COSO offers guidance on blockchain and internal control

The Committee of Sponsoring Organizations of the Treadway Commission has released a new paper offering its views on how blockchain technology can be used with an organization’s internal controls over financial reporting.

The committee, known as COSO, includes organizations such as the American Institute of CPAs, the American Accounting Association, Financial Executives International, the Institute of Management Accountants and the Institute of Internal Auditors.

COSO’s paper, "Blockchain and Internal Control: The COSO Perspective," explains how COSO’s internal control framework can be used to design and implement controls to address the risks associated with blockchain technology, which relies on distributed ledgers to track information about assets such as digital currencies.

The paper shows how with careful implementation and integration of blockchain, the unique features of the technology can be leveraged to better manage risk and create more robust controls for organizations.

The project, commissioned by COSO and sponsored by Deloitte, offers guidance on using the COSO Internal Control – Integrated Framework (2013) to evaluate the risks related to the use of blockchain in the context of financial reporting and to design and implement controls to address such risks. The paper aims to help make decisions about the oversight, risks, and internal control over financial reporting in a blockchain environment.

The paper was co-authored by Deloitte & Touche partners Jennifer Burns and Amy Steele, along with Eric Cohen of Cohen Computer Consulting and Sri Ramamoorti, an associate professor at the University of Dayton.

“Blockchain-enhanced tools have the potential to promote operational efficiency and effectiveness, improve reliability and responsiveness of financial and other reporting, and improve compliance with laws and regulations. At the same time, blockchain creates new risks and the need for new controls,” said COSO chairman Paul Sobel (pictured) in a statement Tuesday. “When an organization evaluates the use of blockchain through a COSO lens, it enables the board of directors and senior executives to better understand the context and make more informed assessments of the technology’s potential and applicability with respect to internal control.”

COSO chairman Paul Sobel at the Institute of Internal Auditors' General Audit Management conference

The COSO paper discusses some of the challenges associated with blockchain along with the opportunities. Even as blockchain technology keeps evolving, the financial reporting community can work together to better understand the challenges and risks, ways to remediate, and leading practices to fully realize the potential benefits, according to the paper.

“Many businesses, industries and governments are investing in and exploring how blockchain could positively impact the achievement of their objectives,” said Amy Steele, a partner in the Audit & Assurance Services group of Deloitte & Touche LLP and co-chair of the AICPA Digital Assets Working Group, in a statement. “Stakeholders must realize that adoption is likely to move forward. And, if efforts are not made now, the knowledge, learning and application gap will widen; and more effort will be required later to react to the challenges with the technology and its adoption.”

The paper is available at www.COSO.org.

For reprint and licensing requests for this article, click here.
Blockchain Audit software Distributed ledger technology
MORE FROM ACCOUNTING TODAY