In a world brimming with shiny new tech and big promises, making important decisions about where to invest can be challenging.

This article was also featured in IT Pro January 2023 edition and PC Pro.

Last year we saw three high-profile corporate scandals with larger-than-life CEOs in the dock facing serious allegations and it is tech companies that are at the centre of all the action: Theranos, Wirecard, and Autonomy. All three CEOs have been charged with fraud. 

The former CEO of Theranos, Elizabeth Holmes has had her day in court and has been found guilty of fraud. In November a judge sentenced Holmes to 11 years in prison. Holmes touted Theranos as a health technology company, raised US$700 million, was featured on Forbes, and defrauded a catalogue of wealthy families, as well as a number of prominent statesmen. 

The payment processing firm Wirecard’s former CEO Markus Braun languishes in jail after his bail was revoked. Braun is awaiting trial on charges of fraud, breach of trust, and accounting manipulation. But that’s the sanitized account. For the money shot, read Money Men. It’s written by Dan McCrum, the Financial Times (FT) investigative journalist who brought down Wirecard. That book reads like a mash-up between the late spy novelist le Carré and the late great gonzo journalist Hunter S. Thompson. It’s a wild ride.  

And last but not least, former Autonomy founder and CEO Mike Lynch is on track to be extradited to the US where he faces criminal charges of wire fraud and conspiracy to commit wire fraud. Lynch created Autonomy’s core product: Intelligent Data Operating Layer (IDOL).  IDOL is focused on the analysis of unstructured data. It is a clever bit of kit, that’s not in doubt. 

Three previously highly regarded CEOs are in a whole lot of hot water, awaiting sentencing, awaiting trial, and awaiting extradition.  

These scandals provide useful fodder for investors generally but tech investors especially to reflect on and to recast what we think we know about corporate governance and due diligence. Because however deep their pockets, no investor can afford to put their money into a scheme that is bound to fail in the future or worse is already failing now.

In this article, we will explore what investors did right, what made absolutely no difference, what went wrong, and what, if anything, might have alerted them to wrongdoing. What could investors do differently in the future and is there one thing that might have alerted investors to wrongdoing within the companies. Let’s start with the theory. 

Jurisdiction and investor type

There is a good deal of academic literature on corporate governance models in the UK, the US, and Europe. Typically, the authors will make a case for one of these jurisdictions as a preeminent destination for investors because of oversight, monitoring, and/or control of management. As if to demonstrate this is simply not the case, each of these tech businesses was incorporated in a different jurisdiction; Theranos in the United States, Autonomy in England, and Wirecard in Germany.  

Whether Theranos could have occurred in Germany, it’s not for me to say. What is possible to say is that obviously, each jurisdiction is capable of delivering a type of fraud that is really damaging to the tech investor. While jurisdiction provides no sanctuary, there’s also no immunity for professional investors either. 

Oh oh auditors and the value of verification 

It is a normal function of any professional team working to acquire a business or invest that they would seek to verify statements made by these companies with respect to cash reserves, revenue streams, profitability, and so on. 

Typically, auditors can be relied upon. Unfortunately, in the matter of Autonomy and Wirecard, the auditors failed to properly scrutinise the businesses that they were auditing. Deloitte’s audit of Autonomy enabled Lynch and his Chief Financial Officer to “present a misleading picture of its financial position”. 

Similarly, Ernest and Young’s audit of Wirecard’s revenue stream failed to reveal that the apparently highly profitable and cash-rich company was neither profitable nor rich. 

This is deeply discouraging for any investor who would consider auditors a sound and reliable resource. Truth buys trust and if auditors are not capable of getting to the truth, then their reports are of little or no value. It raises again the question: can an auditing business be truly independent when it is dependent on the subject of its audit for revenue? 

Verifying with independent, trusted experts has enormous value. Had Theranos investors checked with professionals from the pharmaceutical or bio-med sector or a medical doctor, then it is entirely conceivable that they would have learned that the tech wasn’t possible and avoided substantial losses. 

Profiling the CEOs - nothing and everything

Profiling the CEOs of Autonomy and Wirecard wouldn’t have revealed anything that might feasibly have assisted the investors. If anything, the exercise may have been a source of comfort. Lynch was a gifted academic, he earned his Ph.D. from Cambridge. Braun’s undergraduate degree is in commercial computer science and he completed his Ph.D. in social and economic sciences while working as a KPMG consultant. On paper, these guys look like the real deal. 

This is in stark contrast to Holmes.  She had no background in any of the disciplines necessary to take part in, never mind run, a medical diagnostics equipment project. If only those investors had checked.

Check the tech 

In the case of Autonomy, checking the tech did not assist in revealing the fraud. The product IDOL worked. In fact, IDOL worked so well that in the summary judgement the judge referenced words attributed to Meg Whitman who became CEO of HP. She said that it was ‘almost magical’.  Tech does not go to the heart of the Autonomy fraud which is a plain vanilla key metric and earnings manipulation fraud. 

Investors in Wirecard, like Softbank for example, may have had more luck had they checked the tech before pumping in nearly a billion euros into the failing firm. Wirecard was on the face of it a profitable payment processing firm. Their revenues were fabricated.  Checking the tech would have revealed data relating to the payment process. The payment process involved a few different actors: the end user, the issuing bank, the merchant, and the partners. Closer scrutiny of a random set of payments could have followed these ‘payments’ up or down the pipe. Fabricating revenues is one thing. Fabricating users interacting with merchants and issuing banks is beyond the wit of men.  

The most egregious tech fraud is undoubtedly Theranos. Their blood testing system amounted to wires in a box. The tech didn’t exist. To test the efficacy of the Edison the investors would only have needed to have known an answer to a question in advance and sense-checked that against the Edison’s response. The lack of imagination and determination by investors to verify the efficacy of this tech makes this a dreary fraud. 

The great thing about techies is that they want to show you how their kit works. They want to show you all the clever features, and when it works, they want you to play with it. Whether you're investing in the firm or the technology. Always, kick its tyres. It is the fastest way to determine whether something works. 

Hokey Cokey principles 

Both Wirecard and Theranos engaged in tactics that fell well beyond normal business practices including surveillance, doorstepping, intimidation, and threats implicit and express against analysts, journalists, and former employees. That is shameful behaviour. It indicates a willingness to cross the line that should have put current and future investors on notice of a failing firm. Integrity and principles aren’t subject to the Hokey Cokey routine. You’re either in or you’re out. The firm either behaves in a principled manner or it does not. 

Another red flag that was missed in both of these cases; individuals within the firms were promoted well beyond their capabilities into critical business roles while experts and qualified individuals were demoted, demeaned, and defamed. This shows such poor leadership that this alone should concern investors. 

The Free Press isn’t free

Why investors didn’t raise an eyebrow when lawyers for Wirecard and Theranos pursued credible, leading global publications in an effort to silence them is anyone’s guess.

It is to their endless credit that the investigative journalists and editors at both the FT and the Wall Street Journal (WSJ) would not be intimidated into submission. Uncovering these frauds and bringing them to light was only possible because both of these well-capitalized publications had the might and the resources to withstand the bullying tactics of criminals. 

Don’t let others define the world around you. 

Holmes touted Theranos as a health technology company. That’s misleading. The proposal was actually to create medical diagnostic equipment capable of surpassing existing equipment and miniaturising it. 

Reframing the proposition might have caused investors to pause. In addition, readers will recall that Holmes had no background in any of the disciplines necessary to take part in, never mind run, a medical diagnostics equipment project. If only those investors had checked.

Consider your source

The free press isn’t actually free. Anyone looking to invest in tech should be doing their homework. Had investors like Softbank put more weight in the reports from the FT about Wirecard they could have saved themselves 900 million euros. That's a solid return on investment. 

Auditors, as we learned cannot sadly be relied upon, are paid by the company, and in no way meet the definition of ‘independent’.  While large auditing firms hold themselves out as the unrivaled experts, that tune changes when they’re caught up in a fraud. The very thing they’re expected to uncover. At that point, they’re only human. More of that humility at the front end and more confidence at the back end of these scandals would help to restore the reputation of some of these players. 


Academic theory suggests that optimising for corporate governance makes a difference. The reality is that criminals will work around every system to perpetrate their fraud. Investors cannot afford to be complacent. 

Ultimately what investors did right was to seek to verify the statements made by these firms. Unfortunately, what they did wrong was to rely on sources that weren’t credible and simultaneously dismiss those that were. In order to avoid a similar fate investors would do well to rely on trusted, independent experts. 

However, you carve these scandals up, these leaders operated from the same fraud playbook. They overstated performance, recorded bogus revenue, and they trusted that the brazenly mocked documents painted a picture of firm value and that no one would bother to check. 

For all their differences these scandals relied on the same tactics: dishonesty, deflection, and misdirection. They just had different products. 

Find out more about Dr. Rois Ni Thuama, Tech100 Women Winner and Red Sift Head of Cyber Governance, here.