Blockchain has entered the mainstream, drawing the attention of investors, policymakers and public companies. Despite its recent popularity, it didn’t appear overnight. In fact, blockchain emerged over a decade ago in 2008 to support the genesis of Bitcoin, but its uses have multiplied since then. Now, blockchain can be used to record many different types of transactions or contracts on permanent ledgers hosted, often, on transparent databases. It also now underpins a range of digital assets including cryptocurrency, stablecoins and non-fungible tokens (NFTs).

Harvard Business Review suggests that the “true blockchain-led transformation of business and government…is still many years away.” But that hasn’t stopped public companies from incorporating blockchain and digital assets into their corporate strategy.

Taylor Harris, Professional Practice Fellow at the Center for Audit Quality (CAQ), says that “the use of blockchain-supported digital assets is increasing.” And from a governance perspective he states that “companies and their audit committees must understand how they engage with digital assets and the related financial reporting and oversight responsibilities - including navigating a rapidly-developing regulatory environment.”

But doing so isn’t necessarily simple, especially because a company’s engagement with blockchain and digital assets doesn’t just have an impact on corporate reporting. “Digital assets are technically intricate and developing rapidly,” says Harris, “and they affect far more than just financial reporting requirements.” Harris explains that digital assets “touch your broader company strategy and test your cybersecurity defenses.”

While the actual day-to-day function of digital assets and the blockchain may seem granular and transactional, their nature, complexity, uses and consequences for financial reporting means that business leaders must pay attention.

“I’d say that if your company is engaging with digital assets in any way, there are four really important steps that management and the Board should take in order to evaluate and mitigate risk,” says Harris.

“First, you need to make sure you understand your company’s objective for using digital assets. Second, you need to evaluate regulatory considerations - and how they may change. Third, you need to make sure you have your internal controls and reporting bases covered, including discussions with your audit committee and your external auditor. And finally, you need access to expertise to deliver the considerable security these assets demand.”

Questions to consider when starting your digital assets journey

What’s your primary objective?

This is probably the most important of the four steps as it drives decision-making and risk evaluation down the line. It’s essential that CFOs and management determine the objective for uses of digital assets to understand if the strategy being employed will lead to the right outcome or raise additional questions. For example: are they investing in bitcoin to diversify their portfolio or hedge against inflation? Are they prepared for the financial reporting outcomes that accompany investments in crypto assets (e.g., generally intangible asset accounting under existing guidance)? Have they considered the tax, legal and regulatory requirements and how those may change in this emerging area? Without this prior consideration and deep dive into the details, handling the sheer complexity of digital assets in relation to reporting can quickly get out of hand.

Questions for business leaders to consider

1. What does the regulatory landscape look like?

At the moment, companies are operating under the existing regulatory framework and are accounting for digital assets using existing accounting rules. But that’s changing. “CFOs need to be aware that there could be changes to regulation and standard setting on the horizon that may impact how they engage with digital assets. Keeping an eye out globally is important too,” says Harris. In the US, Congress and regulators like the SEC are paying close attention to digital assets. For example, the 118th Congress alone has introduced fifty bills and resolutions concerning the crypto landscape and the Department of Labor has expressed concern about whether cryptocurrencies are appropriate for pension plans and 401ks. And that’s just a small view of what’s coming down the pike.

“We would expect a primary focus of regulators will be consumer and investor protection,” says Harris.

2. What should the audit committee be doing?

Audit committees and auditors have a common goal: delivering audit quality that builds trust and confidence in the capital markets. Both take a lead role in overseeing the company’s involvement with digital assets.

First, says Harris “the audit committee needs to bring in the CTO, CISO, CFO and other experts to get educated about digital assets and understand how they are being used in and by the company. Second, they should engage with their external auditor to check that the company has the expertise, resources and controls to oversee and report on the company’s use of digital assets. They might also ask their auditor about current market dynamics and how they view the regulatory landscape.

3. What are some of the risks?

It’s important for management and the audit committee to make sure that they are fully engaged on one further front: cybersecurity. Since digital assets are encoded with private keys using cryptography and often stored in digital wallets, they face cybersecurity risks. Losing a private key means losing the related assets. “Blockchains can be targets for bad actors,” says Harris, “and with the number of third parties, exchanges and platforms involved, opportunities arise for those bad actors. It’s essential that management has the proper processes and controls in place to handle cybersecurity risks and perform due diligence in all aspects of its digital assets engagement.” This includes engaging with experts and, to a certain extent, reporting transparently on security to reassure investors and the wider market.

The market for digital assets continues to evolve and rapidly. It’s imperative that CFOs, management and the Board - especially the audit committee - are educated and engaged on the topic so that they can be prepared to meet the latest risks and opportunities that blockchain and digital assets can bring.

The CAQ helps auditors and audit committees perform their roles better. They’ve published a resource ‘Jumpstart Your Digital Assets Journey, A Resource for Audit Committee Members’, that includes more information to boost your understanding of the blockchain and digital assets landscape.