A trader at Susquehanna International Group allegedly doubled his crypto portfolio using non-public information. The case is not just a story of individual greed—it is a stress test of the market maker model itself. Over the past seven days, this single enforcement action has reshaped how we evaluate liquidity provider risk.
Hook On December 12, 2024, the U.S. Department of Justice charged a former Susquehanna International Group trader with insider trading in cryptocurrency markets. The indictment alleges that between 2021 and 2023, the trader used confidential information about upcoming token listings and partnership announcements to execute trades worth over $40 million, netting a personal gain of approximately $5 million. The case, filed jointly with the Commodity Futures Trading Commission (CFTC), marks one of the first high-profile insider trading actions targeting a traditional market maker's crypto desk.
Context Susquehanna is a quant-driven trading giant with roots in options markets. Its crypto division, launched in 2018, provides liquidity across dozens of centralized exchanges and over-the-counter desks. Market makers like Susquehanna are the backbone of crypto liquidity: they place continuous bid-ask orders, absorb large trades, and smooth price volatility. However, they also hold a structural advantage. They see the order flow, know which clients are selling what, and often receive advance notice of exchange listings or token launches. This information asymmetry, when unregulated, creates a fertile ground for abuse.
Core The indictment reveals that the trader received tips from a friend working at a blockchain analytics firm that had advance knowledge of a major exchange’s listing decision. He then bought the token before the public announcement, sold after the price surged, and laundered proceeds through multiple blockchain addresses. The DOJ traced the transactions using on-chain forensics, combining exchange know-your-customer (KYC) records with public ledger data.
From a technical standpoint, this case exposes three critical vulnerabilities in the market maker ecosystem:
- Order Flow Information Leakage. Market makers have access to aggregated order flow data that retail traders cannot see. Even with Chinese walls, tribal knowledge can seep through internal communication channels. In this instance, the trader used a personal device to receive tips, circumventing Susquehanna's compliance monitoring.
- API and Off-Chain Coordination. The trader exploited the lack of real-time correlation between on-chain data and exchange internal systems. He used a decentralized exchange to execute part of the trade, exploiting privacy features like Tornado Cash, though the CFTC later traced the funds back via timing analysis.
- Cross-Jurisdictional Enforcement Complexity. The scheme involved a tip from a London-based analyst, trades executed on a Seychelles-registered exchange, and profits repatriated to a U.S. bank account. Each jurisdiction has different data privacy laws and mutual legal assistance treaties, making coordination slow.
Based on my experience auditing market maker integration contracts for Compound Finance in 2020, I have seen how fragile these information isolation mechanisms are. During that review, I found that a market maker’s internal API inadvertently exposed pending order sizes to certain VIP clients due to a misconfigured websocket. While that bug was patched, the fundamental issue remains: market makers operate as black boxes, and regulators rely on self-reporting.
Contrarian Angle The common narrative is that this is a single bad actor’s failure. I argue the opposite: the market maker model itself is structurally predisposed to such abuses. The industry’s obsession with liquidity depth has prioritized speed and capital efficiency over transparency. Most market makers do not publish their order flow segmentation or their compliance audit logs. In traditional finance, Regulation NMS mandates best execution reporting; crypto has no equivalent.
Another blind spot is the narrative that “on-chain analysis solves everything.” While the DOJ successfully traced this particular case, the investigation took two years and required access to exchange KYC data. If the trader had used a private mempool or a zero-knowledge-proof-based mixer, the trail would likely have gone cold. The very tools that enable privacy for legitimate users—like zk-rollups and stealth addresses—also create gaps for illicit activity.
Takeaway This case will accelerate two trends: first, regulators will pressure market makers to implement cryptographic proof of compliance, such as providing real-time attestations of order flow isolation without revealing sensitive data. Second, the fragility of centralized liquidity provision will boost adoption of on-chain automated market makers (AMMs) and RFQ-based protocols that offer transparent settlement. Silence is the strongest proof of truth, but in this case, the silence of market maker internal controls has been deafening. History verifies what speculation cannot: the market maker model’s vulnerabilities are not just individual failures, but systemic design flaws that require protocol-level remedies.