All your suggestions cause us to need to audit not only T3 but also T1 and T2. This greatly adds to the complexity.
This could not happen to just any T1 LP because no other T1 LP is motivated by the T3 reward other than the T3 custodian. If a T3 custodian sells to an independent T1 custodian, that T1 custodian has no reason at all not to put up the funds and get the T1 pool rewards. If the T3 custodian sells to a colluding T1 custodian, that T1 custodian has every incentive to fool the shareholders into thinking the T3 custodian did their job, then walking away and splitting the money with them.
We could also think of ways to fully audit T1 custodians, but it would require some heavy use of API keys on the part of the pool operator to try to identify their individual providers. I’d really rather just do the simple T3 audit (everything on the blockchain) and provide the custodian with a whitelist.