July 23, 2024

Accounting, Auditing and the Coming Wave of Crypto

Cryptocurrency is burrowing deeper and deeper into the U.S. and international banking and finance system, and that means auditors and accountants need to understand crypto and the technology underlying it. Or at least know how to find reputable and knowledgeable experts who do understand it.

 

One of the most important things to understand is that crypto is complex and that once you get past bitcoin and ether, there are several hundred tokens large enough to be called mainstream (and tens of thousands in all) and clients can use them in a wide variety of ways.

 

As an auditor, it’s vital to know who your client is and what they are doing with that token. Is it an investment? A holding? Is it used for payments? Is it a cost? It all depends on what your client is using it for. Beyond that, are they incorporating blockchain technology into their systems, and if so are they using public or private blockchains? The differences can be dramatic.

 

The first challenge of accounting and auditing crypto clients is knowing what you don’t know. It’s important to recognize the risk of overconfidence in deciding whether to accept a client that is using cryptocurrencies or blockchain technology in their operations

 

The FASB Chimes In

 

In December 2023, the Financial Accounting Standards Board (FASB) issued standards on Accounting for and Disclosure of Crypto Assets effective for all entities for fiscal years beginning after December 15, 2024. Crypto assets must be measured “at fair value each reporting period with changes in fair value recognized in net income.”

 

It also requires “disclosure about significant holdings, contractual sale restrictions, and changes during the reporting period.”

 

The key difficulty for auditors and accountants is going to be establishing that fair value, as the price of crypto assets can and generally does shift wildly — even relatively stable bitcoin regularly fluctuates as much as 5% to 10% on a weekly, and sometimes daily, basis.

 

Most of these tokens are not going to be Level 1 on the hierarchy of fair value. A lot of the activity for these types of tokens is probably going to be Level 2 or Level 3. You have to get experts to come in and help you.

 

While the top exchanges and crypto asset price-tracking websites can offer solid numbers, even they tend to differ somewhat. But you’ll need to look at several of the most advantageous markets to get an idea of where the range is.

 

Which leads to a second big difficulty: There are many exchanges with shaky if not shady numbers, due to factors ranging from widespread wash trading to flat out fake volume, to say nothing of other forms of market manipulation.

 

Challenges of Auditing Crypto

 

At the highest level, blockchain technology isn’t that difficult to grasp, but crypto gets staggeringly complex fairly quickly. You can’t do it alone.

 

One challenge is that auditors and accountants with experience and expertise in the field are in high demand. Finding those experts takes work, so obtaining expert training and education for auditing staff is a top priority. It’s important to realize that many of the experts have not gravitated towards the larger public accounting firms. A number of small and mid-sized firms have built niches in the field.

 

Look for accountants and auditors who are already dealing with actual transactions and clients, and even those involved with industry organizations or in the policymaking that’s going on in the U.S. and EU.

 

A second challenge is that the rules are not all that clear. In the U.S., the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) are attempting to regulate crypto under existing law while Congress works on crypto-specific bills. Regulation by litigation remains a common industry complaint. The EU is ahead, with the European Securities and Market Authority’s (ESMA) just now implementing the Markets in Crypto Assets (MiCA) regulations that came into effect on June 30.

 

A third challenge is understanding what the client is doing. What types of crypto they are using and how are they using it? Are they working with public or private blockchains? Are they holding crypto or using it for transactions? What type of internal controls do they have? How are they safeguarding the private keys that control their tokens—which are, after all, bearer instruments?

 

There are other complexities. The pseudo-anonymity of blockchain users can cloud the identity of developers and investors, including perfectly respectable ones. Which doesn’t help in a field in which criminal involvement with crypto remains a substantial problem, as does theft by hackers.

 

In conclusion, it’s worth noting that plenty of companies inside the blockchain and crypto industry itself say they have trouble finding auditors and accountants with the necessary expertise. Becoming one of those experts requires investing time and money in education about a field in which the rules are still being written and the technology keeps growing. But if you are able to accept those clients, it’s a wide open field.


Collemi Consulting leverages almost three decades of experience in providing trusted technical accounting and auditing expertise when you need it the most. Salvatore A. Collemi, CPA, Managing Member & Founder, is regarded as an industry leader and subject matter expert by various organizations and media outlets. To schedule an appointment to see how we might work together, contact us at (732) 792-6101.


The Different Types of Cryptocurrencies:

 

●     Payment tokens like bitcoin (BTC) have an arbitrary and fluctuating value, but are intended to be used for payments. Although the number of merchants accepting crypto directly is small, payments firms like Mastercard, PayPal, Square and Stripe all have the infrastructure to support it.

●     Stablecoins like No. 1 tether (USDT) and No. 2 USD coin (USDC) are, developers say, backed one-to-one by dollars and cash equivalents securities like Treasury Bonds. These tokens are at the core of most crypto transactions: They are used for buying and selling most of the 22,000 or so cryptocurrencies, parking funds intended for crypto investment, and as a payment token. (Complex and dangerous algorithmic stablecoins are unbacked — a whole different beast.)

●     Utility tokens like the No. 2 blockchain Etherium’s ether (ETH) have a use, like paying for a transaction, accessing a service, or voting on the governance of a blockchain. They are generally capable of using self-executing smart contracts.

●     Security tokens account for almost all cryptocurrencies except bitcoin and ether according to the SEC, which deems almost all to be securities. Industry lawsuits disagree.

●     Nationally issued Central Bank Digital Currencies (CBDC) are being at least studied by more than 100 central banks, including all of the major ones, the Bank for International Settlements (BIS) said in June. CBDCs are gaining ground in part as a way to stave off the potential for widespread use of privately issued stablecoins by consumers.

●     Memecoins are jokes turned into value, with Elon Musk-favored Dogecoin’s market cap of nearly $18 billion based on a Shiba Inu dog gag gone viral.

●     NFTs are non-fungible tokens that don’t meet the FASB’s definition of a crypto asset, generally hosting art, video or other unique content. That said, they can also be loaded with securities and with fractional ownership shares — real-world art and real estate have been tried, but without much traction so far.

AI Has Come to Auditing: Are You Ready?

December 1, 2025
Artificial intelligence (AI) is now becoming more of a part of the auditing process, and if you’re not using it, it’s time to start! The benefits are huge, starting with the ability to automate repetitive tasks, review all data rather than sampling, and allow real-time auditing. AI is not the future of auditing, it’s here now! AI is fundamentally changing the nature of auditing, and you’ve got to become comfortable with that. If your continuing professional education (CPE) schedule doesn’t include learning about AI and its strengths and weaknesses, it should. There are plenty of resources available from organizations like the Institute of Internal Auditors , the Center for Audit Quality (CAQ) and the American Institute of Certified Public Accountants’ (AICPA) CPA.com . Auditors must now understand how AI systems work, what data they use, and where biases might occur. That said, what AI is not is a replacement for human auditors along with their professional judgment and skepticism. It’s a tool for humans to use. A big, game-changing tool, but it’s a tool nonetheless. But the key to success is that auditors must remain central to the process. This changes everything Auditing is changing from a process defined by manual data checks, sampling, and periodic reviews to one based on automation, analytics and continuous insight. First of all, AI can automate routine work like data entry, reconciliation and report generation, reducing the risk of manual errors and freeing up auditors to spend more time on more complex activities that require critical thinking. Second, AI and machine learning tools can comb through mountains of data — including live data — and flag anomalies, spot unusual patterns and potential risks, and generally make compliance lapses and fraud signals easier to detect. AI also learns from the data it reviews, making it easier to flag suspicious patterns and transactions that are outside of the norm as its experience grows. Third is that AI means eventually the end of audit sampling, as AI tools can look at the whole data set in a way that human auditors cannot possibly do and immediately find the “needle in the haystack”! Fourth, that live data part is another key benefit of AI: real-time, continuous auditing is now possible. Instead of spending weeks or months reviewing records, exception reporting can happen immediately, giving management time to take corrective action before a material misstatement can occur. The result is that the relationship with clients changes from one of episodic annual reviews to continuous collaboration. That is shifting the auditor’s role from analyst to advisor. This changes nothing AI is radically changing how auditors work, but it hasn’t changed why they exist or the core responsibilities of the public accounting profession. Auditing is still focused on providing independent, reasonable assurance that financial statements do not contain any material misstatements, whether due to error or fraud. AI technology can add to auditors’ capabilities, but the core of the process still relies upon trust, transparency and accountability, which is why it is vital that auditors remain central to the process. The insights provided by AI are powerful, but their accuracy and completeness must still be determined by the review and validation of auditors applying professional skepticism and judgement. AI can flag anomalies but it cannot interpret intent, understand context or evaluate plausibility. AI can be taught to understand a client's business model, but it cannot interpret the realities that the business faces, like strategic shifts, market & cultural pressures, and regulatory environments. Data must be interpreted with human context. Also unchanged is that auditors are personally and professionally accountable for their opinions. AI is a wonderful tool, but auditors are still responsible for validating what the AI does, documenting their reliance upon those tools, and retaining control over final conclusions. Collemi Consulting leverages nearly three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101.
Man in suit typing on laptop with

Group Audit Standards Are Changing. Are You Ready?

October 1, 2025
Generally speaking, group audits should be far more common than they actually are! On top of that, the new group audit requirements kick in next year, with some major changes: They have created a whole new class of “referred-to” auditors that must be considered when performing a group audit. And it’s time and past time to start preparing for that now. The American Institute of Certified Public Accountants’ (AICPA) Auditing Standards Board (ASB) issued SAS 149 that revises the definition of a “component auditor” and takes an updated risk-based approach to planning and performing a group audit. Issued in March 2023, SAS 149 goes into effect for audits of group financial statements for periods ending on or after December 15, 2026. Before we get into that, it’s vital to know that numerous times, auditors miss the fact that a group audit is necessary in the first place. That’s because determining what is and isn’t a “component” can be simple, but it’s not always obvious. Depending on how management runs its operations, a company can be a single entity with two or more different business activities means a group audit is necessary. When dealing with a single entity, many times, auditors see a single business or business line and miss what is really a separate “component” requiring a group audit, unless they have a consolidation of two or more subsidiaries staring them in the face. The question you should be asking yourself is, does the company have multiple product lines, service lines, branches, or anything else where the CFO and the CEO of the company manage their operations by tracking the performance of those multiple product or service lines? Are there multiple locations or divisions? It doesn't necessarily mean the company has to have a subsidiary or another legal entity that they control. Auditors are required to use professional judgment to determine whether a business activity represents a component, regardless of whether it is a separate legal entity. The current standard Group financial statements can include aggregated financial information from entities or business units like branches or divisions. If business units with separate management, locations, or information systems are aggregating financial information, you need a group audit. Here are some examples: Combined financial statements, when for example two companies are owned by the same person Consolidated financial statements, in which a company owns another company A joint venture A company organized by geography, for example American, Canadian and European units, each with their own general ledger A company with different business activities where performance is tracked separately A company that reports an equity method investment on its balance sheet Look at business activities first and determine if they are significant in terms of dollar amounts, or materiality, or if there’s a high risk in that part of the operations. Follow the flow of the numbers! SAS 149 kicks in Alongside the work of component auditors cited — for whose work the group auditor is responsible — there’s a new category: Referred-to auditors These are secondary auditors, brought in to issue their own opinion on a particular part of the operations that the group auditor will reference in their work. The new group audit standards make clear that the work of the referred-to auditor is relied upon in the final group audit, but was not carried out by the group auditor. These referred-to auditors are not component auditors under the terms of SAS 149, Special Considerations — Audits of Group Financial Statements (Including the Work of Component Auditors and Audits of Referred-to Auditors). SAS 149 is effectively telling group auditors to say very clearly, “Hey, we didn’t look at this part of the operation but we are referring to and relying upon this opinion.” The new standards also make clear that component auditors are part of the engagement team, whereas referred-to auditors are not. Risks grow For all that, the addition of referred-to auditors is not SAS 149’s most significant change: It provides an updated risk-based approach to planning and performing group audits. Under the existing standard a group engagement team is required to identify significant components at which to perform audit work. However, SAS No. 149 directs the group auditor to use professional judgment in determining the components at which to perform procedures, based on assessed risks. Just like the auditor is required to use professional judgment in determining what should or shouldn’t be a group audit. Collemi Consulting leverages over three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101.
Business meeting: diverse group around a conference table, discussing, laptop in center.

Getting Involved with Boards and Committees

August 20, 2025
Once you reach a certain point in your career, say five to ten years in, it’s a good time to start getting involved with professional organizations ranging from associations, not-for-profits and state boards and committees. There are a lot of benefits to getting involved in professional organizations that start with making new relationships and even getting new clients, but go far beyond that. There are plenty of soft skills to be learned from being active in your profession. One is simply learning how to deal with businesses, professional boards and with non-profits. These are organizations that will ultimately be important to you and your practice, and knowing how to navigate them is a skill that will stand you in good stead throughout your career. A good place to start is with your local chapter of your State Society, the National Society of Accountants (NSA) and American Accounting Association (AAA), as well as your state board of accountancy . But there are others as well, even local and state Chambers of Commerce . Benefits include: Refining existing skills: You will utilize skills like financial management, budgeting and bookkeeping in new contexts. Gaining leadership and project management experience: Volunteering often means taking on leadership roles and overseeing projects. Staying current with industry trends and regulations: Staying up-to-date is a byproduct of getting involved. Expanding professional networks: Volunteering provides the opportunity to meet and build relationships with other accountants and business executives, work with leaders in your field, and meet potential mentors. Building a strong reputation: Actively contributing to a board or committee can enhance your standing within your field, which can be valuable for gaining new clients and career advancement. Increasing visibility: getting involved in projects and committees distinguishes you from peers and can demonstrate a commitment to your career. Professional development : Many organizations offer professional education courses, workshops and conferences that go beyond your required continuing professional education (CPE) requirements. Credentials and certifications: Many industry organizations offer professional certifications and credentials that can help differentiate you from your peers. All of these benefits can be tied back into your career and professional development. As your involvement grows over time, so will the benefits. You’ll develop a professional network of likeminded leaders in their fields of expertise that will help you advance your career both inside and outside of the organizations for which you volunteer. And as your commitment to these organizations grows over time, so will your leadership in them. Committee memberships will become committee leadership, with the resulting increase in visibility and prestige. Participation at events will turn into speaking opportunities and a higher professional profile. You’ll have the opportunity to influence policy and the direction of your whole industry. Your professional network will expand with higher-level and more advanced professionals within your field over time. You’ll also build a stronger resume, one that demonstrates both your commitment to your field and your expertise in it. Working with organizations outside your professional field like a chamber of commerce or local/state government can bring many of these benefits as well: Networking and meeting potential new clients, raising the profile of yourself and your firm, and simply learning how to interact with businesspeople and executives outside the profession. Five or ten years into your professional life is a good time to start branching out a little bit and do work that’s outside your firm. Beyond all this, there is a sense of personal fulfillment that giving back to your profession and community can bring. It’s important to get involved in issues that are important to you. Collemi Consulting leverages over three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101. 
A hourglass is sitting on a table next to a dollar sign.

You Have Less Than Just Six Months Left to Implement the AICPA’s New SQMS and the PCAOB’s New QC 1000 Standards

July 16, 2025
Nine months ago, we warned that two new sets of quality control and management standards were coming due on December 15, 2025 and strongly advised public accounting firms not to wait until the last minute to begin implementing them. Well, it’s now the last minute. With just six months left until the the American Institute of Certified Public Accountants’ (AICPA) new Statements on Quality Management Standards (SQMS) and the Public Company Accounting Oversight Board’s (PCAOB) new QC 1000 quality control standards go into force, there’s no time left to delay or procrastinate. Here’s a short overview of each set of standards and what’s necessary, but you can find our full blog for the AICPA’s new SQMS here , and the PCAOB’s new QC 1000 standards here . Both will require extensive effort to come into compliance. The AICPA’s SQMS The SQMS are what we here at Collemi Consulting & Advisory Services like to call the “thinking standards.” This means you really have to think it through and customize it for your attest practice, based on the type of clients you have and the services you provide, as the SQMS now takes an entirely new, risk-based approach to quality. There are now eight SQMS components, including two completely new ones: Risk Control, and Information and Communication. The new risk assessment process requires firms to establish specific quality objectives, meaning they must “identify and assess quality risks, and then they must design and implement responses to those risks that are tailored to the firm’s unique circumstances.” Information and communication requires the establishment of processes that support the SQMS, including reliable internal and external sources of information. It also mandates the creation of a culture that supports and reinforces the responsibility for sharing information with colleagues and the firm. All of the six other quality objectives have new requirements as well: ● Governance and leadership ● Relevant ethical requirements ● Acceptance and continuance of client relationships and specific engagements ● Engagement performance ● Resources (formerly Human Resources) ● Monitoring Firms have three responsibilities between now and December 15: 1) Continue using the extant standard (Statement of Quality Control Standard (SQCS) No. 8 (Redrafted) 2) Perform the risk assessment and gap analysis, and then design and implement the new standards. 3) Consult with your peer reviewer before final implementation Firms then have until Dec. 15, 2026 to carry out an annual evaluation of their new quality management system. The PCAOB’s New QC 1000 Standards The PCAOB’s new QC 1000 standard is intended to make independent registered public accounting firms who audit issuers (public companies) and broker-dealers significantly improve their quality control (QC) systems. It applies to all PCAOB-registered member firms. Those that audit more than 100 issuer clients annually have more extensive requirements to contend with. The new standard enables firms to identify their specific risks and design a quality control system, including policies and procedures to guard against those risks. The goal is to create what the PCAOB refers to as a “a continuous feedback-loop for improvement.” QC 1000 has quality control requirements that do not appear in other QC standards. They tend to be more prescriptive and more tailored to the U.S. legal and regulatory systems. There are 10 areas in which the QC 1000 goes beyond what can be found in other existing standards. These are: ● Evaluation and Reporting ● Governance and Leadership ● Ethics and Independence ● Monitoring and Remediation ● Quality Objectives ● Information and communications ● Resources ● Risk Assessment Processes ● Roles and Responsibilities ● Documentation That’s not even an exhaustive list, and it’s coming into effect at the same time as the AICPA’s SQMS. Our recommendation is to make two completely separate documents rather than trying to roll it all into one giant document. It’ll be too confusing, especially for people who might not have to audit both public companies, broker-dealers and private companies. We also advise you to appoint a separate champion within the firm for each of the two different sets of standards. Otherwise it just gets too complex. Like we said, time is running out. It’s time to get it done or get help doing it. Collemi Consulting leverages over three decades of experience to provide trusted technical accounting and auditing expertise when you need it the most. We regularly work with CPA firm leadership to help them reduce risk and maximize efficiencies. To schedule an appointment, contact us at (732) 792-6101. 
More Posts