my few c

1. select for update to lock selects, then update the btc value, in a transaction.
2. trigger on db owned by privileged user on update for the btc value field, that throws an error to rollback transaction if negative.
3. audit sum() of values vs expected nett btc balance, which I'd expect was done already
4. triggers that log changes of btc values into log fields, sql injection can be logged

There are many others like hashing and triggers to validate data, and to ensure sql injection if happens can be discovered easily.