The US audit watchdog has warned not to put too much stock in proof of reserve reports from crypto companies
So-called “proof of reserves” have become en vogue for crypto companies keen to reassure users their funds are safe — but the top US audit watchdog says they can’t be totally trusted.
The Public Company Accounting Oversight Board (PCAOB) warned in a Wednesday statement that investors and other associated parties may be placing undue reliance on proof of reserve (PoR) reports, which do not come under its oversight authority.
Independent third parties prepare proof of reserve reports for companies, such as crypto exchanges and stablecoin issuers. Those third parties often rely on information provided by companies themselves to verify reserves.
“Importantly, investors should note that PoR engagements are not audits and, consequently, the related reports do not provide any meaningful assurance to investors or the public,” the board said.
Proof-of-reserve reports claim to provide verification for assets at a certain time, but there are “significant limitations” based on the methods used, it added.
For instance, the process to gather information may exclude the crypto entity’s liabilities, the rights and obligations of digital asset holders or whether the assets have been borrowed in excess of customer demands.
These reports are not real-time and only provide a snapshot of the crypto entity’s assets at a specific moment, which could potentially be misleading for investors down the road.
In the aftermath of the FTX scandal, which saw billions in user funds allegedly misappropriated, several crypto firms established proof-of-reserve initiatives.
Ledn, Nexo, Kraken, BitMEX and Gate.io all introduced proof-of-reserve frameworks to help bolster user confidence. Binance did too, until its partner stopped servicing crypto altogether, now solely relying on a more complicated self-verification system.
The US audit watchdog also warned that top executives of crypto companies establish the procedures to be used by the third party when they conduct the audit, and might not address the adequacy of the entity’s reserves or its financial stability.
This means PoR reports aren’t uniform across the crypto ecosystem, as they don’t all use the same method.
PCAOB was recently said to be facing calls to become the regulator that supervises audits on crypto companies, according to the Wall Street Journal.
However, it has said that it can only oversee audits on public companies and SEC-registered broker dealers. Still, in 2019, the regulator set up a team to focus on emerging audit risks, including in crypto.