Told to Buy Bitcoin for Company

Directive Without Framework or Authorization

This memo is published by Bitcoin Treasury Analysis, an independent decision-record instrument for Bitcoin treasury governance.

When an employee is told to buy bitcoin for company treasury without a formal policy governing digital asset acquisition, the instruction introduces a governance gap between the directive and the organizational infrastructure required to execute it. The individual receiving the instruction occupies a position in which operational compliance and governance compliance may diverge. Executing the purchase fulfills the directive; doing so without documented authorization, custodial procedures, or policy framework creates an action that the governance record cannot fully substantiate. This analysis addresses the structural conditions that emerge when direct instruction precedes formal framework and maps the accountability exposure that attaches to both the instructing party and the executing party under that sequence.

The record does not evaluate whether bitcoin acquisition serves the organization’s treasury objectives. It captures the governance posture produced when execution occurs ahead of policy, and the conditions under which that sequence affects the organization’s decision record.

---

How Verbal Directives Create Undocumented Authority Chains

A direct instruction to purchase bitcoin for an organization’s account typically originates from an executive officer—a CEO, CFO, or managing director—and is communicated to an individual responsible for treasury operations or financial administration. In many cases, the instruction is verbal. Even when delivered in writing, such as through email or messaging, the communication often lacks the specificity that formal treasury policy would require: allocation limits, execution parameters, custodial arrangements, and reporting obligations remain undefined at the point of instruction.

This creates a governance condition in which authority flows informally. The executing individual understands the instruction as coming from a superior with decision-making power, but the organizational record contains no formal delegation of authority for this specific asset class. Conventional treasury operations—depositing funds, purchasing money market instruments, managing short-term investments—typically occur within a policy framework that preexists any individual transaction. Bitcoin acquisition, absent such a framework, proceeds on the assumption that the instructing party’s positional authority substitutes for institutional policy.

Under ordinary conditions, this assumption may go unchallenged. Under adversarial review, the absence of formal delegation becomes a governance deficiency that attaches to both parties. The instructing executive bears exposure for directing an action outside established policy, while the executing individual bears exposure for completing an action without verifying that formal authorization existed. Neither party’s exposure depends on the outcome of the acquisition; it depends on the absence of the governance infrastructure that would ordinarily precede it.

---

Accountability Separation Between Instructor and Executor

Corporate governance structures distinguish between the authority to direct an action and the responsibility for executing it. When a formal policy governs the action, both roles operate within defined boundaries: the directing party acts within their delegated authority, and the executing party acts within procedural guidelines that specify how the action is carried out. Accountability for the decision and accountability for the execution are separable because the policy framework assigns each to a defined function.

Absent that framework, the separation collapses. An employee told to buy bitcoin for company operations without written policy becomes simultaneously the executor of the instruction and the only party whose actions produce a transaction record. If the purchase is later questioned—by auditors examining treasury activity, by board members reviewing unauthorized positions, or by regulators inspecting fiduciary conduct—the executing individual’s transaction record becomes the primary evidence of what occurred. Meanwhile, the verbal or informal instruction that initiated the action may be difficult to reconstruct, denied, or characterized differently by the instructing party.

This dynamic does not require bad faith from either party. It emerges structurally from the absence of documentation. When a governance inquiry works backward from a completed transaction, it begins with the individual who executed the trade and asks under what authority the trade was placed. A formal policy answers that question at the institutional level. Without one, the answer rests on individual testimony about a verbal directive—a foundation that governance review treats as materially weaker than documented authorization.

---

Custody and Operational Exposure Without Policy Infrastructure

Bitcoin acquisition involves operational decisions that extend beyond the purchase itself. Once acquired, the asset requires custodial arrangements: wallet configuration, key management, access controls, and procedures for securing the private keys that control the organization’s holdings. Each of these decisions, in a policy-governed environment, would be specified before the first transaction occurs. Custody providers would be evaluated and approved, internal controls would define who holds access credentials, and conditions for transfers and reporting would be documented before execution begins.

When an employee receives a direct instruction to acquire bitcoin without these structures in place, each custody decision becomes an ad hoc judgment call made by the executing individual. Which exchange or broker to use, whether to leave the asset on the platform or transfer to a separate wallet, what security configurations to apply—all fall to an individual who may lack both the technical expertise and the organizational mandate to make these determinations. Errors in custody configuration may produce asset loss that the organization cannot recover, and the individual who made those custody decisions bears operational responsibility for outcomes that no policy guided.

The instructing party’s exposure differs in kind but not in consequence. Directing an acquisition without establishing custody policy means the executive initiated a process for which the organization had no infrastructure, shifting operational risk to the individual who received responsibility without corresponding procedural support. Under governance review, this pattern surfaces as a failure of process design rather than a failure of execution—but the consequences attach to both participants in the chain.

---

What the Governance Record Reflects After Informal Execution

After a bitcoin purchase is executed under informal instruction, the organization’s governance record contains a position in a digital asset with no corresponding policy, no documented board or management authorization specific to the asset class, no approved custody framework, and no defined reporting or review mechanism. Financial records may capture the transaction itself—exchange confirmations, bank transfers, ledger entries—but the governance record that explains why the organization holds this position and under what authority it was acquired remains thin or absent.

Subsequent events determine whether this record gap becomes consequential. If the position appreciates and the organization formalizes its bitcoin posture retroactively, the initial governance deficiency may be absorbed into the new framework. If the position declines, if an audit surfaces the holding, or if a change in leadership brings scrutiny to prior treasury decisions, the absence of contemporaneous governance documentation becomes a focal point for inquiry. Retroactive documentation—policies written after the acquisition, authorizations formalized after the position is already held—carries less evidentiary weight than contemporaneous records and may itself raise questions about the sequence of decisions.

For the employee who was told to buy bitcoin for company treasury, the record gap creates a specific vulnerability. Transaction activity is visible in financial records, but the instruction that prompted it may exist only in memory or informal communications. A governance structure that would have distributed accountability across institutional functions instead concentrates it on the individual who executed the trade—not because they acted improperly, but because the formal record of proper authorization does not exist.

---

Structural Requirements for Governance-Compliant Execution

Organizations in which bitcoin treasury acquisition proceeds through governance-compliant channels exhibit a different structural pattern. Authority for the allocation originates in a formal instrument—a board resolution, a treasury policy amendment, or a management committee authorization that specifically addresses digital asset acquisition. The instrument defines allocation parameters, identifies the officers authorized to execute transactions, specifies custody requirements, and establishes reporting obligations. Each element of this framework exists in the governance record before the first transaction occurs.

Delegation of execution authority flows from the formal instrument to the individual responsible for treasury operations. That delegation is documented, bounded, and revocable. The executing individual operates within defined parameters rather than interpreting a verbal directive, and deviations from those parameters create a clear governance event rather than an ambiguous operational judgment. Custody arrangements are pre-approved, counterparties are identified through a documented selection process, and the position is incorporated into the organization’s regular reporting cycle from its inception.

The distinction between this pattern and informal instruction is not primarily about the outcome of the acquisition. It is about the quality of the governance record. Under governance-compliant execution, every participant in the chain can point to a documented instrument that establishes their authority and defines their obligations. Under informal instruction, the same participants rely on the reconstruction of verbal communications, the interpretation of positional authority, and the assumption that institutional intent substituted for institutional process.

---

Institutional Position

When an employee is told to buy bitcoin for company treasury under direct instruction without formal policy, the governance record reflects an acquisition undertaken outside the organization’s documented authorization framework. Authority for the action rests on informal directive rather than institutional instrument. Accountability concentrates on the executing individual rather than distributing across governance functions. Custody and operational decisions proceed without policy infrastructure, creating exposure that attaches to both the instructing and executing parties.

The governance position produced by this sequence differs materially from one in which formal authorization precedes execution. The difference is not defined by the asset acquired or the outcome realized. It is defined by the presence or absence of a documented governance framework that substantiates the organization’s decision to hold the position and assigns accountability through institutional channels rather than informal authority.

---

Boundaries and Premises

This memorandum assumes an organizational structure in which treasury decisions are subject to formal policy frameworks and in which digital asset acquisition falls within the scope of actions requiring documented authorization. Organizations operating under different governance structures, sole proprietorships without formal treasury policy, or entities in jurisdictions where digital asset acquisition carries different regulatory treatment face different conditions. The record does not prescribe the content of any policy, does not constitute legal advice regarding employment obligations or fiduciary duties, and does not assess the legality of any specific instruction or transaction. The documented conditions reflect the posture when this record was produced.

---

Framework References

Why Companies Reject Bitcoin Treasury Allocation?

Hospital System Bitcoin Treasury Reserves

Dental Practice Bitcoin Investment

Relevant Scenario Contexts

Venture Backed Saas — Holding (10M) →

Family Business — Holding (1M) →

Nonprofit — Considering (5M) →

← Return to Bitcoin Treasury Analysis

Explore Related Scenario Contexts →