An internal risk assessment conducted at TikTok’s Chinese parent company ByteDance found systemic issues with fraud and inappropriate data management, per new Forbes reports.

The review, completed late last year by ByteDance’s audit and risk control team, was based on some 90 interviews with ByteDance and TikTok employees across various divisions. A report summarizing the audit’s findings suggests that the tech company has an institutional issue with embezzlement.

Other experts believe that the fuss around ByteDance’s data practices only serves as a distraction from the larger issue of regulating consumer data collection, storage, use and sale in the US.

“While the audit findings are certainly concerning, it is important that hyperfocus on ByteDance does not become a convenient alternative to addressing the more central issue – the need for congress to enact federal privacy law and to regulate big tech to address broader national security risks related to data misuse and its susceptibility to exploitation for counterintelligence, by bad actors or for unlawful domestic surveillance,” says Arielle Garcia, chief privacy officer at advertising agency UM Worldwide.

Read more on The Drum.