Abstract:
A written audit opinion on the fnancial and operational condition of an enterprise is the end result of a
backward looking independent analog and digital examination of the fnancial and operational condition of
an enterprise as well as its internal reporting controls. Audits and preparation for such are costly and time
consuming. As part of the audit process, a randomized selection of data is examined and estimated by the
independent auditor pursuant to audit procedures to assess the fairness of reporting data, which is based
in part on the representations of the management of the enterprise and subject to management’s assessment
of the adequacy and effectiveness of internal reporting controls. Current global regulatory disclosure
frameworks make the presentation of fnancial statements untimely, highly conditional and subjective.
Using a distributed ledger smart contract network with a node layer that captures, and validates a straight
through accounting treatment (“STAT”) and reporting of enterprise transaction data along with a second
node layer that independently and continuously audits and certifes every data block pursuant to SSAE
18(12) and IASE 3402(13) standards can theoretically substantiate the reduction of the time lag, conditionality
and subjectivity of enterprise data reporting and fnancial statement presentation. This process would
provide a substantial value proposition for issuers of tokens and securities as well as investors and regulators.
Such a process theoretically becomes the basis of a decentralized continuous audit and reporting protocol
ecosystem (“DCARPE™”) suitable as an infrastructure for networks of enterprises as well as constellations
of other network ecosystems.
Problem:
It has been estimated that theoretically, the larger, more complex and automated the enterprise, the
higher the likelihood that anomalies are detectable using standardized independent audit assessments, as
independently performed and will likely lead to the ability to arrive at a fair representation of system and
data integrity. Anomalies provide clues that enable the detection of error and fraud. The substantiation of
this theory is based on the relative reliability from a historical point of view of independent assessment
using these and other “through the computer” standards and methods but it’s reliability is also dependent
on the prevention of unauthorized console intervention(1). Additional audit practices suggest that the
theoretically high probability that volume, repetition and uniformity of accounting and ERP systems data is
sufciently deterministic in order to arrive at a reliable independent conclusion(2). Such conclusion is an
opinion and is based in part on written representation by management of the enterprise that are further
conditional upon and subject to management’s internal evaluation of internal reporting and disclosure controls.
To the extent that tighter regulations such as the adoption of Sarbanes-Oxley(4) have increased audit
scrutiny and the likelihood of audit liability is the extent that auditors have been able to, in subtle manner,
relinquish “ownership” liability of certain work product reports and process performance back to enterprise
management on the basis that auditor ownership of such would jeopardize independence but this is a
subjective approach, not a statutory prohibition. The deferral is conditional in part upon the level of
malpractice insurance carried by the auditor and also the confdence of the level of capabilities the auditor
possesses. The deferral also poses a risk of defeating the purpose of independent audit exercise and
review yet it is, in practice, frequent and acceptable.
In order for an audit conclusion to be reached by the auditor and for a fnal comprehensive audit
report to be issued, management of the enterprise must frst perform its own evaluation of
internal controls over fnancial reporting based on standards set by the Committee of Sponsoring
Organizations of the Treadway Commission. Management must represent, not prove, that reporting
controls are sufcient and effective and that such an evaluation was performed. Management
also needs to share their assessment with the auditor which must include a list of all material
weaknesses and defciencies identifed in the assessment.
The written conclusion of a typical comprehensive audit provides a statement by the auditor
which includes opinions on evidence of fair representations, not1 statements of accuracy. For
example; the following statement concludes the report of independent registered public
accounting frm PwC dated February 22, 2017 which is included as page 64 in the annual report of
Exxon Mobil Corporation for the period ending December 31, 2016; “Because of its inherent
limitations, internal control over fnancial reporting may not prevent or detect misstatements.
Also, projections of any evaluation of effectiveness to future periods are subject to the risk that
controls may become inadequate because of changes in conditions, or that the degree of
compliance with the policies or procedures may deteriorate”.
(3)
This is an ominous warning and illustrates the potential defciencies of both internal audit process
and independent audit process. There are clearly no assurances that material misstatements will
be detected by the enterprise nor is there an assurance that they will be detected by the auditor.
Our coverage of these subjects illustrates the highly subjective and conditional disposition of conventional
accounting, audit, reporting and disclosure standards.
Financial markets rely heavily on the expertise of the human performance of these independent review and
audit processes in order to establish trust that the results of such work will disclose, in a timely manner, an
accurate representation of fnancial assets. Furthermore, the Securities Act of 1934(9) as well as most
international securities laws require the review, audit and disclosure of the operational and fnancial
condition of such assets.
Regulatory framework only requires the enterprise or asset to provide full and fair disclosure and take
reasonable steps to assure the detection and prevention of error and fraud. As evidenced by countless
instances of fraud and the restatement of flings by publicly traded enterprises, no existing accounting,
audit or regulatory system mechanically perfects the detection and prevention of error and/or fraud in a
trustless manner.
System and Organization Control Audit “SOC”:
Service organizations such as banks, fnancial services frms and data centers rely heavily on highly
complex technology environments to capture and process data. Service organizations submit to service
organization control “SOC”(12)under standards set by SSAE 18(12) in the US and IASE 3402(13) outside the US.
Reports are issued as the result of the engagement of the services of highly specialized auditors separate
from fnancial auditors to assess the effectiveness of system controls.
SOC audits include two “Types”; In a Type I report, the service auditor will express an opinion on (1) whether
the service organization's description of its controls presents fairly, in all material respects, the relevant
aspects of the service organization's controls that had been placed in operation as of a specifc date, and
(2) whether the controls were suitably designed to achieve specifed control objectives.
In a Type II report, the service auditor will express an opinion on the same items noted above in a Type I
report, and (3) whether the controls that were tested were operating with sufficient effectiveness to provide
reasonable but not absolute assurance that the control objectives were achieved during the period specified.
SOC audit reports are performed and issued usually once per year. The rapidly changing and evolving
networked environments of 21st century business give rise to the theory that conventional standards,
methods and frequency of SOC certifcation are not sufcient. The capabilities under the required
frequency of conventional SOC standards to assess systems have not kept the pace of the current and
evolving speed of network commerce(8).
What constitutes a material event is often the culmination of a series of naturally occurring non-material
events and/or actions taken by management(8). The time lag of conventional disclosure and reporting
standards has become an opportunity for Auditchain when taking into account the evolving time
compression of the occurrence of material fnancial and operational changes and events.
Solution:
Auditchain proposes to embody an ecosystem that includes a blockchain protocol and an open source
library of accounting smart contracts sufcient to capture, process, audit and report enterprise data and
performance data on a real time continuous basis under a continuous independent audit exceeding current
accounting, audit and control standards. A public facing and/or permission based presentation layer
proposes to render in real time, at the close of every block; balance sheet, income statement, cash fow
and statement of changes in stockholders’ equity reports that has the capacity to far exceed the reliability
of existing reporting standards.
To get more accurate information, please visit the link below:
AUTHOR:
Username BTT: Damkar58
ETH Address: 0xFa468a5de2759AC15f1191d9A78240F2e7B137B0
Tidak ada komentar:
Posting Komentar