![Sample our Computer Science journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5928/TOC-Subject-Sample-2021-Computer-Science.jpg"})
Abstract
This article explores issues related to auditing Blockchain ledgers (BC) or Distributed Ledgers (DL). These are very new technologies and audits thereof are in the infancy stage. While auditing BC/DL networks in the future is still being studied, we believe this paper will provide food for thought and discussion. That said, we also believe that due to the structure of these new technologies audit approaches are sure to include the use of continuous controls/analytics and continuous monitoring. We discuss BC attributes that have resulted in assumptions that the BC is self-auditing. While in some respects they are, there are significant new risks on blockchains which require new controls and audit programs. New control features in a BC/DL include the concept that all the users have a complete copy of the ledger with all the data and all the transactions and system features that make transactions immutable – plainly speaking, they cannot be changed. We explain the Consensus Mechanism for a BC and how it and public/private keys replace heretofore traditional controls. Assertions such as occurrence, completeness, cutoff, accuracy, etc., are all addressed by BC systems providing significant improvements in control precision. There are, however, new assertions and controls that need to be addressed with BCs and new risks especially with the introduction of smart contracts. We have assumed the reader has a basic level of understanding about a BC. For further background we recommend you consult our bibliography. As noted, we do not believe this paper has all the answers or addresses all the risks associated with BC/DL. We trust new approaches will be leveraging a whole new set of controls and audit practices unique to this exciting rapidly emerging technology.
Notes
1. How Technology Behind Bitcoin Could Transform Accounting As We Know It by Ryan Lazanis, the founder of XEN Accounting, an accounting firm based in Quebec, Canada
2. IBID
3. The Promises and Jeopardies of Blockchain Technology Phil Zongo; ISACA Journal Vol. 4 2018 page 30
4. Caseware Analytics blog: Cangemi Perspectives: Introduction to Blockchain and the Potential for Advancing Analytics https://idea.caseware.com/blockchain-advancing-analytics/
5. 2018 ACFE Fraud Report To The Nations, https://www.acfe.com/report-to-the-nations/2018/page. 42
6. Information on the DAO hack of 2016 can be found here: https://www.coindesk.com/understanding-dao-hack-journalists
7. Exhibits 1, 2 and 3 from Lukka, formerly known as Libra Tech – website: https://lukka.tech
8. “Reengineering the Audit with Blockchain and Smart Contracts” Andrea Rosario and Chanta Thomas; Journal of Emerging Technologies in Accounting.
Additional information
Notes on contributors
Michael P. Cangemi
Michael P. Cangemi is a former CFO and CEO, a prolific writer, active speaker and senior advisor to various companies; he has had a wide-ranging career having served as a CAE, CIO, CFO and then in two CEO positions, as well as, on Boards and as Audit Committee Chair. Mr. Cangemi now has a significant focus on Technology for Business and specifically Continuous Monitoring, Analytics and Blockchain DLs for GRC, Finance and Business Process Improvement. He is a Senior Fellow at and serves on the Rutgers Continuous Auditing and Reporting Lab - Advisory Board, a Senior Advisor to CaseWare Analytics (CA & CM Analytics); he serves on the Lukka Audit Advisory Board (Distributed Ledgers/blockchain); and he is an investor in and former advisor to Solink Corp (Video & Contextual Analytics).
His experiences as a CAE were published in his second successful book, Managing the Audit Function. The book, now in a third edition, was featured in the business section of the Sunday New York Times in August 2002 and translated into Chinese in 2005 and Serbian in 2013.
A CPA retired and CISA retired he was President, Chief Executive Officer and Director of Etienne Aigner Group, Inc., a leading designer of women’s accessories and President and Chief Executive Officer and Director of Financial Executives International, the professional association for senior-level corporate financial executives. He currently serves as President of Cangemi Company LLC, which he founded, and through which he serves as senior advisor to various companies and manages his other business interests. He also serves on FEI’s Committee on Finance & Technology (CFIT) and their GRC Sub Committee; the EDPACS Editorial Advisory Board; and the ISACA 50 Anniversary Committee.
He has served in numerous volunteer positions at IIA and ISACA, including ISACA International President & Board Chair and IIARF Trustee. He went on to serve as Editor-in-Chief of the ISACA Journal for 2 decades, as well as, serving as a COSO Board Member, four years on the Financial Accounting Standards Advisory Council (FASAC) and two years on the International Accounting Standards Board-Standards Advisory Council in London. These and other positions give him an excellent window into the audit/GRC & financial verticals.
Gerard (Rod) Brennan
Gerard (Rod) Brennan PhD, CFE is the Audit Technologies Director for Lukka, a US-based (NY, NY) software company that automates and optimizes financial business processes for professionals who interact with distributed and decentralized technologies (i.e. Blockchain, Smart Contracts, DLT, Cryptocurrencies, etc.) helping develop innovative/automated audit and reporting solutions. Rod is an audit practitioner, frequent speaker and published researcher on the topic of blockchain, continuous auditing/monitoring/analytics, he is the former Audit Director and North America Risk & Internal Control Officer for Siemens Corp. and an Adjunct Professor in Rutgers Univ. MBA program teaching “Advanced Auditing and Info Technology”. He is excited about helping develop the next generation of automated audit/reporting applications to provide assurance on DLT/Blockchains.
Rod successfully defended his Ph.D. thesis on “The Use of Intelligent Software to Enable Continuous Auditing”. The research work included the design and development of an ERP (SAP) continuous auditing software model incorporating some of the latest continuous auditing research concepts. The model was co-developed with Rutgers Universities’ Continuous Auditing Research Laboratory (CarLab) – a leading Continuous Auditing research group. Rod continues to speak and do research in the area of automated audit and reporting for applications on DLT/Blockchains.