Baker Tilly Isle of Man
Close
btiom-insight-banner-19
Insights

Blockchain and cryptocurrency auditing: What Isle of Man businesses should consider

Oct 1, 2024
Insight
Corporate services
Fintech digital services

Blockchain technology and cryptocurrencies have gained significant traction in recent years, leading to a surge in businesses adopting digital currencies for various purposes. As businesses in the Isle of Man increasingly engage with these assets, the need for effective auditing of blockchain and cryptocurrency transactions has become paramount. Auditing these assets, however, poses unique challenges due to their decentralised nature, rapid evolution, and a complex regulatory landscape.

Understanding the basics: Blockchain and cryptocurrencies

Blockchain is a decentralised ledger technology that records transactions in a secure and transparent manner. Each transaction is grouped into a block, linked to the previous block, and added to the chain, ensuring the integrity of the data. Cryptocurrencies, such as Bitcoin and Ethereum, operate on blockchain technology and are digital assets used for financial transactions, among other applications.

For businesses, the interaction with cryptocurrencies can vary widely. Some may hold and trade cryptocurrencies, while others may offer services like cryptocurrency exchanges or custodian services. Each type of interaction brings distinct auditing challenges and requires tailored approaches.

btiom-insight-content-image-1

Ethical and professional considerations

Auditors face significant ethical challenges when auditing cryptocurrencies, particularly given the relative novelty of the field. Given the complexity of blockchain technology, auditors need to ensure they possess sufficient knowledge and expertise in cryptocurrency accounting and blockchain operations before undertaking an audit.

In addition, businesses must be mindful of potential conflicts of interest. For instance, if an audit firm provides both financial statement audits and non-audit services such as cryptocurrency valuation, this could create a self-review threat.

Key audit risks in cryptocurrency

Cryptocurrency auditing is rife with risks that require careful consideration by businesses and auditors alike. These risks include:

  1. Valuation risks: Cryptocurrencies are notoriously volatile, and their valuation can fluctuate dramatically. Auditors must assess whether the entity’s method for valuing cryptocurrencies is appropriate and consistent with accounting standards. Furthermore, businesses should ensure they are using reliable data sources for pricing cryptocurrencies, especially when traded on multiple exchanges that may show inconsistent prices.
  2. Ownership and control: Demonstrating ownership and control over cryptocurrency holdings is particularly challenging. Blockchain’s pseudo-anonymity can obscure the identities of counterparties, making it difficult to verify ownership of wallets and the corresponding assets. Auditors must gather sufficient evidence, such as verifying private keys and public addresses, to ensure the entity has legitimate ownership.
  3. Accuracy of data: Blockchain’s decentralised nature means that data used in financial reporting can be sourced from multiple nodes and block explorers. This raises the risk of inaccurate or incomplete data being used for accounting purposes. Businesses must ensure they have robust IT systems and internal controls in place to validate the accuracy of blockchain data.
  4. Safeguarding assets: Cryptocurrencies are highly susceptible to theft due to the reliance on private keys for accessing funds. Businesses need to implement strict security measures, such as multi-signature wallets and encryption, to safeguard their assets. Auditors should review the security protocols surrounding private key management to assess the effectiveness of controls.

Risk assessment for cryptocurrency audits

To mitigate the risks associated with cryptocurrency audits, businesses must conduct thorough risk assessments. This involves understanding the entity’s interaction with cryptocurrencies, including the type of digital assets held, the custody arrangements, and the controls in place for transacting on the blockchain. Auditors must inquire about the entity’s risk management policies, procedures, and due diligence processes to assess how well these align with applicable regulations.

Key questions to ask during risk assessments include:

  • What is the entity’s motivation for holding and transacting in cryptocurrencies?
  • What controls are in place for safeguarding digital assets?
  • How does the entity record cryptocurrency transactions in its financial statements?
  • Are the entity’s custodians subject to regular audits and compliance checks?

Auditing cryptocurrency transactions

Cryptocurrency transactions, by their very nature, can occur at any time, often outside normal business hours. As a result, auditors need to pay close attention to cut-off dates and ensure that transactions are recorded accurately in the correct reporting periods. One challenge auditors face is verifying the completeness and accuracy of blockchain transactions. This can be done by reviewing the entity’s methodology for extracting blockchain data and ensuring that it aligns with International Standards.

Another key area of focus is related-party transactions, which are often harder to detect due to the anonymous or pseudo-anonymous nature of cryptocurrency transactions.

Valuation methodologies and fair value accounting

Cryptocurrencies can be accounted for in various ways, depending on the applicable financial reporting framework. Cryptocurrencies may be classified as intangible assets, inventory, or financial instruments, each with its own measurement basis.

For cryptocurrencies that are traded on multiple exchanges, businesses must ensure they are applying a consistent approach to valuation, while auditors may need to perform independent verification of market prices to address potential discrepancies.

btiom-insight-content-image-2

Third-party custody and service providers

Many Isle of Man businesses may choose to hold their cryptocurrencies with third-party custodians. In such cases, the business remains responsible for ensuring the custodian has appropriate controls in place.

Furthermore, businesses should monitor the compliance of their third-party custodians with relevant regulatory requirements, particularly concerning AML and KYC standards. Custodians operating outside of traditional financial services frameworks may pose additional risks due to immature compliance systems or lack of regulatory oversight.

The future of blockchain and cryptocurrency auditing

As blockchain and cryptocurrency technology continues to evolve, so too must the approaches to auditing these assets. For Isle of Man businesses, staying ahead of the curve means not only implementing robust internal controls but also engaging with audit firms that possess the necessary expertise to navigate this complex landscape. With increasing regulatory scrutiny and the ever-present risk of cyberattacks, businesses need to ensure they are adopting best practices in cryptocurrency accounting and auditing to protect their assets and remain compliant with international standards.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

If you have any questions about our digital services
Photo of Rob Kirkham FCA
Rob Kirkham FCA
Principal (LLC) & Director
View profile
Photo of Oscar Brown FCCA
Oscar Brown FCCA
Principal (LLC) & Director
View profile

Related content

Insight Business advisory
How ESG reporting is evolving and its impact on accountants
Mar 23, 2025
Insight Business advisory Tax services
10 reasons to outsource your accounting: A strategic move for success
Aug 30, 2024
Insight Corporate services Marine services
Navigating the world of corporate yacht ownership: What it is and when to use it
Aug 5, 2024
Insight Corporate services Sub-Saharan services
The Isle of Man advantage: Tax efficiency and asset protection for South Africans
Jul 1, 2024
Insight Trusts and foundations Corporate services
How can a trust or foundation help preserve wealth across future generations?
May 30, 2024
Insight Business advisory
Guide to evaluating your business’s financial performance
Apr 23, 2024
Insight Business advisory Tax services
Navigating the 5 stages of tax panic: A guide to finding your way
Mar 27, 2024
Insight Audit and assurance Business advisory
Empowering clients: A comprehensive guide to audit preparation
Feb 28, 2024
Insight Trusts and foundations Corporate services
Using an Isle of Man Foundation for Succession Planning: A Sharia-Compliant Approach
Oct 9, 2023
Stay informed
We’re committed to keeping our clients updated with all the latest news and insights.
Subscribe