Crypto Auditors Under Fire As FTX Meltdown Highlights Fundamental Need For Exchanges To Change Audit Approach

The chaotic state of the finances of the centralized crypto derivatives exchange platform FTX revealed after its controversial collapse, threw the spotlight not only on the two firms that handled the company's auditing but also on the crypto auditing industry in general.

While others scrambled to go over the books of their crypto clients, some have elevated the status of their crypto company clients to high risk. More importantly, the spectacular collapse of the once most trusted brands in the cryptocurrency industry underlined the fundamental need for centralized crypto exchanges to change their approach to audit or never regain the trust of investors at all.

When restructuring expert John Ray III was appointed as the new CEO of FTX after the crypto exchange platform filed for bankruptcy on Nov. 11, he uncovered a lot of red flags about the business that, if earlier discovered and publicized, could have spared a lot of investors who are now reeling on the funds they lost because of the meltdown.

The new CEO has a lot to say about FTX, but his statement, which headlined a lot of news outlets a few days after he assumed his role as the top boss, sent shockwaves to the entire crypto industry.

"Never in my career have I seen such a complete failure of corporate controls and such a complete absence of trustworthy financial information as I occurred here," the executive said. "From compromised systems integrity and faulty regulatory oversight abroad to the concentration of control in the hands of a very small group of inexperienced, unsophisticated and potentially compromised individuals, this situation is unprecedented," Ray added.

His statements alone make one think that what happened to the Bahamas-based global company was exceptionally worst based on its books. But, how could this be possible when two audit firms, Armanino and Prager Metis, which are not even a part of the Big Four global audit firms – Deloitte, Ernst &Young, KPMG, and PricewaterhouseCoopers – produced the company's reports considering that FTX is a multi-billion dollar company?

Prager Metis, an advisory and accounting firm, had a poor track record with the audit regulator Public Company Accounting Oversight Board (PCAOB). The audit regulator, in 2019, shared its private comments about Armanino and mentioned its deficiencies in its overall quality-control processes.

Also, Armanino issued an audit opinion to Lottery.com in 2021 but resigned from its role in September 2022, just before a class-action lawsuit was filed against Lottery.com's executives.

Interestingly, both audit firms noted that their role is only limited to getting an "understanding of internal control relevant to the audit to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of [West Realm Shires lnc.'s and FTX Trading Ltd. and subsidiaries'] internal control."

What happened to FTX, regardless of what its auditors said, questioned their work and, as a domino effect, sent other crypto auditing firms to reevaluate the work they have done for their crypto company clients. For most of them, this means elevating the status of their clients to high risk, which means more thorough examinations, while others dropped their crypto clients.

While many industry watchers and investors pointed the blame at the auditors, they failed to realize that it was the company that hired them in the first place. As a cryptocurrency business, the obvious choice to get your books thoroughly examined and audited is to hire someone who knows the working of the crypto industry like the back of their hands and not someone unfamiliar with the industry.

Also, there is an issue with the frequency of audits, as well as the time the actual audit was conducted, which is highly essential considering that the crypto market is highly volatile and involves a lot of dynamics.

"The main problem with such audits is that exchanges do not complete them frequently. The audit of FTX US was completed back in 2021 and it's been almost a year, which is a considerably long period," said Yevheniia Broshevan, Chief Business Development Officer (CBDO) of Hacken. It is a blockchain cybersecurity company focused on auditing, crowdsourced security, pen testing, monitoring and analytics.

"Moreover, since last year market conditions have dramatically changed, 1 year-old audit can not be considered as actual," the Hacken executive told International Business Times. "Even in traditional industries, financial audits which were done 1 year ago does not state about company state in the current year. Considering that our industry it young and fast evolving, audits can and should be real-time," Broshevan said.

"As a leading web3 and blockchain cybersecurity company, Hacken recently launched the Proof of Reserves service, which we have been working on since 2019. Moreover, we are at the finish line of upgrading our methodology to make it real-time, which makes it impossible for exchanges to cheat it," the Hacken CBDO shared.