© Leonid Sukala / iStock / Getty Images Plus
Once a new frontier maintained by a small group of early adopters, the increased public acceptance of digital assets – cryptocurrencies such as Bitcoin – and non-fungible tokens (NFTs), has spurred the variety of offerings and encouraged business interest in investments. Many companies are actively considering investing in digital assets. Before doing so, they should carefully assess their corporate governance, digital asset accounting, and whether they have the right internal controls.
Companies should have a clear investment strategy in place to guide all cryptocurrency activity before making any transactions. This strategy should be based on a clear understanding of the purpose of a company’s investment, taking into account:
- what assets and amounts is the company allowed to transact in, based on the company’s risk appetite;
- how the company will transact in digital assets (for example, on the stock exchange or over-the-counter, using market makers);
- how the business will own / keep digital assets (e.g. self-custody or with a third-party custodian);
- how to use information from third party providers; and
- what approvals are needed.
Know how you will account for digital assets
Since there are no generally accepted accounting principles (GAAP) in the United States specific to digital assets, a company that invests in digital assets may end up applying accounting guidelines that were not written in mind. digital assets.
Many popular digital assets, including Bitcoin, Bitcoin Cash, Litecoin, and Ethereum, do not inherently confer any contractual rights to money or other assets on the holder. Unlike investment firms or brokers who qualify for specialist accounting, operating companies that transact for the first time must apply other standards to account for investments in digital assets. Cryptocurrencies such as Bitcoin would generally be counted as indefinite-lived intangible assets under US GAAP.
Often, rather than taking direct responsibility for securing the private keys associated with digital assets, companies can involve a third party, such as an exchange or custodian. Interests with third parties require an additional level of analysis to understand whether a business owns the digital assets (and they are simply kept by the third party on behalf of the business) or whether the business has a contractual claim instead. or other third party right that relates to the value of a digital asset but does not represent current ownership of the digital asset itself. This analysis should involve an assessment of the contractual agreement (s) between the company and the third party, as well as the relevant laws, regulations and legal precedents. The form of the interest can affect the accounting.
Put the right internal controls in place
It is also essential to have the right internal controls in place. Because controls can be difficult to implement once transactions begin, companies considering exposure to digital assets should establish policies and governance regarding:
- transaction authorization (eg bank transfers to fund accounts, purchases, sales, transfers on deposit);
- segregation of duties;
- tracking amounts on the blockchain;
- valuation and impairment testing;
- reconcile approvals, cash flows, and digital asset purchases / sales, as well as custodian balances, blockchain balances, and general ledger balances.
Companies can consider:
- whether existing controls for treasury functions are sufficient for wire transfers for digital asset transactions; and
- which may allow different stages of transactions, as companies may wish to avoid scenarios where people who can unilaterally approve wire transfers also complete transactions and create a wallet for asset storage.
Other considerations include assessing whether IT applications are developed in-house and customized or provided by third parties, how and who should have access to the applications, and how IT system controls integrate and work with level controls. stock exchange or depositary.
Companies also often decide that they are not carrying out a conservation activity and hire third parties as custodians. When evaluating custodians, the company should establish controls that examine and test:
- If the service organization has a SOC I – Type II attestation report;
- Whether the report addresses relevant control objectives, including the creation and management of private keys; and
- End user controls and how they work with service organization controls.
In addition, companies must establish a validation process to ensure that all transactions fall within the types of transactions permitted under their investment policy.
The changing landscape brings risks … and opportunities
Accounting standard setters face calls to create digital asset reporting standards, and the industry continues to evolve rapidly. There is an emerging consensus that increasing the use of fair value accounting for digital assets would provide more useful information to investors, as evidenced by numerous responses to the FASB report. request for comment to his future agenda.
At the same time, the decision to make a significant investment in digital assets may be of greater interest to external stakeholders, including investors and regulators. In this context, companies that are adopting a policy of investing in digital assets for the first time should be prepared to transact thoughtfully. A strong foundation in governance, accounting and internal controls will result in a smoother process and help businesses manage, account for and control the risks and rewards of digital assets.
Robert Sledge is a KPMG audit partner.