Blockchain and the Auditing Revolution – Real Time Audit within the Capabilities of Blockchainby Sacha Huber June 24, 2016
Auditing is the process of conducting an independent examination of an organization’s accounts, books and/or documents in order to determine whether the organization’s financial statements present a fair view of the business. It is based on a set of pre-determined guidelines, normally the International Accounting Standards, or GAAP (generally accepted accounting principles).
Auditors themselves are normally independent third-party intermediaries who are employed to verify the accuracy of companies’ financial statements. Indeed, the financial statements themselves can be viewed as a summation of what happened in a company’s ledger throughout the accounting period. Ultimately, the auditor then decides that either the financial statements make sense, or they is a discrepancy between what the company’s management has provided and what the true numbers should be.
Auditor and Client relationship
Because the client is responsible for paying the auditor, an inherent bias emerges. This pecuniary relationship between auditor and client could tempt the auditor to provide a false (or rosier) assessment of its client’s accounts, for the chance of repeat business from the client at the end of the next accounting period. Moreover, the client may also present the auditor with false or exaggerated figures to inflate the company’s true value – this is known as ‘cooking the books’.
Whether the auditor can detect this or not is largely immaterial – the fact that potential exists for compromising the accuracy of the financial statements at the expense of the public is of grave concern. This has significant implications for how internal and external parties – including regulators – perceive the quality of the auditing process.
There have been high-profile cases where poor standards of auditing have been uncovered, and which have had significant consequences on the accounting industry. Enron is arguably the most high profile example. Arthur Andersen, the firm responsible for auditing Enron’s books since it started doing business in 1985, played a significant role in the scandal, particularly once it was revealed that the accountancy firm was guilty of obstructing justice by playing an influential part in the shredding of a huge number of incriminating documents just before the investigations commenced.
The scandal was just one in a number of cases involving auditing incompetency where corporate accounts were misrepresented, including the UK’s Polly Peck International, Germany’s Metallgesellschaft, and Cendant Corp and Sunbeam Corp in the US. Indeed, by the time Enron collapsed in early 2002, it was revealed that 700 US companies had to restate accounts in the previous 4 years alone.
The collapse of Enron
The fall of Andersen highlighted the pressure on accountancy firms to boost profits, while the company itself compromised the integrity of the auditor’s role as an independent third-party by making partners effectively become salespeople. This made auditors agenda-driven, as they began empathising more with their clients, and in doing so, destroyed the auditor’s dual function of servicing its clients but also equally looking out for the public interest.
Indeed, the basis for many auditing failures since then has been the questionable business relationship between auditor and client, which has generated much conflict of interest. Instead of a company’s auditors being appointed independently by shareholders, many were chosen by the company’s internal management, or even worse, they were hired to senior management positions, often with the intention of saving costs. Perhaps in the wake of the Enron scandal, the biggest fallout experienced by the global auditing industry was the loss in public trust.
Auditors are trusted upon to issue their opinion as accurately as possible, while the public also trusts that the company has not tried to cook the books. According to Ellen Masterson, former global head of audit methodology at PwC, moreover, the priority for client management was to reduce the cost of the audit, meaning that auditors were “pressured to do the minimum”.
In the aftermath of Enron, the Sarbanes Oxley Act was implemented which required that top executives sign off on audits, fully in the knowledge that they would be held criminally responsible if the books had been cooked. Furthermore, auditors now have to report to an audit committee, which has widened the gap between a company’s management and the auditing firm. Audit-committee members can also be prosecuted by regulators for fraudulently influencing a company’s auditors. While Sarbanes-Oxley has decisively improved the auditing process, there is still no guarantee that executives who sign off on audited accounts know for certain that what they are approving is 100% accurate.
Auditing today, therefore, is still lumbered with such inefficiencies, remains based on ‘reasonable assurance’, and is broadly unchanged from what has been practised for decades, meaning that the process is now ripe for a new, innovative transformation. At present, each account (such as assets, revenues or liabilities) is viewed as a set of combined transactions, which produces a final balance at the end of the period.
During the audit, the auditor will verify a certain number of these accounts with the trading parties and determine the accuracy of the balance using a sample of previous accounting entries. They may also, on occasion, speak to employees to detect whether ethical accounting practices have been followed or not.
Trust – the auditors most expensive good
Therefore, trust of the auditor and the company still remains at the core of the auditing process, and thus is still potentially subject to fraud and manipulation. Further still, there may very well be another auditor verifying the very same transactions at the other end. As such, the entire process remains inefficient, while the quality of the audit still largely depends on judgement calls by the auditor, meaning that it remains subject to accuracy disputes.
Despite Sarbanes-Oxley, moreover, auditors still have the pressure of generating repeat business from clients, so the temptation to stray from objective analysis still exists. Some studies have even shown that firms are reporting downward pressure on audit fees due to clients questioning the value of audit services, especially given that they are now increasingly ‘commoditised’ as a result of being heavily regulated, and thus there is little differentiation among the services being offered by various auditors.
Many believe that blockchain could transform this process, in part because the technology removes the need for auditing to depend on trust. Blockchain provides a globally distributed, decentralized ledger of which everyone has the exact same copy. Whereas auditing at present entails the confirmation of transactions and balances on a company’s accounting ledger at the end of the period, a transaction on the blockchain would provide a permanent and immutable record of the transaction almost immediately. In effect, blockchain allows the recording of the transaction to take place at the same time as the transaction itself.
All that would be required at the time of the transaction would be for the two trading parties to compare accounting entries while maintaining data privacy. To ensure the data can’t be changed, digital signatures would be used, whereby companies would publish their keys to a public authority who would verify their identities. “The existence of digital signatures from both parties implies that the transaction data is agreed upon” explains Roger Willis, former member of Ernst & Young’s (EY) forensic data analytics and audit teams.
Once posted to the blockchain, the transaction is time stamped and exists forever. As described by prominent Bitcoin proponent and investor Trace Mayer, “Everyone agrees on consensus that those transactions actually happened, and boom you have that verification. You have the debit, the credit, and the confirmation by the network”.
CPA at Xen Accounting, Ryan Lazanis believes that “everything that is on the books of the company and therefore everything comprising a company’s financial statements could occur on the blockchain”. If true, then the blockchain’s existence would not require the employment of a third-party auditor for verification purposes; instead, everything is recorded and verified in real-time.
The redundancy (or indeed, the wholesale elimination) of the auditor’s role, therefore, could transform the entire accounting industry. This would have a whole range of benefits. Charles Hoskinson, former CEO of revolutionary blockchain company Ethereum, for example, attests that because blockchain provides transaction histories that go back to their inception, the auditing process would be immune to manipulation, as “every single penny could be accounted for by this incorruptible entity”.
And what are the big-4 doing today
The ‘big four’ accounting firms – Deloitte, PWC, KPMG and EY – are also investigating how blockchain can improve the auditing process. Deloitte, for example, is currently focused on developing automation for some of its audit processing. According to Deloitte Consulting principal Eric Piscini, the solution his company is developing will allow the company to post every transaction onto the blockchain in real-time. To audit the company then, Deloitte would simply look at the blockchain and all its transactions.
There would be no need for external verification of the records “because the blockchain is immutable and time-stamped”. Piscini also believes that blockchain will make the auditing process quicker, cheaper and more transparent for regulators, thereby substantially improving accessibility. EY’s Willis agrees with this sentiment, suggesting that auditing all revenues and expenses for multiple companies could be conducted “in literally a split second because the companies are capturing, signing and agreeing all the data at the time of transaction”.
This would ostensibly be good news for the Securities & Exchange Commission (SEC), who recently expressed the urgent need for a Consolidated Audit Trail (CAT), which would create a system that would enable the regulator to comprehensively track markets across various venues and systems, providing increased transparency and better access to critical data.
Given the immutability and decentralized accessibility of blockchain, however, the access and accountability of the SEC’s audit trail could be wholly improved. As highlighted by McKinsey, “blockchains contain detailed and precise histories of asset movements, which has the additional benefit of being attractive to regulators”, suggesting that consolidated audit trails could very well use blockchains for the purposes of capital market transparency.