The audit profession is eyeing blockchain.
With capital markets and investors constantly demanding more information about businesses, it’s no surprise that the audit profession is looking at blockchain with interest. It could fundamentally change the nature of auditing by revolutionizing supply chains, payments and revenue streams through the way it documents and reconciles complex and disparate information from multiple sources.
This means that every transaction could be shared among trusted parties and verified, providing greater transparency, confidence and trust, while also increasing efficiency, as the blockchain is regarded as a “central point of truth.” And, through its almost continuous real-time reporting to management, it could provide access to quality data that current systems are unable to deliver.
Of course, these shifts are not going to happen overnight. Implementing blockchain will require significant investment in systems and processes to meet its aim of creating a more secure, transparent and efficient system, therefore removing the need for the time-consuming financial checks of today.
Here are some of the key foundations that would need to be in place before the technology can meet business needs, as well as some ways to respond to the questions that arise with blockchain adoption:
1. System confidence: Blockchain is a decentralized ledger managed by a network of users. Each user is identified by a unique digital signature and all transactions must be approved by a set of consensus rules before the block can be added to the chain; this is one reason why it is seen as so secure and reliable. However, one area of weakness is the digital signatures themselves, due to the possibility that these could become compromised, lost or stolen. To overcome this issue, auditors would need the means to check digital signatures and counterparties to verify their existence, giving them confidence regarding the completeness, existence and accuracy of the entire network.
2. Audit strategies: There would also be a need to design appropriate audit strategies for complex systems, with auditors making decisions about what level of audit is required, how data should be captured and the type of audit analytics needed. With new demand for assurance, blockchain could also change the nature of auditing, reducing the auditor’s role in checking and validating account transactions and instead moving them further up the value chain. Because of the ease of transfer of information, and the automated tracking of every transaction, blockchain can simplify and partially automate elements of accounting and compliance, making it easier to do business with new global customers and enabling elements of the audit process to be completed with even greater accuracy. Auditors will therefore be able to focus attention on non-automated elements of the audit.
3. Financial accounting, reporting and legal standards: As with many new technologies, regulators are still considering their approach to blockchain. Recently, the Japanese Government announced that any bitcoin or other type of alternative money exchange or transfer that wants to operate in the country must be under the supervision of the Japanese Financial Services Agency and be submitted to annual audits. Yet, most current regulatory and legal frameworks don’t take into account the use of blockchain. This would be vital to address before it could be implemented in auditing. The industry would have to work closely with regulators to either develop solutions that conform to the current frameworks or alter them to align with the new ways of working.
4. Cyber and software auditing: No technology is completely secure and blockchain platforms will have their weaknesses, just like any other. Auditors will need to be sure that transactions are protected, with the necessary security and encryptions in place and kept up-to-date. This could be done through cyber and software auditing, while real-time systems would highlight and investigate anomalies and unusual transaction patterns as they emerge. Similarly, the integrity of IT systems, applications and controls would need to be verified through governance and risk assessment, while third-party providers would also have to be thoroughly vetted and audited to help ensure they are trusted and compliant.
Blockchain has quickly gained traction with its potential to revolutionize how business is conducted across a range of industries. Its central premise of putting data integrity at its heart is currently transforming our thinking on how we adapt the technology into current and possible new processes. The foundations need to be set for blockchain. By taking the necessary steps to lay the right foundation for audit, blockchain could bring about a more efficient and secure way of doing business than ever before.