One regulatory requirement for many hedge funds is the annual audit. During this process, auditors will perform a holistic review of the firm’s accounting representations, internal controls/procedures, and financial statements in order to determine with reasonable assurance that the financial statements are free from material misstatement.
The audit process for a fund that handles cryptoassets is similar to that of a traditional hedge fund. However, there are some complications introduced by holding cryptoassets. While this should provide some insight, there are many nuances that should be considered.
Existence of Assets
An integral part of the audit is to ensure that balances of assets are reported correctly on the financial statements. The transparency of most blockchains makes verifying asset balances relatively easy since all you need to know is the wallet address. However, privacy focused assets like Monero introduce a new issue. Wallet balances and even transaction amounts are shielded in such a way that an observer cannot determine the balances in a wallet or even see if the wallet received a transaction. Given this level of privacy, Monero introduced the concept of having separate “spend” and “view” keys. This allows for a user to share the “view” key with a third party in order for them to observe the balance and transaction history of a wallet without giving the ability to make a transaction from that wallet. Even to auditors that specialize in crypto, these are new concepts, and best practices are still being determined.
Ownership of Assets
For traditional hedge funds, proving the ownership of assets is simple. The auditor would send a confirmation letter to the qualified custodian (e.g., Goldman Sachs) to confirm that they are holding the assets on behalf of the client. However in crypto, there are two notable issues. Cryptoasset custodians are a relatively new concept only coming to market recently, and there are only a handful of entrants which are still onboarding new assets. This leaves funds left to self-custody unsupported assets or not invest in them entirely (for those required to use a third party custodian). Self-custody causes an issue with auditing ownership because there’s no standard on how to prove ownership.
Auditors have proposed a few solutions. One method is to sign or send a small transaction to another address as specified by an auditor. This would serve to convince the auditors that the hedge fund controls the funds in the address. Another potential solution is to transfer balances to an exchange at year end so that the exchange can verify ownership. It’s worth noting that these options are not without operational and/or exchange risk.
Location of Assets
Another audit requirement is to categorize investments by geographic location. As cryptocurrencies themselves don’t have a domiciled location, it becomes a question of where to list these assets as being located. One solution is to list the locations where the assets are stored. For example, if an exchange was holding the asset, then it would be considered to be located in the country that the exchange is domiciled in. These standards are still being determined for the industry as a whole though. Note that storing cryptoassets on exchanges is not considered best security practices.
Industry Solutions for Auditing
On June 19, 2019, PWC announced details on its proprietary Halo suite of auditing tools. In an effort to combat the proof of ownership and existence of assets issues outlined above, the Halo solution can “provide independent, substantive evidence of the private key and public address pairing which is one of the pieces needed to establish ownership of cryptocurrency,” and, “securely interrogate the blockchain to independently and reliably gather corroborating information about blockchain transactions and balances.”
Unfortunately, this has only thus far been implemented on the “Bitcoin, Bitcoin Cash, Bitcoin Gold, Bitcoin Diamond, LiteCoin, Ethereum, ERC20 — OAX token, and Ripple (XRP)” blockchains. Ideally, as more adoption occurs and more demand for products like this arise, we will see more products developed that will make the audit of crypto funds more accessible.
Disclaimer: Jordan Palmer is Director of Operations at Scalar Capital Management, LLC, an investment manager focused on cryptographic and blockchain related assets. Scalar Capital holds or may invest in the assets or asset classes described in this article.