see substantial use as a currency are the ones with low adoption rates. It's basically pointless to accept, for example, Etherium as payment unless you yourself are speculating on it's future value. But that's not a currency then, not in any normies' definition. A hundred dollars is worth the same today, for all intents and purposes, as it was a year ago. Plus or minus a few percent for inflation. The $4 you plunk down for a fancy coffee is not going to be worth $0.50 or $400 by the time the barista hands you the cup, otherwise no one would use money.
> When you defer to some arbitrary, opaque authority to settle transactions, that's when you get situations like this.
Cryptocurrency defers to the blockchain, and the various software that interacts with it. This is literally no difference to deferring to any other centralized institution to form trust. The only difference is the layman has no way to seek justice from a blockchain.
In the first 3 episodes (free to listen), the podcast team pulls the thread and finds that the scammers are a highly organized system of scammers.
They are based out of Myanmar, outside of the law of the central government (basically warlord country). They trick people with English skills into coming to Thailand for a job then smuggle them across the border without their know.
Recent news update: Just in the past week, Thailand used their military to invade and free thousands of people who were being held captive in these warlord towns, meaning this scam organization likely lost their pig butchering talent.
The others are trickier as the government officials get paid off but it Thailand, China and Vietnam said free them or we close the border it would put a fair bit of pressure.
Shan Hanes was both a victim and a serious criminal. If he had lost just his own money I'd feel terrible for him. But as he got in deeper he was knowingly taking money first from his employer and later directly from his own customers' accounts. He took steps to cover his tracks. Shan Hanes is exactly where he belongs.
Edit - I listened back. Her name is Kathy Wilson, a mental health professional in Colorado. She called criticism of Shan "victim blaming". She compared his situation to the bank being robbed at gunpoint. She again calls his sentence "victim blaming".
I will say I think his 24 year sentence is barbaric but I often feel that way about American prison sentencing.
Testing the waters "Hanes was eventually fired for reasons that remain in dispute"
Hubris works "Hanes assembled a group of local investors who started a bid to buy the bank and restore control"
Self-immolation where the lies stop working "After draining his personal savings, Hanes began stealing — from his local investment club, from his church and finally from the bank."
And, as you note above, the conman still has his defenders ready to open their hearts (and probably checkbooks!) for another round.
He was used by more successful thieves. He is still responsible for his actions
I feel terribly sad for him, a tragedy for him and his. But he choose to steal
The real lesson is "don't use other people's money for your own schemes", which is exactly how he got rich to begin with. Banking taught him the opposite lesson for years. And voters couldn't care less about primary'ing politicians for banking regulation even after the mortgage crisis, so it will never, ever stop.
This is an extremely common scam; the group https://reddit.com/r/scams is very interesting, with many stories of this scam and others. Key takeaways: it's easier to get scammed than you'd think. Never spend money to withdraw money. Don't respond to wrong-number texts. Anyone who wants cryptocurrency (or gift cards) is scamming you.
I both completely understand how/why he feels that way and am also disheartened that this is so many people's viewpoint on prison.
All that said, Hanes is/was an idiot and a snake. It's one thing to be taken for a scam, it's another to steal from work/church/friends/etc for a scam. One I can forgive, the other, not so much.
Back in 99/00 a friend of mine received the 'I am a Nigerian prince' email. This scam was very new at the time and neither of us had seen anything like it before. My friend was believing and accepted it as a good money making opportunity, whereas I was instantly 'this is so obviously some kind of dodgy thing'. Luckily I was able to persuade him to not follow up.
Crypto is a scourge, it is not something you want in your society. It has no utility. It is pure speculation. There is no balance sheet to crypto, there is no financial statements. There is no audit inspection, examination, net capital requirements, no licensure of individuals involved, and there is no transparency into it. That creates real systemic risks, not just risks for investors.
But the other part people don't talk about enough is the dire externalities that are enabled by crypto. Every single crime you can think of, is easier to do now because of crypto. Especially ransomware, human sex trafficking, sanctions evasion, money laundering. North Korea is financing their nuclear program using crypto.
Crypto companies accounted for almost half of corporate donations in the 2024 election cycle, with some contributing tens of millions of dollars to help Trump win a second term in office. Trump previously called Bitcoin 'a scam against the dollar', but after crypto industry plowed tens of millions into the election, Trump is now for it.
replace crypto with railroad in the 19th century. Or even just Internet in the 90-ies. Or AI in 20 years.
It was a small bank, looks like probably only a dozen or so employees total, if that paints a picture of how this might have happened.
Aha, here's the writeup by the Federal Reserve, very well-done!
> Heartland employees circumvented the bank’s internal controls and policies; following those internal controls and policies may have prevented or detected the alleged fraudulent activity. We believe that the CEO’s dominant role in the bank and prominent role in the community contributed to a reluctance on the part of Heartland employees to question or report the alleged fraudulent activities earlier.
> The events leading to Heartland’s failure revealed a significant breakdown of internal controls, including controls related to wire transfers and suspicious activity reports (SARs). Specifically, senior bank employees circumvented the bank’s wire policy and daily limits to approve and process the CEO’s alleged fraudulent wire transfer requests. Additionally, Heartland employees did not follow the bank’s Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) (together, BSA/AML) policy.
https://oig.federalreserve.gov/reports/board-material-loss-r...
Yer policies are only as good as the people following them...
There's this line:
> In 2012, Hanes returned as president of Heartland, which adopted an ownership structure that has become common across America: The bank was controlled by a group of roughly 35 local investors, including Hanes and his wife, as well as Jim Tucker and his father. No one outside Elkhart would dictate the bank’s future, and all the profits would flow back into the area.
Ahh, ok, so they probably couldn't just sell their shares on the open market. And this is not to blame the victims, of course. I guess this is a downside of this business structure. I wonder if there are ways to mitigate this risk - some sort of insurance?
The goal of cryptocurrency is to have a financial system with none of that pesky government regulation.
Yes, there will be scams but eventually people will learn non-governmental solutions that (my libertarian friends tell me) will be net better than government regulations.
“Bug closed/works as intended.”
Except it's just a speculative asset, not an actual financial system, unless you count its use by criminal elements to actually transfer funds.
Ledgers can't scale to allow for a financial system that could serve an entire country either, due to transaction speed issues.
I think there's some good ideas involved - a financial system not under the control of a government, but the current implementation of everything crypto is failing at everything other than financial speculation.
I used crypto sell a GPU to someone I know. I regularly use it to trade hardware over the internet, and I would use it more if more vendors on ebay and such accepted it.
It has low fees, works with open source software, and is pretty straightforward to accept without fear of charge-backs or fraud. The volatility is only a problem in the short term, and I don't mind holding on to crypto despite volatility because it has a lower inflation rate than the USD.
>Ledgers can't scale to allow for a financial system that could serve an entire country either, due to transaction speed issues.
A lot of the issues with transaction throughput have to do with the network parameters of old cryptocurrencies like bitcoin which were optimized for a 2009 internet.
A single ledger can't scale, but if you just boosted the block size of a bitcoin-like cryptocurrency to ~200MB you would have transaction throughput on the order of paypal. If you do payment channels on top of that and/or have atomic swaps between multiple merge-mined ledgers I think that you would have a decentralized payment network which could serve the entire world's current needs, at least for online transactions.
Well yeah, it's a great option for the seller. You get non-recourse cash before shipping the item. The real question is why people are willing to send it to you. From the other side, it's basically asking to be defrauded.
PE typically raises prices. Replaces all good employees with the cheapest. Then runs up debt that they have no intention of paying back all under the guise of expansion.
This needs to be done loudly and often to make it very clear to everyone involved in the business of managing others' money that they should treat everything even remotely cryptocurrency-related as radioactive.
That said, perhaps Hanes would have been duped by an similar non-crypto scam. It seems that all he needed was some online contacts and a fake web page with numbers on it.
Ultimately, it wasn't the crypto that was the problem. The problem was that he stole other people's money. He didn't mismanage it; he stole it.
which is why crypto increases the lucrativeness of scammers.
Fun fact: north korea is dabbling very much in crypto hacks , north korea is possible for so many of crypto hacks. (not scams though , but who knows ? )
Generally speaking cryptocurrencies are a scam for the purpose of sending currencies because their prices fluctuate.
They can't be an investment because they are a speculation.
They can't be a speculation because even before doing the speculation like gambling , you would most likely be scammed.
Its a scam.
And this is me after I have created something on top of Nano cryptocurrency just recently. Though I did with 0.000001 nano which I got from some one time captcha. Basically nanotimestamps.org (still not created the website because I am so lazy and I have only done it with the server client model , not sure how can I do with real people funds and without a server / wasm in client) where it creates blockchaine-d timestamps which you can verify. I have created another where you can store data on the nano blockchain by routing some transactions (like 3-4) (but you don't lose any nano 0 nano lost in process , inefficient can work for only 3-4 characters) I have created another where you can store data on the nano blockchain by losing 10^-30 that is the lowest point of nano , something which you get a lot of , even from a free faucet that you don't have to do another captcha again and it moves it up to 32 characters)
I think this is the purpose of blockchain and this and this only. I don't want to create / work on this because I feel that just because I am writing this on nano , people are going to get all hyped up on nano and I buy it and indirectly I become part of some scam.
I am okay with if a cryptocurrency is equal to so people don't buy more than 1$ but for anything more , I genuinely wonder.
Also I think I like the concept of monero from the process of anonymous transactions and that only. But still I won't treat it as a store purpose but rather temporary.
I hope that these stay stable and scams go away.
I have 0.000002 nano that I got by doing two captchas and I won't ever "invest" in crypto , only if I want to buy something anonymously or sell it , will I ever use monero and that too I would mine it myself,
I would invest only & only in index funds.
By revenue, cryptocurrency is for crime. The couple of anecdotes about someone getting money out of Venezuela with crypto only help to legitimize a wealth transfer to criminals of historic proportions.
Crypto seems to be purpose built to enable laundering of massive amounts of money under the guise of a bad investment.
I had to make several promises that I would not let crypto currency anywhere near it
ETH is the stock market of the 1920's. Rugpulls and blatant pyramid schemes everywhere you turn.