6 minute read 30 Jan. 2020
Cryptocurrency mining rig

How to audit the next generation of digital assets

By Jeanne Boillet

EY Global Assurance Innovation Leader

Innovation driver in audit services. Client-centric. Strong advocate for diversity and the advancement of women in business.

6 minute read 30 Jan. 2020

When auditors encounter digital assets, such as cryptocurrency in financial statements, do they audit them as cash, financial instruments or something else?

A new generation of digital assets is emerging that promise greater stability. Stablecoins, for instance, are often backed by traditional fiat currencies, or a blend of currencies and assets, which stabilize the value and increase the number of possible uses.

As digital assets become more prevalent in financial statements, the question for auditors to consider is how should they audit them? As cash? Financial instruments? Or something else entirely?  

To start, it is important to understand management’s responsibilities: how they should classify and account for digital assets within their financial statements. Once that is established, we can see more clearly how the auditor should undertake providing assurance on their fair presentation.

The question for auditors to consider is how to audit these assets as they become more prevalent in financial statements.

Management’s responsibilities

Digital assets have diverse terms and conditions and may be held for different purposes even within the same organization. Let’s use cryptocurrency as a topic given the wide use case. Generally, we are seeing the market treating cryptocurrencies as intangible assets to the extent that they are not inventories. In order to reach that conclusion, let’s consider why cryptocurrencies might not meet the definition of cash or financial instruments. 

  • Cash – the description of cash in International Financial Reporting Standards (IAS 32 Financial Instruments: Presentation) suggests that cash is expected to be used as a medium of exchange and as the monetary unit in pricing goods or services to such an extent that it would be the basis on which all transactions are measured and recognized in financial statements.  However, there are currently no cryptocurrencies that demonstrate the characteristics of cash.
  • Financial assets – IAS 32 defines a financial asset. In summary, a financial asset is any asset that is: (a) cash; (b) an equity instrument of another entity; (c) a contractual right to receive cash or another financial asset from another entity; (d) a contractual right to exchange financial assets or financial liabilities with another entity under particular conditions; or (e) a particular contract that will or may be settled in the entity’s own equity instruments. However, cryptocurrency is not cash, an equity instrument of another entity, nor a contract with a counterparty.  

After considering these facts, it leaves us with intangible assets, which give rise to future economic benefit, lack physical substance, are identifiable, controlled by the entity and are not in scope of other standards. Since cryptocurrencies are not tangible (they have no physical substance), they meet the definition under IAS 38; subject to the cost or, if applicable, revaluation model, which continuously compares the carrying amount of the digital asset against its fair value, on subsequent measurement.

The auditor’s responsibilities

The different accounting approaches may pose a challenge for auditors, so efforts are under way to establish consistency across global auditing practices. Accountancy bodies (such as the American Institute of Certified Public Accountants and the Center for Audit Quality) have launched working groups focused specifically on handling emerging technologies, including digital assets. While there are still obstacles to overcome before procedures and approaches are fully aligned, these are promising steps forward and, over time, we can hope to see gradual convergence. 

The auditor’s first responsibility is to evaluate the actual blockchain protocol that is used. At EY, for instance, the blockchain assurance team works to understand the nature of the digital assets and their underlying protocols, since this is critical to the auditor in assessing evidence from the blockchain. 

To add further complexity, the definition and assessment of risks can vary depending on the specific digital asset in question, or the way in which the client transacts. This means there can be a wide range of influences on the risk spectrum.

For instance, more mature digital assets typically have a higher number of interested parties (e.g., holders, developers, miners). Similarly, digital assets that are pegged to other economic claims (e.g., gold-backed cryptocurrency or the stablecoin propositions mentioned earlier) might present different risks than those without such intrinsic value such as utility tokens and native digital assets such as Bitcoin. Asset-backed tokens may even present additional complexity, since their smart contract functionality would have to be considered as well. The position of any particular digital asset on the risk spectrum depends on a number of factors. Is the blockchain widely used? Is it open source? How many developers use it?

Auditors also must consider whether transactions are manually initiated or executed automatically via a smart contract. If automatic, there are risks of unauthorized or incorrect transactions associated with software flaws, hacking and reliance on potentially inaccurate information provided to the blockchain by third-party data feed services (known as oracles).

These challenges are further complicated by the fact that it is more difficult for the auditor to verify the existence of digital assets than traditional assets.  

Regulators and standard setters

Most governments recognize that introducing regulations to help monitor digital assets will offer greater protection to investors and businesses, but consistent regulation across jurisdictions does not yet exist. Two examples illustrate how polarized approaches can be: Luxembourg has gone to some lengths to encourage the use of digital assets by introducing the first nationally licensed bitcoin exchange; in India, on the other hand, an inter-ministerial committee is proposing to criminalize dealing in private cryptocurrencies.

Similarly, while the International Accounting Standards Board has not put digital assets on its standard-setting agenda at this stage, it is, along with other standard setters, continuing to monitor the development of digital assets and their significance for the International Financial Reporting Standards.

New digital assets and their pace of change mean we must actively engage in developing new methodologies and tools, as we continue to apply the best analytical thinking and enhance effective and systematic examination.

An approach to auditing digital assets

Ultimately, an auditor’s responsibility for gathering evidence relevant to management’s assertions regarding the fair presentation of the financial statements remains the same, but the nature of procedures performed and evidence gathered differ greatly from traditional audits. 

As auditors, we must apply our expertise and work with all stakeholders to develop a comprehensive approach to accepting, designing and executing audits of digital assets. 

We play an essential role in maintaining confidence and trust in the capital markets. New digital assets and their pace of change mean we must actively engage in developing new methodologies and tools, as we continue to apply the best analytical thinking and enhance effective and systematic examination.

Summary

A new generation of digital assets is emerging, promising greater stability. As these digital assets are appearing more frequently in financial statements, the question for auditors to consider is, how are these assets audited?

About this article

By Jeanne Boillet

EY Global Assurance Innovation Leader

Innovation driver in audit services. Client-centric. Strong advocate for diversity and the advancement of women in business.