BPM
Search

New PCAOB Crypto Audit Recommendations

What Are They and What Do They Mean for Digital Assets Issuers? 08.03.20

bitcoinAlthough cryptocurrencies have been around since 2009 — and blockchain even longer than that — it is not until recently that issuers of cryptocurrencies have begun recording crypto assets on their financial statements. It is this trend that may have prompted the Public Company Accounting Oversight Board, or PCAOB, the nonprofit corporation overseeing audits of public companies, to release last month its recommendations for auditors of issuers transacting in or holding crypto assets in a publication entitled “Audits Involving Cryptoassets: Information for Auditors and Audit Committees.”

The PCAOB says its inspectors have observed a need for auditors to focus more on identifying and assessing material misstatements by companies regarding the value of their crypto asset holdings, as well as the planning and performing of an appropriate response to these misstatements. Misidentifying the nature or degree of risk that a company has made material misstatements on its financial statements could cause investors or anyone else relying on those statements to make insufficiently informed decisions. An audit firm that fails to catch serious error or fraud may take a hit to its reputation, and may even be legally liable.

Crypto Assets Issuers Only

The PCAOB is careful to note that its recommendations only apply to auditors of issuers of crypto assets. Crypto asset issuers may engage in a wide range of transactions activities, from cryptocurrency mining to exchanging cryptocurrencies for other currencies (be that crypto or fiat) to providing crypto trading services to third parties.

PCAOB Recommendations for Auditors and Audit Committees

The board’s recommendations consist of a number of questions and considerations that auditors and audit committees should ask and be aware of.

First, the publication reminds auditors of their responsibilities under PCAOB standards:

  • The audit firm is responsible for establishing “policies and procedures for deciding whether to accept or continue a client relationship and whether to perform a specific engagement for that client.” Those policies and procedures should ensure that the firm only takes on engagements it can reasonably expect to complete and that it fully understands the risks of taking on audits of cryptocurrency issuers, where the anonymous nature of cryptocurrencies can make it difficult to identify when a transaction involves fraud or some other illegal act.
  • When planning an audit engagement, the audit firm should determine if specialized skill or knowledge will be required. Examples of specialized knowledge might include experience with cryptography, digital ledger technology and other technical topics, or deep understanding of the legal and regulatory environment surrounding cryptocurrencies.
  • Finally, the publication offers considerations for identifying and assessing the risk of material misstatement. Some considerations particular to audits of crypto assets issuers include whether the crypto assets are stored in the issuer’s own digital wallet or by a third party; where customer transactions are recorded (are they recorded outside the blockchain, as well as inside?); the degree to which the anonymity of cryptocurrency transactions may expose the issuer to risk of non-compliance with know your customer (KYC) or anti-money laundering (AML) guidance or regulations; and how much control the issuer has over its financial reporting (do important internal controls reside with a third-party? Does a service auditor’s report address these controls?).

The publication also contains information for members of audit committees, the groups which select and oversee auditors for crypto asset issuers. The PCAOB recommends that audit committees consider asking a number of questions, including those related to the auditor’s experience with crypto assets, including their understanding of the technology itself as well as the legal and regulatory framework; the use of specialized technology-based tools to assist in analyzing risk of material misstatement; the auditor’s controls for ensuring independence (e.g., monitoring which audit staff invest in crypto assets); and the auditor’s policies and procedures that provide an understanding of the risk of performing audits of businesses in the crypto space.

From Global Tax Structuring to Cybersecurity Assessments and Pen-Testing to Preparing Your Business for Crypto Audits, BPM Does It All

As an experienced financial statements auditor of companies across the digital assets sector, BPM knows how important these audits are to your business. Because of our depth and breadth of working with crypto companies, BPM can associate with PCAOB’s recommendations in every respect.

A founding member of the Accounting Blockchain Coalition, BPM’s roots in crypto run deep. Established in 2014, BPM’s Cryptocurrency and Digital Assets practice was one the first practices dedicated to serving the diverse accounting and consulting needs of businesses in this budding space.

Serving businesses across the spectrum of digital assets and related services providers, including but not limited to investment funds, cryptocurrency issuers, miners, custodians and exchange providers, BPM applies a holistic approach to ensuring that your business complies with all relevant legal and regulatory obligations. In this way, BPM can serve as a one-stop shop for all your business’s crypto accounting, compliance, audit, tax, IT, risk management needs, and more.

Contact us today to find out how BPM can help your cryptocurrency or digital assets business stay compliant and achieve success today.