The Public Company Accounting Oversight Board is seeing risks from the use of cryptocurrency assets and wants auditors to keep an eye out for them.
The PCAOB issued a staff report Wednesday warning that the use of crypto assets poses unique audit risks to public companies and broker-dealers and requires an appropriate risk assessment and audit response by audit firms.
PCAOB inspectors have been scrutinizing audits since 2017 of public companies where transactions or holdings associated with crypto assets were material to the financial statements. In its 2023 inspections, the PCAOB is continuing to look more closely at the risks related to material digital assets.
“Activities associated with crypto assets may involve heightened risks to investors, public companies and broker-dealers, including (but not limited to) high levels of volatility, lack of transparency of parties engaging in transactions and the purpose of such transactions, market manipulation, fraud, theft, scams and significant legal uncertainties,” said the report.
PCAOB inspections have spotted some common audit deficiencies related to crypto assets in the auditor’s procedures for the following areas: fraud and significant unusual transactions; ownership of crypto assets; relevance and reliability of information used as audit evidence; revenue recognition in crypto asset transfer; and arrangements with mining pool operators
Along with inspection observations, the staff report describes good practices that some audit firms have implemented and that may enhance audit quality. They good include:
Consultations: Engagement teams at some firms are encouraged to consult with the members of the firm’s professional practice group and/or subject-matter specialists related to crypto assets.
Subject-matter specialists: Certain firms have established centralized groups related to distributed ledger technology (e.g., cryptography, blockchain technology).
Technology-based tools: To support public company audits involving crypto assets, some firms have developed proprietary, technology-based tools.
The report includes some reminders for auditors about their responsibilities when it comes to client acceptance and retention evaluation, IT infrastructure, consideration of fraud, and critical audit matters.
Last week, the Securities and Exchange Commission announced charges against two prominent crypto exchanges, Coinbase and Binance.