I think the point here is that there is no loan at all. Erik has been compensated fairly via IPO and the shares he holds, and never noted any desire to loan funds to SDICE in the past.
I wonder if there are any other surprise liabilities SDICE has...
Moreover, management can't really pass responsibility for its own actions to the shareholders, because the shareholders have no control whatsoever. If three months down the road Erik comes and says "hey, we had a break-in, the funds are gone" then how exactly can Random Q Investor verify this claim, make sure it's not something like Vircurex pulled recently? And if Erik never comes and says thus, what's the point of the entire maneuver? In all circumstances they with the ability to prevent losses are they who must be responsible for the losses.
That such losses are not passed to shareholders was (near enough) explicitly clarified by Erik during the IPO:
b) Actually, the financial statements are better than "audited." All the information is mathematically verifiable using the blockchain, which is public. You don't have to trust any auditor, you can audit yourself any time of day to see exactly what SatoshiDICE is making (and some have done that in other threads on this forum).
If it can't be verified by the block-chain then it can't be in the financial statements - and so can't be passed to investors (by deductions when calculating net profit).
If your claimed reason for no auditing is that it can already be done then:
1. You don't need to have audits.
2. You can't charge anything which investors can't verify themselves via the block-chain.
Those two points go hand-in-hand : if you want #1 you have to provide #2 (and lose the ability to pass many costs on).
A burglary (and for that matter a theft from a BTC wallet) wouldn't be allowed to be deducted anyway - as they aren't marketing or development costs: the only two categories of deduction allowed when calculating net profits.