College Student Stole $7M from Investors. The SEC's Case Against Krish Kumar Has Lessons for Every Investment Adviser.

TL;DR

• On March 26, 2026, the SEC charged Tulsa college student Krish Kumar with misappropriating nearly $7 million from two investment funds he created and managed.
• Kumar fabricated performance data, photoshopped brokerage records, and used investor money from a second fund to pay off investors from the first — a classic Ponzi structure.
• Investment adviser compliance programs are the last line of defense before regulators get involved. This case is a textbook illustration of what breaks when those controls are absent or ignored.

---

A Tulsa college student raised $7.8 million from around two dozen investors. He created two investment funds. He fabricated performance returns, photoshopped brokerage screenshots, and lost nearly everything through concentrated, undisclosed bets on crypto-adjacent options. When the first fund collapsed, he launched a second — and used that money to quietly pay off investors from the first.

On March 26, 2026, the Securities and Exchange Commission filed settled charges against Krish Kumar in the U.S. District Court for the Northern District of Oklahoma (Case No. 26-cv-00184). Litigation Release No. 26507 describes one of the more brazen investment adviser fraud cases to emerge in recent memory — not because of its scale, but because of how many textbook red flags were present at every stage.

If you run or advise an investment adviser’s compliance function, this case is worth reading carefully. Because Kumar’s investors — many of them parents of his college friends — didn’t lose money because the market turned. They lost it because a compliance program didn’t exist.

---

What Happened: The Full Timeline

January 2024. Kumar establishes Future Fractal Investments LLC. His pitch: a proprietary algorithmic options strategy he had backtested himself, restricted to two index ETFs tracking the S&P 500 and Nasdaq-100. He told investors the maximum drawdown was capped at approximately 25% and that no single trade would exceed 5% of assets under management. Conservative. Disciplined. Professional-sounding.

None of it was true.

January 30, 2024 — second day of active trading. Kumar begins trading outside the represented strategy almost immediately. According to the SEC, he never traded in one of the two ETFs at all, with only limited activity in the other. The algorithmic strategy was fiction.

February 3, 2024. Kumar sends an email to more than 30 existing and prospective investors claiming Future Fractal achieved a 15.7% return in its first week of trading. The SEC’s trading analysis shows the fund actually lost approximately $1,200 that week. The fabricated performance claim worked — it attracted 12 additional investments totaling $4.7 million.

Late February through early March 2024. Kumar transfers more than $5.6 million of Future Fractal’s assets into personal and nominee accounts he controls. He then takes those funds and purchases 33,009 option contracts in a single publicly traded crypto-asset technology company focused on Bitcoin mining. Over four trading days in mid-March 2024, approximately 98% of those transferred assets are gone.

March 14, 2024. Kumar emails investors to explain the losses. He attributes them to ETF trades and a stop-loss order. The SEC says neither existed. He attaches a photoshopped brokerage screenshot to support the false narrative.

May 2024. Kumar launches Arcane Resonance Fund, LLC. He raises approximately $1.8 million from 10 investors — most of them parents of his college friends who had no prior exposure to Future Fractal. His offering materials claim a worst-case expected return of 1.2x and state that approximately 99% of assets will be used for investment purposes. He tells at least one Arcane investor that his prior fund had earned a 30–40% return.

Future Fractal, of course, had earned nothing. It had lost nearly everything.

What he did with Arcane’s money: $300,000 went to a Future Fractal investor to cover their losses. $20,000 paid a personal debt unrelated to either fund. The remaining approximately $1.3 million was transferred to his personal accounts.

March 11, 2025. Kumar informs Arcane investors the fund is down approximately 80%.

In total: approximately $5.6 million misappropriated from Future Fractal, $1.3 million from Arcane. Kumar has repaid approximately $681,000 to investors.

The SEC charged Kumar with violating Section 17(a) of the Securities Act of 1933, Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5, and Sections 206(1), 206(2), and 206(4) of the Investment Advisers Act of 1940 and Rule 206(4)-8. He consented to entry of judgment without admitting or denying the allegations. The SEC is seeking injunctive relief, disgorgement with prejudgment interest, civil penalties, and a five-year bar from participating in securities offerings and from acting as or being associated with any investment adviser.

---

Why This Case Matters for Compliance Officers

The reflexive response to a case like this is “we’d never let a college student run a fund.” But that’s not the lesson. The lesson is which specific controls would have caught this, and at what stage.

Kumar’s scheme progressed through at least five distinct stages where a functioning compliance program would have intervened:

Stage	What Happened	Control That Should Have Triggered
Fund launch	No registration, sole manager, no independent oversight	Investment adviser registration review; ownership/control structure assessment
Trading begins	Strategy immediately deviated from disclosed parameters	Portfolio monitoring against stated investment policy statement (IPS)
Performance reporting	Fabricated 15.7% return emailed to 30+ investors	Compliance review and sign-off on investor communications
Asset transfer	$5.6M moved to personal/nominee accounts	Custody controls; cash movement alerts; independent custodian requirements
Second fund launch	New fund raised while first was actively misappropriated	Prior fund status review before any new offering; investor disclosure checks

The absence of every one of these controls isn’t bad luck. It’s what sole-managed, unregistered funds without compliance infrastructure look like from the inside.

---

The Specific Controls That Matter

1. Custody Controls — Rule 206(4)-2

The Investment Advisers Act’s custody rule exists precisely for this situation. Under Rule 206(4)-2, an investment adviser who has custody of client funds must maintain those assets with a “qualified custodian” — typically a bank or registered broker-dealer — and arrange for an independent public accountant to conduct a surprise examination at least annually.

Kumar had custody. He had no independent custodian. He transferred $5.6 million out of Future Fractal and into personal accounts across a two-week window in early 2024. A qualified custodian with independent controls would have flagged those transfers. An annual surprise exam would have discovered them at the latest.

What to implement: If your firm has custody of client assets, document your qualified custodian arrangement and confirm you have a surprise exam scheduled for this year. If an annual audit is the only control, add transaction-level controls — thresholds that require dual authorization for cash movements above a defined amount.

2. Investment Policy Statement (IPS) Compliance Monitoring

Kumar told investors he ran an algorithmic strategy limited to two specific ETFs. He traded something entirely different from the second day onward.

At a registered investment adviser, the portfolio management team’s actual trading activity is compared against the client’s stated IPS or mandate. Material deviations trigger a compliance review. That review surfaces either a legitimate explanation or a violation.

What to implement: For each fund or client mandate, document the investment strategy, permitted instruments, and concentration limits in writing. Set up a monitoring process — even a manual monthly review is better than none — that compares actual holdings against permitted holdings. Flag any deviation for CCO review within 48 hours.

3. Investor Communications Review

The February 3, 2024 email containing fabricated 15.7% returns was sent to more than 30 investors and attracted $4.7 million in new capital. That email was never reviewed by anyone other than Kumar.

At most registered advisers, all investor communications — performance reports, pitch materials, fact sheets — pass through a compliance review before distribution. This is not bureaucratic box-checking. It’s the control that stands between a fabricated number and a fraud charge.

What to implement: Establish a pre-approval workflow for any investor-facing communication containing performance data, strategy descriptions, or risk disclosures. The approver should not be the portfolio manager who generated the data — that’s a segregation of duties failure. At minimum, the CCO or a designated compliance reviewer should verify performance figures against an independent source before sign-off.

4. Related-Party Transaction Monitoring

Kumar used $300,000 of Arcane Resonance’s assets to pay a Future Fractal investor for losses from the prior fund. This is a related-party transaction — and it’s a significant red flag. Using one client’s money to cover losses from another is a foundational breach of fiduciary duty.

What to implement: Any transfer of assets between related funds, or payments to investors in one vehicle from the assets of another, should require CCO approval and board-level (or equivalent) disclosure. Build this into your issues log as a mandatory escalation item.

5. New Offering Due Diligence — Prior Fund Status Review

Kumar launched Arcane Resonance in May 2024 while Future Fractal was in active collapse. He told Arcane investors his prior fund had returned 30–40%. Months later he was transferring their money to personal accounts.

Before any new offering is launched, compliance should require a structured review of the status of all prior funds managed by the same individuals. Are they fully wound down? Are there any outstanding investor complaints or redemption requests? Any pending litigation or regulatory inquiries?

What to implement: Add a “prior fund status attestation” to your new fund launch checklist. The portfolio manager (and the compliance officer) should sign off that all prior funds are in good standing, with no outstanding investor disputes, before new investor capital is accepted.

---

Who Should Care About This Case

This case is instructive beyond just registered investment advisers. If you work in compliance at:

• A family office or private fund — Kumar’s setup (sole manager, informal investor base, no independent oversight) mirrors many private funds that operate just below the registration threshold. The absence of regulatory oversight doesn’t reduce your fiduciary obligations.
• A bank trust department — Affiliated adviser relationships carry the same disclosure and custody requirements. This case is a reminder that “small” or “informal” doesn’t mean unregulated.
• A fintech with investment features — If your platform facilitates pooled investment activity or investment advice, Investment Advisers Act registration thresholds and custody rules apply regardless of how your product is marketed.

---

So What? The Compliance Takeaway

Kumar was a college student running two funds from Tulsa with no compliance infrastructure. His investors lost nearly $7 million. The SEC caught him — but only after the money was gone.

The question compliance officers should be asking isn’t “could this happen here?” It’s “which of these five control failures exist in our current program?”

Fabricated performance data. Missing custody controls. No IPS monitoring. Investor communications with no review. New offerings launched while prior funds were bleeding. These aren’t exotic failure modes. They’re the basics — and this case documents exactly what it looks like when they’re absent.

If you’re tracking compliance findings, investor complaints, or issues that need escalation and follow-through, that work needs a system. Ad-hoc spreadsheets don’t hold up under regulatory scrutiny, and they don’t catch patterns the way a structured issues log does.

→ Issues Management Tracker & Guide — a structured template for tracking findings, owners, due dates, and remediation status — built for the practitioner who needs to demonstrate to regulators that issues are being managed, not buried.

---

Frequently Asked Questions

Does the Investment Advisers Act apply to small funds like Future Fractal?

Yes — with some nuances. Investment advisers with fewer than 15 clients and less than $25 million in AUM may be exempt from federal registration but are still subject to state registration requirements and, critically, to the antifraud provisions of the Investment Advisers Act regardless of registration status. Sections 206(1), 206(2), and 206(4) apply to any investment adviser, registered or not, who engages in interstate commerce.

What is Rule 206(4)-8, and why was it charged here?

Rule 206(4)-8 is a 2007 SEC rule that explicitly prohibits investment advisers to pooled investment vehicles from making false or misleading statements to investors or prospective investors in those vehicles. It was enacted specifically to close a gap in antifraud coverage for pooled fund advisers. Kumar was charged under it because his investor communications — including the fabricated performance email and the Arcane offering materials — constituted exactly the kind of misleading statements the rule was designed to prohibit.

What is the difference between a custody violation and fraud?

Custody violations (under Rule 206(4)-2) are compliance failures — they result in regulatory sanctions, fines, and remediation orders. Fraud (under the Securities Act and Exchange Act antifraud provisions) is a criminal and civil wrong — it results in injunctions, disgorgement, civil penalties, and, in parallel DOJ cases, possible criminal prosecution. Kumar’s conduct crossed both lines. Many custody control failures stop short of fraud; this one didn’t, because Kumar also lied about what happened.

---

Source: SEC Litigation Release No. 26507 (March 27, 2026); InvestmentNews (March 27, 2026).