We have identified deficiencies where an auditor did not perform procedures to assess the appropriateness of revenue recognition related to the transfer of crypto assets.

[PCAOB Spotlight "Inspection Observations Related to Public Company Audits Involving Crypto Assets" (June 2023)]

Often revenue at mining companies is recorded based on the crypto asset receipts to the mining account. However, if the company participates in DeFi activities, receives grants or funding in crypto assets, exchange or lend crypto assets, the receipts recorded on blockchain may include those not related to revenue. Without proper confirmation of the nature of receipts, companies may overstate their revenue by significant dollar amounts due to incomplete or inaccurate information about the nature of transactional activity. Several companies I worked with in the past had material overstatements of revenue due to this very reason. This is why:

1. Transaction level details of all receipts included in revenue is required for the proper auditing of mining revenue. Some blockchain companies calculate revenue as the difference between ending and beginning balances of digital assets on the blockchain account they control adjusted for known period activities. This level of details is not sufficient to provide reliable evidence over the total amount of mining revenue recognized and the nature of underlying activity. Only transactional level data with sufficient details of the date, time, source and purpose of each operation can ensure that the auditors are capable to perform procedures sufficient to express an unmodified audit opinion that is supported by the appropriate evidence.

2. Internal controls over crypto mining operations that rely on non-transactional data in most of the cases will not be assessed as effectively designed controls.

As a good example, the completeness and accuracy of miner rewards recorded by a miner without involvement of a third-party pool, can be verified based on the list of Bitcoin transactions including the following data fields (see the purpose and procedures needed to ensure the completeness and accuracy of mining revenue denominated in native units of crypto assets):

• block_id [used to identify the completeness of population in the report by checking if all blocks are sequentially numbered]

• hash [to identify each transaction]

• time [to identify the appropriate cut-off blocks for the reporting periods]

• version [if more than one version of block exists, the latest version should be used and previous disregarded]

• output total [this field will show the miner reward in Satoshi]

• sender [on bitcoin networks miner rewards are distributed from Coinbase (the largest crypto exchange in US has the same name, but it is not directly related to Coinbase on bitcoin network)]

• recipient [should include address of the account controlled by the miner]

This detail allows auditors and employees responsible for internal control to obtain sufficient and appropriate audit evidence of miner rewards as long as:

(a) the report is received from a reliable source.

(b) the report includes all of the fields listed above.

(c) the report includes the complete population of transactions (which is checked by verifying the sequential numbering of blocks in the report).

(d) miner rewards are appropriately identified.

(e) the revenue is recognized based on only rewards recorded to accounts controlled by the miner (which, for example, can be confirmed via ownership by private keys or an agreement with a custodian).

(f) the pricing used to translate rewards from BTC to the functional currency of the entity is based on reliable data source and relates to the appropriately determined principal market of the reporting company.

Another question that often arises when we are discussing these questions. See our take on this at "Enforceability of Blockchain Transactions".