Cryptocurrency companies that need their financial statements audited have to pay a lot for it, and they have Sam Bankman-Fried to thank.
The collapse of the Bankman-Freed crypto empire and the attention it brought to auditors filing reports has forced small accounting firms to rethink how they work with businesses in emerging industries.
A number of US companies have told the Financial Times that they have upgraded some or all of their cryptocurrency-related clients to "high risk" status, pushing for deeper audits that could take longer and result in higher bills. Some customers may be turned away entirely.
The reauthorization comes just weeks before the end of the U.S. fiscal year, as auditors struggle to enforce half-established accounting rules for digital assets and regulators continue to track down mistakes.
"Your antennae have to be up at this point," said Markum CEO Jeffrey Weiner, whose audit clients include a bitcoin miner and a digital asset investment group. The company has identified the FTX collapse and its implications for the crypto market as the biggest risk to crypto customers in general.
"When clients have high exposures, they greatly expand the scope of the audit, which leads to requiring more resources and more time," says Weiner. More work is needed to assess "systems, controls, asset availability, fund allocation and, of course, if FTX is granted, additional reviews of related party transactions."
The FTX bankruptcy filing describes a chaotic system in which cryptocurrency exchanges were closely tied to Bankman-Fried's private trading business and lost billions of dollars in client funds. Bankruptcy expert John Ray III, who was recently appointed CEO, said he had never seen "such a complete failure of corporate control and such a lack of reliable financial information."
The filing has raised questions about how Prager Mettis - a US company with annual revenue of $139 million - could issue an unqualified audit opinion on the 2021 financial statements of FTX's numerous international operations. Industry standards require auditors to consider a company's internal controls and design audits accordingly, although they are not required to certify that the controls are sound.
Armanino, a California-based company with $458 million in annual revenue, made the same unqualified comment in the financial statements of FTX's U.S. exchange.
Both companies issued statements in support of their work for FTX, which were in the scope of the audit last year.
Given the scale of FTX-related businesses and the volatile digital asset market, "we are busy with our clients and have periods where we adjust our risk assessment," said a partner at another audit firm. . crypto business. "We are closing at the end of the year, so if we want to go ahead and complete the audit, we have to ask if we have all the necessary procedures or new resources."
The colleague added that smaller accounting firms tend to be more selective in their choice of crypto clients. "We're not in the business of hiring people who might fail. When a company fails, there's a lot of work to be done: you get called and fired, people want to go through your paperwork to see if you missed something. It's mixed."
Two weeks before FTX collapsed, Big Four accounting firm EY parted ways with Texas-based bitcoin mining company Core Scientific, warning it would run out of cash by the end of this year. EY said it found inadequate record-keeping and weak internal controls. Core Scientific said it will use Markem as an auditor.
The Big Four—PwC, Deloitte and KPMG, as well as EY—say they can devote more resources to working with crypto clients than smaller auditors. Larger auditors often charge more than smaller firms.
The PCAOB, which oversees the auditing of US public companies, issued a notice in August urging companies to ensure their auditors have the appropriate skills.
"How do auditors understand the financial reporting implications of company activities involving digital assets?" he asked. "What policies and procedures does the audit firm have in place for conducting and controlling audit engagements related to digital assets?"
The first question is not easy to answer, according to the auditors, because innovations in digital assets come out faster than what can be set in accounting standards. The AICPA, the professional body that sets standards for auditing private companies, has only written several chapters on auditing practice, and the rest is still a work in progress.
"Our guidance is always based on current events and real-world conditions, as well as additional risks that may arise," said Susan Coffey, chief accountant of the AICPA.
Armanino, FTX's US auditor, "spent significant time and intellectual capital as an active participant in various accounting industry groups" to help develop the standards.
Other accounting firms are happy not to do cryptography.
"I wish every accounting firm would do the same thing. We're reevaluating our clients' portfolios after the FTX crash," said Charlie Weinstein, CEO of IsnerAmpere. For those with digital assets or access to cryptocurrencies, this is only a small part of the business, he said.
"We don't do [audits] with cryptocurrencies," he said. "Of many worries."