Auditing crypto-assets: Third-party service provider considerations (Viewpoint)
Learn about audit considerations when a third party provides crypto-assets services to the entity, including assessing whether a service organization relationship exists and identifying risks and relevant controls at the service organization.
When addressing the assessed risks of material misstatement over crypto-asset transactions and balances recorded in a user entity’s financial statements, several questions may emerge. This paper addresses each of the following:
- understanding the crypto-asset ecosystem
- understanding the nature of the third-party services provided, including assessing whether a third party is a service organization
- approaches to obtaining an understanding and evaluating the relevant controls at a service organization
- identifying risks and relevant controls at a service organization