Sen. Elizabeth Warren, D-Massachusetts, and Senate Finance Committee chairman Ron Wyden, D-Oregon, are asking the Public Company Accounting Oversight Board to do more to regulate the audits of cryptocurrency companies in the wake of recent high-profile bankruptcies of companies like FTX.
In a
"The ongoing reports of scandalous accounting practices in the crypto industry raise questions about crypto accounting firms' independence and the methods they employed to assess the integrity of crypto firms' financial statements, underscoring the need for the Public Company Accounting Oversight Board to act to ensure accountability," Warren and Wyden wrote. "When PCAOB-registered auditors perform sham audits — even for firms that may lay outside of the PCAOB's jurisdiction — they tarnish the credibility of the PCAOB and undermine confidence in the PCAOB-registered auditors that investors and the public rely on when making investment decisions."
They noted that a number of firms have gotten involved in the crypto market besides Armanino and Prager Metis. "While the Big Four accounting firms — Deloitte, Ernst and Young, KPMG and PricewaterhouseCoopers — have largely avoided providing formal auditing services to private crypto firms, Deloitte and PricewaterhouseCoopers reportedly advised FTX before its collapse. Other auditing firms, such as Mazars Group and Marcum, validated so-called 'proof of-reserves' reports, which are intended to show that a crypto company providing custody services has assets that are equal to or greater than customer deposits."
Other prominent crypto companies have also collapsed in the past year, including BlockFi, Celsius and Voyager Digital.
However, they noted that proof-of-reserves examinations fall far short of genuine audits and don't follow established standards, aren't overseen by the PCAOB, and don't prove that listed assets actually belong to customers. "Yet some crypto companies have touted them as "audits" and evidence that they have the funds necessary to meet all depositor claims," the senators added. "Kraken, a major crypto exchange, claimed that it had been subjected to ''next-generation audit standards' that showed how the exchange was 'exceeding the transparency offered by legacy financial firms.'"
They urged the PCAOB to do more, pointing out that the PCAOB's mission is to regulate the audits of public companies and SEC-registered brokers and dealers in order to protect investors and the public. "When PCAOB-registered auditors perform sham audits — even for firms that may lay outside of the PCAOB's jurisdiction — they tarnish the credibility of the PCAOB and undermine confidence in the PCAOB-registered auditors that investors and the public rely on when making investment decisions," Warren and Wyden wrote.
The PCAOB plans to respond to the requests. "PCAOB received the letter and will respond directly to the lawmakers," said a PCAOB spokesperson. "We look forward to working with them on our shared goal of protecting investors."
They asked a number of questions of Williams, including what risks do retail investors face when crypto firms — whether publicly traded or private — attempt to pass off proof-of-reserve examinations as "audits" and what is the PCAOB doing to mitigate those risks. They also asked whether PCAOB-registered auditors, or the private companies that receive their audit-like services, required to disclose to investors that those services are performed outside of the oversight of the PCAOB. In light of press reports and social media posts, they asked, "Was the PCAOB aware of potential conflicts of interest or other concerning behavior that betrayed a lack of professional skepticism by Armanino or Prager Metis and their client FTX before FTX's collapse?"
Last November, during an auditing conference at Baruch College, Williams was asked about the impact of auditing on cryptocurrency in light of FTX's collapse, and she pointed out that the PCAOB has limited jurisdiction over audits of non-public companies. "FTX was not a public company and therefore the PCAOB could not inspect its audits," she said. "At the same time, you may have seen that FTX touted the use of auditors that were registered with the PCAOB. It is important to understand that PCAOB registered firms only have to follow PCAOB standards and rules when they are auditing a public issuer or broker-dealer under our jurisdiction — not for any of their other clients. And we do not have authority to inspect their audits of other clients like FTX, so we are not able to evaluate their work on such engagements or hold them accountable for insufficient work."