Once a new frontier maintained by a small group of early adopters, increased activity for digital assets (cryptocurrencies) such as Bitcoin and non-fungible tokens (NFTs), have become a boom for many organizations and that increasing acceptance has boosted the variety of offerings and encouraged the interest of investors.
By early August of this year, capitalization of the crypto market reached $1.8 trillion, more than two times the market cap at the beginning of the year. And in the first six months of 2021, 548 investment activities were conducted in the blockchain and crypto sector with a total value of $8.7 billion,[1] already double the value of investment deals from 2020. With increasing maturity, companies and regulators alike expect these numbers to continue to grow.
A solid foundation in governance, accounting, and internal controls will translate into a smoother process and help companies manage, account for, and control the risks and rewards that come with digital assets.
Robert Sledge
Partner, KPMG LLP
Before making the jump into this growing market, boards of companies considering direct investments in digital assets should evaluate how their corporate governance, accounting procedures, and internal controls will need to be updated to support successful investment strategies:
There are various ways a company may be exposed to digital assets. These alternatives each present their own operational, accounting, tax, and regulatory considerations. As companies implement blockchain technologies, including using cryptocurrencies for business receipts, disbursements, and investments, they should expect changes to their financial statements and audits.
Since there are no generally accepted accounting principles in the United States (U.S. GAAP) specific to "digital assets," a company that takes an investment position in digital assets may end up applying accounting guidance that was not written with digital assets in mind, and the decision to make a material investment in digital assets may be of heightened interest to its external stakeholders, including investors and regulators.
Prior to a transaction, companies should set up a clear investment strategy to guide their activities in the space, clearly identifying the purpose of the investment. A formal policy should consider:
Many popular digital assets, including Bitcoin, Bitcoin Cash, Litecoin, and Ethereum, inherently provide no contractual rights to cash or other assets to the holder. For instance, ownership of Bitcoin simply represents a quantity represented on the Bitcoin blockchain. Cryptocurrencies like Bitcoin would typically be accounted for as indefinite-lived intangible assets under U.S. GAAP.[1] That means, unlike investment companies or broker-dealers that qualify for specialized accounting, the company would carry its investments in such assets at cost, subject to an ongoing evaluation of impairment when market prices decline below the initial investment basis. Once written down for impairment, the assets are not written back up even when market prices increase.
Some digital assets, such as stablecoins, may instead be accounted for as financial assets, because they provide the holder with a contractual right to cash or another financial instrument. A close evaluation of the form and substance of the digital asset acquired is therefore important.
Additional considerations may include:
Often, rather than taking direct responsibility for securing the private keys associated with the digital assets, companies may involve a third party (e.g., an exchange or custodian). Involvements with third parties require an additional level of analysis to understand whether the company owns the digital assets (and they are just being custodied by the third party on the company’s behalf) or whether instead the company has a contractual receivable or other right from the third party that is tied to the value of a digital asset but does not represent current ownership of the digital asset itself. This analysis should involve an evaluation of the contractual agreement(s) between the company and the third party, as well as relevant laws, regulations, and legal precedents. The form of the interest can impact the accounting.
Even when a digital asset is accounted for as an intangible asset, ongoing evaluation of the fair value of the digital asset is necessary for impairment testing. Fair value measurements are determined in the context of an asset’s principal market under U.S. GAAP, and determining fair value may require evaluation and consideration of data from multiple sources. While some digital assets trade regularly and in high volume (e.g., Bitcoin) and may have clear indications of fair value, others may not.
Companies considering exposure to digital assets should establish policies and controls around:
Additionally, companies should establish a validation process that ensures all transactions fall under the authorized types of transactions under the investment policy.
For example, a company may implement segregation of duties specific to digital asset transactions. In this instance, companies should examine whether existing controls for treasury functions are sufficient for wire transfers for digital asset transactions, and who can authorize different steps in the transactions, since companies may wish to avoid scenarios where individuals who can unilaterally approve wire transfers also complete transactions and create a wallet for asset storage.
For IT systems, companies should evaluate whether applications are home grown and customized or provided by third parties. Then, they should analyze who should have access to those applications and how. Understanding how IT system controls integrate and work with controls at the exchange or custodian level will also be important.
SOC I reports represent another consideration, when controls at a third party constitute a part of the company’s internal control system. When engaging in this emerging space, it’s important to evaluate whether a service organization such as a custodian or an exchange has a SOC report, usually a SOC I Type II attestation report; whether it provides details on the transaction process, such as how private keys are created and how the assets are stored post-trade; and what end-user controls are in place and how they work with controls at the service organization. The absence of an appropriate attestation report may require the company to perform additional procedures to validate that the custodian has appropriately handled company assets.
Accounting standard setters are facing calls to create standards for reporting of digital assets, and the industry continues to evolve rapidly. With this backdrop, companies adopting a digital asset investment policy for the first time, should prepare to transact in a thoughtful way. A solid foundation in governance, accounting, and internal controls will translate into a smoother process and help companies manage, account for, and control the risks and rewards that come with digital assets.
[1] KPMG International, Pulse of Fintech H1’21, August 2021, https://kpmg.com/kpmg-us/content/dam/kpmg/pdf/2021/pulse-of-fintech-h1.pdf.