I believe financial crime like this is far easier to be "on terms" with, if you're already in a system/team that condones it, since it has no direct victims. X Bank and AdTech startup Y might hurt, but there's no real impact.
There's also the fact that by the time you notice that something's off, you might already have implicated yourself in the crime and are afraid of getting in trouble. Probably not what happened in this case, but it does happen.
There's also the fact that by the time you notice that something's off, you might already have implicated yourself in the crime and are afraid of getting in trouble. Probably not what happened in this case, but it does happen.