Audit Financiar,Auditing

Navigating XXIII, Nr. 1(177)/2025,

Risks in the197-209
Crypto Asset Landscape
ISSN on-line: 1844-8801

Navigating Abstract
Auditing Risks The rise of crypto assets presents unique challenges and
risks for auditors, requiring a revaluation of traditional
auditing practices. This paper explores the inherent,

in the Crypto control, valuation, and related risks associated with crypto
assets, emphasising the complexities of valuation,
compliance, and fraud detection. Starting from a

Asset
bibliometric visualisation in VOSviewer, it points out
thematic trends and key concepts in crypto auditing. The
database was downloaded from the Web of Science Core
Collection (2000-2024 Q3). The findings offer valuable

Landscape insights for auditors, policymakers, investors, researchers,

and practitioners who rely on accurate audits to make
informed decisions and build trust and transparency in the
crypto ecosystem.
Key words: cryptocurrency; crypto assets; risk; audit risk;
inherent risk; control risk;
Georgiana – Iulia LAZEA (TRIFA), JEL Classification: M42, G32, K34, O33
Ph. D. Student,
West University of Timişoara, Romania,
e-mail: [email protected]
Univ. Prof. Habil. Ovidiu – Constantin
BUNGET, Ph. D.,
West University of Timişoara, Romania,
e-mail: [email protected]
To cite this article:
Anca-Diana BĂLAN, Ph. D., Lazea (Trifa), G.-I., Bunget, O.-C., Bălan, A.-D., Solovăstru, M.
West University of Timişoara, Romania, Ş. (2025), Navigating Auditing Risks in the Crypto Asset
Landscape, Audit Financiar, vol. XXIII, no. 1(177)/2025,
e-mail: [email protected] pp. 197-209, DOI: 10.20869/AUDITF/2025/177/006
Mircea Ştefan SOLOVĂSTRU, Ph. D., To link this article:
Bucharest Stock Exchange, http://dx.doi.org/10.20869/AUDITF/2025/177/006
e-mail: [email protected] Received: 20.11.2024
Revised: 21.11.2024
Accepted: 23.01.2025

No. 1(177)/2025 197

 Silviu-Ionuț BĂBŢAN

Introduction cryptocurrency auditing while offering practical insights for

auditors, regulators, and businesses.
In the rapidly evolving world of digital finance, the
emergence of crypto assets has brought significant
opportunities and challenges for auditors. 1. Literature review
The theme of crypto assets auditing risks is important as Cryptocurrencies represent a unique subset of crypto
they become more integrated into mainstream finance, assets, which operate on decentralised networks known
and auditors face new challenges in assessing their as blockchains (Alsalmi, Ullah, & Rafique, 2023; Makurin
valuation, compliance, and fraud detection. Traditional et al., 2023). In these networks, transaction data is
auditing methods may not be sufficient for these recorded publicly but without revealing the identities of
decentralised and volatile assets, making it crucial to transacting parties. Unlike traditional assets, the absence
develop specialised approaches. of centralised oversight and the high volatility in
The purpose of this article is to review the existing scientific cryptocurrency prices create unique challenges for
auditors, complicating the identification of misstatements,
literature concerning the key risks auditors face when dealing
fraud, or non-compliance.
with crypto asset transactions. These risks include inherent
risk, control risk, valuation risk and compliance challenges. A Crypto assets' decentralised, often opaque nature
clear understanding of these issues is essential for introduces risks that traditional auditing methods may
maintaining financial integrity, ensuring accurate reporting, struggle to manage. As the digital asset ecosystem
and preventing illegal activities such as money laundering becomes more integrated with the conventional financial
and terrorist financing. system, it introduces new risks that echo traditional
finance's market failures and vulnerabilities.
This research's contribution goes beyond auditors—it is
highly relevant for regulators, businesses, and investors A further complication is the risk of using crypto assets for
who rely on accurate audits to make informed decisions in money laundering and terrorist financing. With fast,
the increasingly digital economy. By addressing the risks globally accessible transactions and the option for
involved, auditors can help build trust and transparency in anonymity, these assets are vulnerable to misuse. As
the crypto ecosystem. such, the adequate supervision and regulation of crypto
asset service providers are essential to mitigate these
The study has three main objectives: first, to identify and
risks.
analyse the audit risks associated with crypto asset
transactions, including valuation challenges and fraud risk; To effectively audit crypto assets, auditors must
second, to evaluate how blockchain technology affects the understand the unique characteristics and risks
audit process by increasing transparency and security; associated with these digital assets. This requires a deep
and third, to explore how technological advancements understanding of the underlying blockchain technology,
based on blockchain can be used to mitigate crypto audit the various types of cryptoassets, and the regulatory
risks. landscape governing their use. Incorporating blockchain
technology into the auditing processes (Lombardi et al.,
In order to meet the research goals, the authors outlined 2022) has the potential to transform audits by enhancing
several research questions: transparency and clarity (Bonyuet, 2020; Dai & Vasarhelyi,
RQ1: What are the most significant audit risks associated 2017; Abdennadher et al., 2022; Dyball & Seethamraju,
with cryptocurrency transactions? 2022).
RQ2: How does using blockchain technology impact the Blockchain’s ability to record transactions in real-time,
audit process, particularly verifying transactions and provide tamper-proof data, and timestamp every
detecting fraud? transaction (Buhussain & Hamdan, 2023) while keeping
RQ3: How can technological advancements, such as user information private (Pan, Vaughan, & Wright, 2023)
blockchain auditing tools, help minimise the risks has the potential to reshape how audits are conducted.
associated with crypto asset audits? Blockchain technology can enhance transparency and
reliability, but auditors' expertise and discernment remain
Answering these questions will provide a more irreplaceable in navigating the unique complexities of
comprehensive understanding of the risks involved in crypto assets (Coyne & McMickle, 2017).

198 AUDIT FINANCIAR, year XXIII

Navigating Auditing Risks in the Crypto Asset Landscape

risk”) to retrieve articles aligned with the research topic.

2. Research method
To maintain consistency and accessibility, the study
To identify pertinent literature on cryptocurrency auditing included only English-language articles from various peer-
risk (CAR), the authors devised a search strategy reviewed sources, such as journal articles, reviews, and
incorporating specific keywords and utilising the Web of early-access publications. Data was gathered from
Science (WoS) database. This platform is an the Web of Science on October 15, 2024, covering a
indispensable tool for researchers, providing period of rapid development in cryptocurrency and
comprehensive access to scholarly literature and ensuring blockchain technology. Articles published between 2000
high-quality peer-reviewed publications. and 2024 Q3 were considered, allowing the authors to
A customised search strategy was implemented, utilising track trends and developments.
the search string ("crypto*" OR "cryptocurrenc*" OR After applying specific criteria, the search returned 1291
"virtual currenc*" OR “digital currenc*” OR "initial coin research papers on CAR within the business economics
offering" OR "bitcoin") AND ("audit*” OR "risk” OR “audit* field. Figure no. 1 outlines the search process and the
risk” OR “internal control” OR “inherent risk” OR “control specific inclusion and exclusion criteria applied.

Figure no. 1. Flowchart of systematic selection of studies on CAR

Search

Records identified by searching the electronic database

- by topic (Web of Science Core Collection) 15892

Key term
Identification

("crypto*" OR "cryptocurrenc*" OR "virtual currenc*" OR “digital currenc*” OR "initial coin offering" OR

"bitcoin") AND ("audit*” OR "risk” OR “audit* risk” OR “internal control” OR “inherent risk” OR “control
risk”)
15892

Research area Selected time Type of document Language

Business Economics period Articles in English
Eligibility

1385 2000-2024 Q3 Article, review article, 1291

1305 early access
1305
Inclusion

Papers resulted
1291

Source: data processed by authors, 2024

No. 1(177)/2025 199

 Georgiana-Iulia LAZEA (TRIFA), Ovidiu-Constantin BUNGET,
Anca-Diana BĂLAN, Mircea Ștefan SOLOVĂSTRU

The study's main objective is to identify and For instance, “cryptocurrency” and “blockchain”
analyse existing research on CAR in business introduce inherent risks due to their volatility,
economics, management, accounting, and decentralisation, and lack of traditional oversight.
legislation. Keywords like “systemic risk”, “portfolio
optimisation”, and “financial risk” reflect concerns
To ensure consistency, we standardised the regarding market volatility and its implications for
keywords in the database. This included merging financial statements.
variations of terms like “crypto/s”,
“cryptocurrency/ies”, “cryptoasset/s”, and Additionally, the relationship between the
„currency/ies”. We also unified phrases such as “blockchain” node and terms like “auditing” and
“central bank digital currency/ies/CBDC”, “DLT” (distributed ledger technology) suggests that
“decentralised finance/DEFI”, „anti-money auditors are using blockchain technology to
laundering/AML”, „distributed ledger improve transparency and control.
technology/DLT”, and “blockchain The proximity of terms such as “valuation”, “price”,
technology/blockchain”. After this and “volatility” near the “cryptocurrency” node
standardisation, we analysed the research topics suggests that accurately valuing these assets is a
using keyword significant concern. Furthermore, terms like
co-occurrence and thematic analysis. “hedging”, “gold”, and “value-at-risk” also point to
the challenge of valuing crypto assets similarly to
3. Bibliometric review of the traditional assets like gold, but with more significant
uncertainty.
topics researched Fraud risk refers to the potential for intentional
3.1 Keyword Co-occurrence Analysis misstatements, misrepresentations, or
Figure no. 2 visualises interconnected keywords omissions in financial reporting, and the realm
related to cryptocurrency and auditing risks. Each of cryptocurrency, this risk takes on new
node represents a keyword, while the connecting dimensions. The mapping of related keywords
lines indicate how frequently these terms appear clearly illustrates the connections between
together in the analysed documents. The size of “cryptocurrency”, “money laundering”, “trust”,
each node reflects the frequency of the keyword’s and “proof-of-work”. This highlights how crypto
occurrence, and the thickness of the lines signifies transactions' decentralised and often opaque
the strength of the association between them. By nature can foster environments where
setting a threshold of five occurrences for each fraudulent activities can thrive.
keyword, we narrowed our focus to 157 relevant Additionally, the map includes references to
terms out of 1291. VOSviewer (van Eck & Waltman, “CBDCs” (central bank digital currencies) and
2023) then analysed the strength of the connections “financial regulation”, pointing to the importance
between these co-occurring keywords. of regulatory bodies' efforts to create
The visualisation reveals the interconnections between frameworks to monitor and control crypto
several thematic clusters, highlighting the complex nature transactions. Regulatory and compliance risks
of crypto assets auditing risks. The connections between refer to the uncertainty about how regulation
thematic areas emphasise the interdisciplinary nature of changes or the enforcement of existing rules
cryptocurrency auditing risks, incorporating aspects of could impact a business operating in the
economics, finance, law, and technology. cryptocurrency space.

200 AUDIT FINANCIAR, year XXIII

Navigating Auditing Risks in the Crypto Asset Landscape

Figure no. 2. Co-occurrence of author keywords for CAR studies

Source: authors’ projection, 2024

Therefore, starting from the keywords cluster, the authors can regulatory risk, and compliance risk. These risks will be
identify the three main auditing risks regarding crypto assets further detailed and explored in the thematic review section,
(Figure no. 3): inherent risks, control risks, valuation risks, providing a comprehensive overview of the challenges which
and associated risks (Figure no. 4), such as fraud risk, auditors face in this rapidly evolving field.

Figure no. 3. Crypto assets auditing risks scheme

CRYPTO ASSETS AUDITING RISKS

INHERENT RISK CONTROL RISK VALUATION RISK

Decentralized Limited internal

High volatility and
nature, volatility control
unclear valuation
and lack of mechanisms due to
standards
oversight blockchain systems
Source: authors’ projection, 2024

No. 1(177)/2025 201

 Georgiana-Iulia LAZEA (TRIFA), Ovidiu-Constantin BUNGET,
Anca-Diana BĂLAN, Mircea Ștefan SOLOVĂSTRU

Figure no. 4. Crypto assets related risks scheme

CRYPTO ASSETS RELATED RISKS

FRAUD RISK REGULATORY RISK COMPLIANCE RISK

Identity issues, Lack of clear or Difficulty in staying

anonymity, money consistent global rules updated with new
laundering regulations globally

Source: authors’ projection, 2024

3.2 Thematic Review of Key Auditing Risks and accurately evaluated before client acceptance and audit
Challenges planning (Ozeran & Gura, 2020). Internal and external
auditors should consider this issue (Rooney, Aiken, &
It is common knowledge that audits are critical
Rooney, 2017). The lack of clear and consistent regulatory
examinations of projects, combining objective analysis
guidelines for crypto assets compounds this challenge.
with subjective judgment (Kampakis, 2022) to form a final
opinion. An auditor's duty is to gather credible evidence to It is particularly important to develop clear and effective
form an opinion. This process is often hindered by auditing standards to ensure the integrity and
difficulties verifying the completeness and accuracy of transparency of metaverse transactions, given the
records and the reliability of the data collected (Atik & potential risks associated with revenue recognition,
Kelten, 2021). security vulnerabilities, and the decentralised nature of
metaverse platforms (Pandey & Gilmour, 2024).
As more companies integrate cryptocurrency investments
into their portfolios, there is a growing need for audit and Auditing crypto assets is complex due to their variety,
advisory services specifically designed for these digital platform complexity, rapid changes, market volatility,
assets (Klopper & Brink, 2023; Ozeran & Gura, 2020; and evolving regulations. Blockchain's "proof-of-
Smith, 2023). Auditors can utilise existing accounting work" concept requires auditors to rely on experts to
standards to evaluate how companies report and manage evaluate asset existence, ownership, and fair value
cryptocurrency holdings, helping to ensure accuracy in (Ozeran & Gura, 2020). Several studies have
financial reporting and regulatory compliance (Klopper & provided detailed guidance on auditing blockchain
Brink, 2023). Yet, the emerging nature of the architectures. For instance, White, King, and
cryptocurrency sector poses unique challenges. Ozeran Holladay (2020) explored internal control and
and Gura (2020) highlight that many auditors lack operational risks linked to private blockchains, while
substantial experience in this area, raising concerns about Liu, Wu, and Xu (2019) highlighted differences in
their technological readiness to accurately identify and auditing between permissioned and permissionless
manage the risks associated with blockchain-based audits blockchains. These studies emphasise the
(Pimentel & Boulianne, 2020). Deciding whether to accept importance of designing and assessing internal
or continue auditing a company with significant controls and suggest leveraging blockchain for
cryptocurrency activity is challenging. Risks should be continuous auditing (Pimentel & Boulianne, 2020).

202 AUDIT FINANCIAR, year XXIII

Navigating Auditing Risks in the Crypto Asset Landscape

Traditional audit procedures like confirmations, improve auditors’ access to client information and
internal control assessments, document inspection, support continuous auditing. However, its benefits
and reconciliations are used to gather evidence. may not extend to areas requiring significant
For cryptocurrency transactions, auditors must judgment, such as accounting estimates. Despite
specifically verify ownership of private keys and the blockchain’s perceived reliability, auditors should
appropriate party responsible for recording maintain a healthy level of scepticism, recognising
transactions (Vincent & Wilkins, 2020). During an that this technology is not immune to errors or
audit, the auditor must assess the risks of material potential fraud (Fuller & Markelevich, 2020).
misstatement in financial reports. This involves Finally, the availability of higher-quality and more
considering information from client acceptance and accessible audit evidence in many areas of the
previous engagements. The engagement team audit could shift the audit approach, freeing up
should discuss the entity's susceptibility to more resources to focus on subjective areas (Fuller
misstatements and the applicability of financial & Markelevich, 2020). These adjustments in audit
reporting standards (IAASB, 2019). focus and evidence-collection methods may help
When assessing cryptoasset transaction risks, address the evolving demands of cryptoasset
auditors should consider the materiality of such auditing and maintain audit integrity across digital
transactions. This involves calculating planning asset transactions.
materiality and comparing cryptoasset balances to Auditors must evaluate the inherent and control
the threshold. Materiality in auditing refers to the risks of cryptocurrencies (Angeline et al., 2021;
threshold below which an error or omission is not Dunn, Jenkins, & Sheldon, 2021; Tzagkarakis &
considered significant enough to affect the Maurer, 2023; Sheldon, 2023).
economic decisions of users of the financial
statements (IAASB, 2009). Determining this
threshold becomes challenging in the case of Inherent risks exist due to the nature of the
cryptocurrency transactions due to the extreme business or the environment in which it operates.
volatility of the market, constantly evolving In this case, the inherent risks include the
regulations and the complex nature of these digital vulnerability of endpoints to hacking, the risk of
assets. Additionally, auditors should evaluate the private key theft, and the complexity of accounting
effectiveness of exchange controls for entities for blockchain transactions (Bonyuet, 2020).
using crypto exchanges. Factors to consider Integrating distributed ledgers and cryptography
include exchange ownership, reputation, location, minimises the risk of data tampering or loss (Fuller
liquidity, trading volume, and the availability of & Markelevich, 2020). Another example is the
service auditor reports (Ozeran & Gura, 2020). valuation difficulty when holding cryptocurrencies
Risk management involves identifying, assessing, over time, as highlighted by Smith, Petkov, and
and mitigating risks that could hinder an Lahijani (2019).
organisation's ability to achieve its goals. This Evaluating inherent risks in cryptocurrency is
process requires understanding the organisation's crucial for ensuring auditors can effectively perform
risk tolerance, analysing potential fraud scenarios, their engagements (Harrast, McGilsky & Sun,
and addressing technology-related risks. 2022). A key challenge for auditors working with
Furthermore, it evaluates the effectiveness of risk cryptocurrency is its high price volatility (Angeline
assessment and communication processes et al., 2021). These frequent price swings
(Rooney, Aiken & Rooney, 2017). complicate accurate valuation, requiring both
Tan and Low (2019) suggest that blockchain will internal and external auditors to exercise significant
primarily function as a database engine, influencing caution in estimating cryptocurrency values and
various audit stages, including financial statement reviewing transactions (Gomaa, Gomaa, &
audits, engagement planning, risk assessment, Stampone, 2019). Auditors must carefully account
and gathering audit evidence, as each stage for factors such as transaction dates, estimation
interacts with the recorded data. Blockchain could methods, and underlying assumptions.

No. 1(177)/2025 203

 Georgiana-Iulia LAZEA (TRIFA), Ovidiu-Constantin BUNGET,
Anca-Diana BĂLAN, Mircea Ștefan SOLOVĂSTRU

To address these risks, auditors have specific risk Control risks. Controls are procedures designed to
assessment procedures available for evaluating mitigate risks and ensure an organisation achieves
crypto assets, which include: 1) verifying balances its operational goals, maintains accurate financial
within cryptocurrency wallets and trading accounts; records, and adheres to legal and regulatory
2) confirming asset ownership via third-party requirements (Rooney, Aiken & Rooney, 2017).
validation; 3) reviewing whitepapers and trading Due to digital assets' technical complexities and
contracts; and 4) assessing internal controls security challenges, companies face unique control
related to the safeguarding of cryptocurrency risks regarding cryptocurrencies. Many companies
holdings (Ozeran & Gura, 2020). lack strong internal controls for securing digital
Assessing the completeness of cryptoassets and wallets or ensuring proper accounting for
related transactions can be challenging due to cryptocurrency transactions, leaving them
public keys and addresses lacking transparency. vulnerable to hacking or fraud.
The risk of inadvertently overlooking a wallet Control risks refer to the possibility that an
owned by the entity may affect financial statements organisation’s internal controls (Smith &
(Ozeran & Gura, 2020). A significant risk is the loss Castonguay, 2020) may fail to prevent or detect
of private keys, leading to access loss. Backup issues in financial reporting. They arise from the
policies and segregation of duties can reduce this absence or failure of internal controls to mitigate
risk (Ozeran & Gura, 2020). inherent risks. Examples of control risks in this
Another inherent risk is the blockchain's context include inadequate access controls, weak
vulnerability to manipulation by a majority holder. cryptography features, and a lack of proper
This could lead to fraudulent transactions, validation controls (Bonyuet, 2020). Additionally,
compromised data integrity, and potential financial unauthorised access to private keys – a critical
losses (Bonyuet, 2020). Additionally, the security measure for cryptocurrency holdings –
cryptocurrency environment may attract risk- represents a significant control risk that could result
tolerant individuals, and inexperience in this field in substantial financial misstatements if not
can lower auditor confidence. Auditors with adequately managed (Harrast, McGilsky & Sun,
experience in cryptocurrency perceive less 2022; Gurdgiev & Fleming, 2021).
inherent risk, possibly due to their ability to A notable control risk specific to blockchain
effectively identify and weigh relevant information environments is the pseudonymous nature of
cues (Harrast, McGilsky & Sun, 2022). cryptocurrency transactions, which presents
The authors consider that relying solely on data challenges in accurately recording and reporting
analytics for testing is another inherent risk, as it financial transactions (Harrast, McGilsky & Sun,
may lead to overconfidence in the accuracy of 2022). This highlights the need for robust internal
financial statements. controls, as auditors often rely on these controls to
accurately assess a company’s financial health
To mitigate the risk of misstatements, companies (Bellucci, Cesa Bianchi & Manetti, 2022; Fuller &
would likely implement robust internal controls to Markelevich, 2020; Dyball & Seethamraju, 2022;
prevent material errors. For cryptoassets, these Bauer et al., 2023).
controls would involve rigorous multi-stage reviews
of the assumptions used in valuation (Smith, While blockchain technology is still relatively new,
Petkov & Lahijani, 2019). Comprehensive audit internal auditors must adapt their approaches to
procedures are essential for mitigating detection evaluate it while adhering to established
risk, and in some cases, auditors may need to professional standards. As Rooney, Aiken, and
engage high-cost valuation specialists. This Rooney (2017) suggest, such adaptation will
increased scrutiny can significantly raise audit enable auditors to provide reliable assurance
costs, impacting new and existing client despite the unfamiliar territory of blockchain. The
engagements (Smith, Petkov & Lahijani, 2019; dependence on a blockchain system, however,
Bonyuet, 2020). introduces additional audit risks associated with the
controls over the information it contains. Auditors

204 AUDIT FINANCIAR, year XXIII

Navigating Auditing Risks in the Crypto Asset Landscape

must carefully assess these controls to understand challenge, which makes consistent application of fair value
the audit risks related to blockchain-based financial accounting difficult.
data (Fuller & Markelevich, 2020). Both companies and their external auditors struggle to
To effectively assess blockchain-based systems, value these assets accurately. Additionally, verifying the
internal audit teams should invest in training to existence and completeness of these assets can be
understand the technology and engage in the early complex due to the subjective nature of the information,
planning stages of blockchain applications. This making valuation and asset verification highly risky for
enables auditors to conduct real-time audits and auditors (Smith, Petkov & Lahijani, 2019).
provide timely insights, enhancing their value to
organisations. Standards bodies should also
develop guidelines to ensure blockchain Fraud risks. Cryptocurrencies’ pseudonymous nature
applications meet governance principles and creates a potential for fraud, such as asset
deliver the promised value. Internal auditors’ deep misappropriation, transaction manipulation, money
understanding of the business context is essential laundering and illicit financing. This anonymity allows for
for effectively assessing governance, risk, and behaviours like underreporting income, which can
control environments. complicate audit and compliance efforts.
Challenges in adopting blockchain include issues related However, blockchain’s transparent ledger allows stakeholders
to scalability, flexibility, and compliance with statutory to independently verify and audit financial transactions,
requirements, which can impact audit effectiveness. reducing the risk of fraud, manipulation, or misrepresentation.
Auditors relying on blockchain systems must ensure these This transparency also promotes participant accountability
systems incorporate strong access and validation controls (Proelss, Schweizer & Sevigny, 2024).
to mitigate the risk of undetected errors or fraud (Bonyuet, As noted by Bennett et al. (2020), the use of smart contracts
2020). With real-time transaction visibility, blockchain- further supports transparency in crypto trading. Real-time
based applications can enable auditors to conduct data from blockchain technology enables more timely
continuous audits and provide timely insights. For this to reporting and assurance, allowing accountants and auditors
be effective, internal audit teams should invest in training to monitor fraud risks and evaluate IT controls effectively.
to understand blockchain technology thoroughly.
Internal audits have been shown to reduce organisational Regulatory and compliance risks. The evolving regulatory
risk and improve performance. Carcello et al. (2020) found landscape for cryptocurrencies poses significant compliance
that internal audits are associated with lower perceived challenges. Therefore, companies may unintentionally fail to
risk and higher performance ratings, enhancing meet tax or accounting regulations, exposing them to legal
operational effectiveness. This insight further underscores and audit risks. Despite regulatory efforts, cryptocurrency
the importance of comprehensive audit procedures, transactions' global and pseudonymous nature complicates
especially as companies integrate blockchain applications. enforcement, as cross-border exchanges and anonymous
Therefore, to provide accurate and reliable assurance on transactions hinder individuals' or companies' tracking
the effectiveness of governance, risk management, and (Harrast, McGilsky & Sun, 2022).
internal controls in blockchain environments, internal Audit standard setters face difficulties keeping pace with
auditors must have a comprehensive understanding of cryptocurrencies' rapid technological advancements.
blockchain technology and its applications (Rooney, Aiken Traditional, lengthy processes for updating audit standards
& Rooney, 2017). are ill-suited for such fast-evolving technologies. To maintain
public trust, standards must adapt quickly to match the speed
Valuation risks. Valuing cryptocurrencies presents at which entities adopt and implement these new
significant challenges due to their speculative nature, technologies (Bennett et al., 2020).
extreme price fluctuations (Tzagkarakis and Maurer, Table no. 1 summarises the challenges regarding crypto
2023), and lack of standardised accounting treatment. The asset transactions, the risk category, and the risk
accurate valuation of cryptoassets is a significant mitigation strategy that should be considered when
planning and conducting an audit.

No. 1(177)/2025 205

 Georgiana-Iulia LAZEA (TRIFA), Ovidiu-Constantin BUNGET,
Anca-Diana BĂLAN, Mircea Ștefan SOLOVĂSTRU

Table no. 1. Risk mitigation strategies for crypto assets – Auditor perspective
Challenges Risks Risk Mitigation Strategy
Vulnerability to transaction Auditor involvement in transaction validation (Bonyuet, 2020).
manipulation
Misappropriation of assets and Blockchain offers excellent immunity to data security risks
fraudulent misreporting because modifying all copies simultaneously would be
impossible (Fuller & Markelevich, 2020).
Absence of mechanisms to track Develop an appropriate mechanism to track transactions.
transactions in multiple ledgers
Difficulty in determining the crypto Research and apply appropriate valuation methods for
value cryptocurrencies, considering market capitalisation, trading
volume, and underlying technology.
Unauthorised private key access Identifying who controls the keys and the minimum number of
users needed to authorise a transaction (Harrast, McGilsky &
Sun, 2022).
Unsecured private key Inherent risk Understanding cryptocurrency exchange interactions and
balance verification (AICPA, 2024).
Unaccounted crypto wallet Implement robust security measures such as multi-factor
authentication and regular security audits.
Unidentified related-party Ensure that clients disclose relevant information about
transaction cryptocurrency transactions.
Misrepresentation of ownership Implement robust Know Your Customer (KYC) and Anti-Money
Auditing risks

Laundering (AML) procedures to verify users' identities and

prevent fraud (Lazea, Bunget & Lungu, 2024).
Lost private key Educate clients about the importance of proper key
management and backup practices, including backup policies
and segregation of duties (Ozeran & Gura, 2020).
Crypto sent to the wrong address Educate clients about verifying recipient addresses and the
potential consequences of errors.
Lack of flexibility and error Correcting an error requires adding a new entry to the
correction blockchain, which other users must validate. Add a new block
to indicate that the old data is incorrect and has been replaced
(Abdennadher et al., 2022).
Heavy signature verification for Consensus process to validate and add transactions to the
transactions ledger (Abdennadher et al., 2022).
Evaluate blockchain as a ledger Control risk Determine its reliability and relevance and verify the entity's
ownership of wallet addresses (Alhasana & Alrowwad, 2022).
Identify potential fraud Develop double-booking balances or provide wallet addresses
to multiple auditors (Alhasana & Alrowwad, 2022).
Assess custody Determine whether the entity has exclusive control of the digital
assets or relies on third-party providers, considering
cybersecurity risks (Alhasana & Alrowwad, 2022).
Fluctuation in cryptocurrency value Introduce real-time valuation techniques and use stablecoins or
other hedging instruments to minimise volatility.
Valuation risk
Lack of established valuation Develop standardised valuation models for digital assets.
models
Risky crypto trading Introducing smart contracts (Bennett et al., 2020).
Money laundering Know Your Customer (KYC) and Anti-Money Laundering (AML)
Related risks

Fraud risk
regulations to help identify and track illicit transactions (Lazea,
Bunget & Lungu, 2024).
Regulatory changes More certain and unified regulations.
Regulatory and
GDPR protects consumer data compliance risk The current focus is resolving the conflict between GDPR and
blockchain technology (Arnold, 2018).
Source: authors’ projection, 2024

206 AUDIT FINANCIAR, year XXIII

Navigating Auditing Risks in the Crypto Asset Landscape

Conclusion through every transaction step, auditors can identify

anomalies or irregular patterns that may indicate
The metaverse has profound implications for the future of fraudulent activity.
auditing. As this technology evolves, auditors must adapt Moreover, smart contracts can automate certain audit
their approaches to address the unique challenges and procedures, such as compliance checks and validation.
opportunities it presents. This includes rethinking audit This automation not only increases efficiency but also
planning, evidence gathering, and risk assessment to fit reduces the risk of human error, which can lead to
the metaverse landscape (Pandey & Gilmour, 2024). oversight in detecting fraudulent transactions.
One of the core questions auditors face is RQ1: What are the A third pivotal inquiry is RQ3: How can technological
most significant audit risks associated with crypto assets and advancements, such as blockchain auditing tools, help
cryptocurrency transactions? While blockchain offers various minimise the risks associated with crypto asset audits? To
potential benefits, auditors must carefully evaluate the harness these opportunities, auditors should engage in
inherent, control and valuation risks linked with its adoption. A the development of new standards and actively participate
balanced approach that combines traditional audit techniques in the evolution of blockchain technology. This involves
with modern data analytics while addressing security and suggesting appropriate audit modules, enhancing their
validation concerns is essential to ensure the reliability of technical skills, and utilising artificial intelligence to boost
financial reporting. efficiency.
Another crucial consideration is RQ2: How does using Key objectives for auditors include verifying digital
blockchain technology impact the audit process, signatures, designing effective audit strategies,
particularly verifying transactions and detecting fraud? To collaborating with regulatory bodies, and ensuring
address this problem, blockchain technology significantly adequate cyber and software auditing.
impacts the audit process by enhancing transaction
transparency, traceability, and reliability. One of the most In summary, auditing crypto assets is challenging due to
notable advantages of blockchain is its decentralised unique risks, control issues, valuation complexities, and
nature, which allows all participants in the network to rapidly advancing technology. Continued research into
access the exact version of the transaction ledger. In these obstacles and creating a solid auditing framework
terms of fraud detection, blockchain technology facilitates for this type of asset are essential to maintaining accurate
a more proactive approach. With its ability to track assets and dependable financial reporting in this evolving field.

Bibliography

1. Abdennadher, S. et al. (2022) The effects of 1(42): 154-161, Available at:

blockchain technology on the accounting and https://doi.org/10.55643/fcaptp.1.42.2022.3727.
assurance profession in the UAE: an exploratory 4. Alsalmi, N., Ullah, S. and Rafique, M. (2023)
study, Journal of Financial Reporting and Accounting for digital currencies, Research in
Accounting. Available at: International Business and Finance. Elsevier Ltd.
https://doi.org/10.1108/JFRA-05-2020-0151. Available at: https://doi.org/10.1016/
2. AICPA, A.I. of C.P.A. (2024) Accounting for and j.ribaf.2023.101897.
auditing of digital assets. Available at: 5. Angeline, Y.K.H. et al. (2021) Accounting Treatments
https://www.aicpa-cima.com/resources/download/ for Cryptocurrencies in Malaysia: The Hierarchical
accounting-for-and-auditing-of-digital-assets- Component Model Approach, Asian Journal of
practice-aid-pdf. Business and Accounting. 14(2), pp. 137-171,
3. Alhasana, K.A.H. and Alrowwad, A.M.M. (2022) Available at: https://doi.org/10.22452/
National Standards of Accounting and Reporting in ajba.vol14no2.5.
the Era of Digitalization of the Economy, Financial 6. Arnold, A. (2018) Can Blockchain Help Brands
and credit activity problems of theory and practice. Become GDPR Compliant?, Forbes, December,

No. 1(177)/2025 207

 Georgiana-Iulia LAZEA (TRIFA), Ovidiu-Constantin BUNGET,
Anca-Diana BĂLAN, Mircea Ștefan SOLOVĂSTRU

Available at: https://www.forbes.com/sites/ 43-56. Available at: https://doi.org/10.2308/ISSUES-

andrewarnold/2018/11/20/can-blockchain-help- 19-049.
brands-become-gdpr-compliant/. 17. Dyball, M.C. and Seethamraju, R. (2021) Client use
7. Atik, A. and Kelten, G.S. (2021) Blockchain of blockchain technology: exploring its (potential)
Technology and Its Potential Effects on Accounting: impact on financial statement audits of Australian
A Systematic Literature Review, Istanbul Business accounting firms, Accounting, Auditing and
Research. October, Available at: Accountability Journal. October, vol. 35(7), pp: 1656-
https://doi.org/10.26650/ibr.2021.50.806870. 1684, Available at: https://doi.org/10.1108/AAAJ-07-
8. Bauer, T.D. et al. (2024) Cataloging the Marketplace 2020-4681.
of Assurance Services, Auditing: A Journal of 18. Fuller, S.H. and Markelevich, A. (2020) Should
Practice & Theory, 43(3): 49-75, Available at: accountants care about blockchain?, Journal of
https://doi.org/10.2308/AJPT-2022-196. Corporate Accounting and Finance. September,
9. Bellucci, M., Cesa Bianchi, D. and Manetti, G. (2022) Available at: https://doi.org/10.1002/jcaf.22424.
Blockchain in accounting practice and research: 19. Gomaa, A.A., Gomaa, M.I. and Stampone, A. (2019)
systematic literature review, Meditari Accountancy A transaction on the blockchain: An AIS perspective,
Research. 30(7):121-146, Available at: intro case to explain transactions on the ERP and
https://doi.org/10.1108/MEDAR-10-2021-1477. the role of the internal and external auditor, Journal
10. Bennett, S. et al. (2020) Blockchain and of Emerging Technologies in Accounting. 16(1),
Cryptoassets: Insights from Practice, Accounting Available at: https://doi.org/10.2308/jeta-52412.
Perspectives. 19(4), Available at: 20. Gurdgiev, C. and Fleming, A. (2021) Informational
https://doi.org/10.1111/1911-3838.12238. efficiency and cybersecurity: Systemic threats to
11. Bonyuet, D. (2020) Overview and Impact of blockchain applications, in ”Innovations in Social
Blockchain on Auditing, International Journal of Finance”. Springer, pp: 347-372, Available at:
Digital Accounting Research. Vol. 20, pp. 31-43, https://doi.org/10.1007/978-3-030-72535-8_16.
Available at: https://doi.org/10.4192/1577-8517- 21. Harrast, S.A., McGilsky, D. and Sun, Y. (2022)
v20_2. Determining the Inherent Risks of Cryptocurrency: A
12. Buhussain, G. and Hamdan, A. (2023) Blockchain Survey Analysis, Current Issues in Auditing. 16 (2):
Technology and Audit Profession, în: Emerging A10–A17, Available at: https://doi.org/10.2308/CIIA-
Trends and Innovation in Business and Finance, 2020-038.
Available at: https://doi.org/10.1007/978-981-99- 22. IAASB, I.A. and A.S.B. (2009) ISA 320 materiality in
6101-6_52. planning and performing an audit.
13. Carcello, J.V. et al. (2020) Are Internal Audits 23. IAASB, I.A. and A.S.B. (2019) ISA 315 identifying
Associated with Reductions in Perceived Risk?, and assessing the risks of material misstatement.
Auditing: A Journal of Practice & Theory, 39(3), pp. 55- 24. Kampakis, S. (2022) Auditing Tokenomics: A Case
73, Available at: https://doi.org/10.2308/ajpt-19-036. Study and Lessons from Auditing a Stablecoin
14. Coyne, J.G. and McMickle, P.L. (2017) Can Project, Journal of The British Blockchain
Blockchains Serve an Accounting Purpose?, Journal Association. April, vol. 5, no. 2, Available at:
of Emerging Technologies in Accounting. 14(2), https://doi.org/10.31585/jbba-5-2-(1)2022.
Available at: https://doi.org/10.2308/jeta-51910. 25. Klopper, N. and Brink, S.M. (2023) Determining the
15. Dai, J. and Vasarhelyi, M.A. (2017) Toward Appropriate Accounting Treatment of
Blockchain-Based Accounting and Assurance, Cryptocurrencies Based on Accounting Theory,
Journal of Information Systems. 31(3), Available at: Journal of Risk and Financial Management.
https://doi.org/10.2308/isys-51804. 16(9):379, Available at:
16. Dunn, R.T., Jenkins, J.G. and Sheldon, M.D. (2021) https://doi.org/10.3390/jrfm16090379.
Bitcoin and Blockchain: Audit Implications of the 26. Lazea, G.-I., Bunget, O.-C. and Lungu, C. (2024)
Killer Bs, Issues in Accounting Education, 36(1), pp. Cryptocurrencies’ Impact on Accounting: Bibliometric

208 AUDIT FINANCIAR, year XXIII

Navigating Auditing Risks in the Crypto Asset Landscape

Review, Risks, 12(6), pp. 94. Available at: Available at: https://timreview.ca/sites/default/files/
https://doi.org/10.3390/risks12060094. Issue_PDF/TIMReview_October2017.pdf.
27. Liu, M., Wu, K. and Xu, J.J. (2019) How Will Blockchain 36. Sheldon, M.D. (2023) Preparing Auditors to Evaluate
Technology Impact Auditing and Accounting: Blockchains Used to Track Tangible Assets, Current
Permissionless versus Permissioned Blockchain, Issues in Auditing. 18(2): 1-22. Available at:
Current Issues in Auditing, 13(2), pp. A19-A29. https://doi.org/10.2308/CIIA-2023-014.
Available at: https://doi.org/10.2308/ciia-52540. 37. Smith, S.S. (2023) The cryptoasset auditing and
28. Lombardi, R. et al. (2022) The disruption of accounting landscape, in: “The Emerald Handbook
blockchain in auditing – a systematic literature on Cryptoassets: Investment Opportunities and
review and an agenda for future research, Challenges”. Emerald Publishing Ltd. January, pp.
Accounting, Auditing and Accountability Journal. 13-24, Available at: https://doi.org/10.1108/978-1-
35(7):1534-1565, Available at: 80455-320-620221002.
https://doi.org/10.1108/AAAJ-10-2020-4992. 38. Smith, S.S. and Castonguay, J.J. (2020) Blockchain
29. Makurin, A. et al. (2023) Management of and Accounting Governance: Emerging Issues and
Cryptocurrency Transactions from Accounting Considerations for Accounting and Assurance
Aspects, Economics ecology socium. 7(3): 26-35, Professionals, Journal of Emerging Technologies in
Available at: https://doi.org/10.31520/2616- Accounting. November, Available at:
7107/2023.7.3-3. https://doi.org/10.2308/jeta-52686.
30. Ozeran, A. and Gura, N. (2020) Audit and 39. Smith, S.S., Petkov, R. and Lahijani, R. (2019)
accounting considerations on cryptoassets and Blockchain and Cryptocurrencies – Considerations
related transactions, Economic Annals-XXI. 184 (7- for Treatment and Reporting for Financial Services
8), 124-132. Available at: Professionals, International Journal of Digital
https://doi.org/10.21003/ea.V184-11. Accounting Research. Available at:
https://doi.org/10.4192/1577-8517-v19_3.
31. Pan, L., Vaughan, O. and Wright, C.S. (2023) A
Private and Efficient Triple-Entry Accounting Protocol 40. Tan, B.S. and Low, K.Y. (2019) Blockchain as the
on Bitcoin, Journal of Risk and Financial Database Engine in the Accounting System,
Australian Accounting Review, 29(2), pp. 312-318.
Management. 16(9):400, Available at:
Available at: https://doi.org/10.1111/auar.12278.
https://doi.org/10.3390/jrfm16090400.
41. Tzagkarakis, G. and Maurer, F. (2023) Horizon-
32. Pandey, D. and Gilmour, P. (2024) Accounting meets Adaptive Extreme Risk Quantification for
metaverse: navigating the intersection between the real Cryptocurrency Assets, Computational Economics.
and virtual worlds, Journal of Financial Reporting and 62(3):1-36, Available at:
Accounting. 22(2):211-226 Available at: https://doi.org/10.1007/s10614-022-10300-3.
https://doi.org/10.1108/JFRA-03-2023-0157.
42. van Eck, Nees Jan, and Waltman, L. (2023) VOSviewer
33. Pimentel, E. and Boulianne, E. (2020) Blockchain in Manual. Available at: https://www. vosviewer.
Accounting Research and Practice: Current Trends com/documentation/Manual_ VOSviewer_ 1.6.20.pdf
and Future Opportunities, Accounting Perspectives. (accessed on October 31, 2024).
19(4), 325-361. Available at: 43. Vincent, N.E. and Wilkins, A.M. (2020) Challenges
https://doi.org/10.1111/1911-3838.12239. when Auditing Cryptocurrencies, Current Issues in
34. Proelss, J., Schweizer, D. and Sevigny, S. (2024) Is Auditing, 14(1), pp. A46-A58. Available at:
Bitcoin ESG-Compliant? A sober look, European https://doi.org/10.2308/ciia-52675.
Financial Management. Vol. 30, no. 2, pp. 680-726. 44. White, B.S., King, C.G. and Holladay, J. (2020)
Available at: https://doi.org/10.1111/eufm.12451. Blockchain security risk assessment and the auditor,
35. Rooney, H., Aiken, B. and Rooney, M. (2017) Q&A. Journal of Corporate Accounting & Finance, 31(2),
Is Internal Audit Ready for Blockchain?. Technology pp. 47-53. Available at:
Innovation Management Review. 7(10):41-44. https://doi.org/10.1002/jcaf.22433.

No. 1(177)/2025 209