The Center for Audit Quality has released Jumpstart Your Digital Assets Journey: A Tool for Audit Committees (Jumpstart). This publication is intended to aid audit committees by providing an overview of the digital assets landscape and by suggesting questions audit committees can ask to better understand management’s digital asset strategy and to oversee the related risks. The paper has five sections:
Digital assets and blockchain. This section contains a brief, high-level description of the blockchain and defines digital assets as “an umbrella term for a spectrum of assets that leverage blockchain technology, including crypto assets, stablecoins, and nonfungible tokens (NFTs), among others.” It states that crypto assets, or cryptocurrency, are a type of digital asset that function as a medium of exchange and that are not issued by a jurisdictional authority, do not give rise to a contract between the holder and another party, and are not considered a security under the federal securities laws.
Why digital assets? Jumpstart states that digital assets can have a wide variety of uses, “ranging from serving as a medium of exchange (e.g., crypto assets) to representing rights to use a product or service or to obtain an asset (e.g., NFTs, a utility token, or an asset token).” The paper discusses company use of crypto assets as a form of payment, as an investment, and as a means of digitally representing something of value, whether physical or intangible (i.e., tokenization).
Digital assets and risk. The CAQ notes that, given the inherent complexities associated with digital assets and blockchain technology, many types of risks can arise. Jumpstart discusses several of the more common risks: Safeguarding private keys and custody; cybersecurity; application of anti-money laundering and know your customer requirements; accounting treatment of digital assets; valuation of digital assets; and the uncertain digital asset regulatory environment.
Digital assets in the financial reporting ecosystem. This section discusses various accounting, reporting and risk issues that arise in connection with the use of digital assets. These include accounting treatment of crypto assets; accounting, operational, and financial risks associated with making and accepting payments in crypto assets; stablecoins and central bank digital currencies; and accounting implications of the issuance and sale of NFTs. This section also touches on the audit implications of digital assets, particularly those resulting from the involvement of third parties, such as custodians or exchanges.
Digital assets: Regulation and standard setting. Jumpstart notes the evolving legislative and regulatory environment for digital assets. This environment includes the enforcement activities of the SEC, CFTC, and other regulatory bodies which have targeted such things as unregistered securities offerings, failures to register trading platforms, AML violations, misrepresentations related to coin offerings, and other matters involving digital assets. The CAQ also states that the number of critical audit matters (CAMs) described in audit reports related to digital assets is increasing. There were 21 digital asset CAMs in fiscal year 2021 SEC filings, up from 18 the prior year. Fourteen of the 2021 digital asset CAMs related to challenges around auditing revenue from contracts with customers.
Jumpstart includes suggested questions for audit committees to pose to management or the auditor concerning the company’s use of digital assets and its financial reporting. An appendix to the paper presents these suggested audit committee questions arranged by topic area.
Comment: Jumpstart concludes with this observation: “As the digital assets landscape continues to develop, the related risks will evolve, and audit committee oversight will be at the forefront. An understanding of digital assets, an awareness of the risks they present to financial reporting and inquiring with management and the auditor are essential tools for audit committees to discharge their responsibilities.” Audit committees of companies that are involved with digital assets may find this publication a useful primer as they seek to increase their understanding of the risks inherent in this novel and evolving field. The suggested questions for management and for auditors could also serve as a good starting point for dialogue on these risks.