A group of people are working on a financial success plan on a table.
A person is typing on a laptop computer with a graph on the screen.
July 23, 2024

Accounting, Auditing and the Coming Wave of Crypto

Cryptocurrency is burrowing deeper and deeper into the U.S. and international banking and finance system, and that means auditors and accountants need to understand crypto and the technology underlying it. Or at least know how to find reputable and knowledgeable experts who do understand it.

 

One of the most important things to understand is that crypto is complex and that once you get past bitcoin and ether, there are several hundred tokens large enough to be called mainstream (and tens of thousands in all) and clients can use them in a wide variety of ways.

 

As an auditor, it’s vital to know who your client is and what they are doing with that token. Is it an investment? A holding? Is it used for payments? Is it a cost? It all depends on what your client is using it for. Beyond that, are they incorporating blockchain technology into their systems, and if so are they using public or private blockchains? The differences can be dramatic.

 

The first challenge of accounting and auditing crypto clients is knowing what you don’t know. It’s important to recognize the risk of overconfidence in deciding whether to accept a client that is using cryptocurrencies or blockchain technology in their operations

 

The FASB Chimes In

 

In December 2023, the Financial Accounting Standards Board (FASB) issued standards on Accounting for and Disclosure of Crypto Assets effective for all entities for fiscal years beginning after December 15, 2024. Crypto assets must be measured “at fair value each reporting period with changes in fair value recognized in net income.”

 

It also requires “disclosure about significant holdings, contractual sale restrictions, and changes during the reporting period.”

 

The key difficulty for auditors and accountants is going to be establishing that fair value, as the price of crypto assets can and generally does shift wildly — even relatively stable bitcoin regularly fluctuates as much as 5% to 10% on a weekly, and sometimes daily, basis.

 

Most of these tokens are not going to be Level 1 on the hierarchy of fair value. A lot of the activity for these types of tokens is probably going to be Level 2 or Level 3. You have to get experts to come in and help you.

 

While the top exchanges and crypto asset price-tracking websites can offer solid numbers, even they tend to differ somewhat. But you’ll need to look at several of the most advantageous markets to get an idea of where the range is.

 

Which leads to a second big difficulty: There are many exchanges with shaky if not shady numbers, due to factors ranging from widespread wash trading to flat out fake volume, to say nothing of other forms of market manipulation.

 

Challenges of Auditing Crypto

 

At the highest level, blockchain technology isn’t that difficult to grasp, but crypto gets staggeringly complex fairly quickly. You can’t do it alone.

 

One challenge is that auditors and accountants with experience and expertise in the field are in high demand. Finding those experts takes work, so obtaining expert training and education for auditing staff is a top priority. It’s important to realize that many of the experts have not gravitated towards the larger public accounting firms. A number of small and mid-sized firms have built niches in the field.

 

Look for accountants and auditors who are already dealing with actual transactions and clients, and even those involved with industry organizations or in the policymaking that’s going on in the U.S. and EU.

 

A second challenge is that the rules are not all that clear. In the U.S., the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) are attempting to regulate crypto under existing law while Congress works on crypto-specific bills. Regulation by litigation remains a common industry complaint. The EU is ahead, with the European Securities and Market Authority’s (ESMA) just now implementing the Markets in Crypto Assets (MiCA) regulations that came into effect on June 30.

 

A third challenge is understanding what the client is doing. What types of crypto they are using and how are they using it? Are they working with public or private blockchains? Are they holding crypto or using it for transactions? What type of internal controls do they have? How are they safeguarding the private keys that control their tokens—which are, after all, bearer instruments?

 

There are other complexities. The pseudo-anonymity of blockchain users can cloud the identity of developers and investors, including perfectly respectable ones. Which doesn’t help in a field in which criminal involvement with crypto remains a substantial problem, as does theft by hackers.

 

In conclusion, it’s worth noting that plenty of companies inside the blockchain and crypto industry itself say they have trouble finding auditors and accountants with the necessary expertise. Becoming one of those experts requires investing time and money in education about a field in which the rules are still being written and the technology keeps growing. But if you are able to accept those clients, it’s a wide open field.


Collemi Consulting leverages almost three decades of experience in providing trusted technical accounting and auditing expertise when you need it the most. Salvatore A. Collemi, CPA, Managing Member & Founder, is regarded as an industry leader and subject matter expert by various organizations and media outlets. To schedule an appointment to see how we might work together, contact us at (732) 792-6101.


The Different Types of Cryptocurrencies:

 

●     Payment tokens like bitcoin (BTC) have an arbitrary and fluctuating value, but are intended to be used for payments. Although the number of merchants accepting crypto directly is small, payments firms like Mastercard, PayPal, Square and Stripe all have the infrastructure to support it.

●     Stablecoins like No. 1 tether (USDT) and No. 2 USD coin (USDC) are, developers say, backed one-to-one by dollars and cash equivalents securities like Treasury Bonds. These tokens are at the core of most crypto transactions: They are used for buying and selling most of the 22,000 or so cryptocurrencies, parking funds intended for crypto investment, and as a payment token. (Complex and dangerous algorithmic stablecoins are unbacked — a whole different beast.)

●     Utility tokens like the No. 2 blockchain Etherium’s ether (ETH) have a use, like paying for a transaction, accessing a service, or voting on the governance of a blockchain. They are generally capable of using self-executing smart contracts.

●     Security tokens account for almost all cryptocurrencies except bitcoin and ether according to the SEC, which deems almost all to be securities. Industry lawsuits disagree.

●     Nationally issued Central Bank Digital Currencies (CBDC) are being at least studied by more than 100 central banks, including all of the major ones, the Bank for International Settlements (BIS) said in June. CBDCs are gaining ground in part as a way to stave off the potential for widespread use of privately issued stablecoins by consumers.

●     Memecoins are jokes turned into value, with Elon Musk-favored Dogecoin’s market cap of nearly $18 billion based on a Shiba Inu dog gag gone viral.

●     NFTs are non-fungible tokens that don’t meet the FASB’s definition of a crypto asset, generally hosting art, video or other unique content. That said, they can also be loaded with securities and with fractional ownership shares — real-world art and real estate have been tried, but without much traction so far.

Testing of Non-Standard Journal Entries to Identify Questionable Transactions

By Jennifer Ruf March 24, 2025
As audit season is in high gear, it’s important for auditors to step back and plan how they are going to audit a client’s books and records. What are the red flags you’re looking for when it comes time to throw open the books and look through a huge swath of journal entries to pluck out the ones that are questionable, and need to be questioned? First off, it’s important to understand how journal entries are created at the company being audited. For an auditor, that means looking at the internal control environment to understand how a journal entry is created: Who’s authorized to create one and who can create one. You have to understand the process. How does it start and how is the entry eventually recorded onto the financial reporting system? Once you know that, you can determine whether someone can come in and override the system, or if someone can pretend to be someone else and start recording journal entries onto the system. That will help you figure out what to look for to decide what entries to pull out and ask management to get back up information to support and validate those entries. Finding the needle The key here is not to just go through the mechanics, but to really go through the exercise so you can determine if management is playing games in the recording of those transactions. You have to be able to get comfortable with that, and that means you need to be able to document what you’re looking for. Because what the auditor is really doing is looking for a “needle in the haystack”, to identify the transactions that don’t look right, that don’t make sense in the ordinary course of business. For example, if the business is not open on weekends, are transactions being posted on a Saturday or Sunday, or even on holidays? If you see rounded numbers or accounts that are seldom used, those can be red flags as well. Sometimes it can be as simple as asking managers and others like accounting, data entry and IT personnel if they’ve observed any unusual accounting entries. Depending on the size of the company and scope of the work, you might need to use computerized audit software program — some of them with AI built in — that can scan the entries to identify anomalies. Red flags When an auditor is looking for evidence of management override of controls, they can look for some of these 12 red flags indicators: ● Top-side entries ● Entries made to unrelated, unusual or seldom-used accounts ● Entries made by individuals who typically don't make entries. ● Entries recorded at the end of the period ● Post-closing entries with no explanations ● Entries made before or during the preparation of financial statements with no account numbers ● Entries that contain rounded numbers or a consistent ending number ● Entries processed outside the normal course of business ● Accounts that contain transactions that are complex or unusual in nature ● Accounts that contain significant estimates and period-end adjustments ● Accounts that have been prone to errors in the past ● Accounts that contain intercompany transactions When testing non-standard journal entries and other adjustments, you should look for documentary evidence indicating that they were properly supported and approved by management. Finally, remember that while most fraudulent entries are made at the end of a reporting period, you shouldn't ignore the rest of the year  Collemi Consulting leverages nearly three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101.

It’s Time For Year-End Audits

December 20, 2024
Are you prepared?
A woman's hands holding a microphone

Shake It Off

December 9, 2024
Conquer your fear of public speaking and present like a pro
Man with hand by his ear straining to listen.

Hear, Hear!

December 4, 2024
Boost your business by becoming adept at active listening.
More Posts
Share by: