COSO released a new paper, sponsored by Deloitte, providing perspectives for using the COSO Internal Control – Integrated Framework (2013) to evaluate risks related to the use of blockchain in the context of financial reporting and to design and implement controls to address such risks. It is intended to help inform decisions regarding oversight, risks, and internal control over financial reporting (ICFR) in a blockchain environment.
As blockchain becomes more mainstream, it is appropriate to focus on how this technology intersects with an organization’s system of internal control. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is releasing a new paper, “Blockchain and Internal Control: The COSO Perspective,” demonstrating that with careful implementation and integration of blockchain, the distinctive capabilities of the technology can be leveraged to better manage risk and create more robust controls for organizations.
The project, commissioned by COSO and sponsored by Deloitte, provides perspectives for using the COSO Internal Control – Integrated Framework (2013) to evaluate risks related to the use of blockchain in the context of financial reporting and to design and implement controls to address such risks. It is intended to help inform decisions regarding oversight, risks, and internal control over financial reporting (ICFR) in a blockchain environment.
'Blockchain and Internal Control: The COSO Perspective' is authored by Deloitte & Touche LLP partners, Jennifer Burns and Amy Steele, along with fellow authors, Eric Cohen of Cohen Computer Consulting and Dr. Sri Ramamoorti, Associate Professor at the University of Dayton.
“Blockchain-enhanced tools have the potential to promote operational efficiency and effectiveness, improve reliability and responsiveness of financial and other reporting, and improve compliance with laws and regulations. At the same time, blockchain creates new risks and the need for new controls”, said Paul Sobel, COSO Chairman. “When an organization evaluates the use of blockchain through a COSO lens, it enables the board of directors and senior executives to better understand the context and make more informed assessments of the technology’s potential and applicability with respect to internal control.”
The uses of blockchain will continue to develop and evolve, and expanded adoption will likely transform how businesses operate. The COSO paper addresses the many challenges associated with blockchain as well as opportunities to leverage its potential. Even while blockchain technology is evolving, the financial reporting stakeholder community can jointly work to better understand the challenges and risks, ways to remediate, and leading practices to fully realize the potential benefits.
“Many businesses, industries and governments are investing in and exploring how blockchain could positively impact the achievement of their objectives”, said Amy Steele, a partner in the Audit & Assurance Services group of Deloitte & Touche LLP. Steele is also co-chair of the AICPA Digital Assets Working Group. “Stakeholders must realize that adoption is likely to move forward. And, if efforts are not made now, the knowledge, learning and application gap will widen; and more effort will be required later to react to the challenges with the technology and its adoption.”
Jennifer Burns, a partner in the Audit & Assurance Services group of Deloitte & Touche LLP, added, “The potential benefits of blockchain to financial reporting will be maximized only if those who understand and are responsible for financial reporting, internal controls, and auditing are actively involved in the discourse about blockchain and collaborate to advance the collective agenda. To help with that discourse and expand the understanding of blockchain, the paper highlights ‘10 Things to Know about Blockchain.’”
The project to develop the paper began with the partnership of Dr. Sri Ramamoorti, a University of Dayton accounting professor interested in blockchain’s immense potential, and Eric Cohen, an audit and standards specialist with a history of academic engagement related to emerging technologies. “My goal is to stimulate constructive dialogue between stakeholders of the business reporting supply chain on how to cope with, and benefit from, the adoption of blockchain and related technologies, including getting past the fads and fallacies”, noted Cohen. “My understanding of the COSO Frameworks, and previous experience in developing thought-leadership guidance, made reaching out to COSO Chair Paul Sobel and Deloitte & Touche LLP an obvious path forward to develop the paper”, added Dr. Sri Ramamoorti.