Let us delve into that. At best, this is misleading; At worst, this is financial fraud.
The current standard for third party audit for crypto exchanges is the “Proof of Reserves Report”. The purpose of the Proof of Reserves Report is to provide assurance that an exchange (or an entity with both cryptocurrency assets and liabilities) has sufficient liquidity to settle all existing crypto liabilities. There
have been a few auditing firms willing to issue a Proof of Reserves report. The most well-known is the French accounting firm, Mazars. The basis of a Proof of Reserves Report is a cryptography tool called a Merkle Tree. A Merkle tree allows
you to verify the content of numerous records (or addresses) by hashing, i.e. identifying underlying records by grouping them into subsets (otherwise known as leaves). The goal is to have as few verifiable leaves as possible. At the top of the tree is the “root node”. The underlying concept is that the root node is a verifiable capture of all underlying leaves. Thus, any and all data described in the leaves can be verified as correct. The Merkle Tree approach essentially verifies all wallets of assets, verifies all wallets of liabilities and expresses liquidity as the ratio of verified assets to verified liabilities.
There are significant issues with a Proof of Reserves Report.
First, it is literally a snapshot in time. It does not include any transactions which may occur after the report date. Assets or liabilities could change within seconds of the report date. As such, a Proof of Reserves is not forward looking. It says nothing about what exposures might be in the future.
Second, a Proof of Reserves does not account for any contingent liabilities or assets. If assets or liabilities are posted as collateral, loaned or otherwise provided to third parties, these events will not be recognized in a Proof of Reserves Report. It merely states the existence of reported assets and liabilities, but it does not give any information on what those assets and liabilities are.
Third, a Proof of Reserves Report is not an audited document. A typical audit report will include unqualified statements which attest to the accuracy of the financial information presented. A Proof of Reserves Report makes no such attestations. In fact, a Mazars Proof of Reserves Report reads as follows: “This……engagement is not an assurance (financial audit) engagement. Accordingly, we do not express an opinion or an assurance conclusion. Had we performed additional procedures, other matters might have come to our attention that would have been reported. Our report does not cover any transactions and/or balance holdings of (the client) after the reporting date or address any other assessments beyond the scope of this engagement”.
In short, a Proof of Reserves Report provides no guidance on the magnitude or nature of financial risk. And yet, it was the standard document that FTX and other crypto exchanges used to address financial risk. The audit firms were not necessarily guilty by acts of commission (they never signed off), but they
were certainly culpable for acts of omission.
In addition, volatile financial assets (which cryptocurrencies indisputably are) fall under mark-to-market accounting principles, practices and reporting guidelines. The general guidelines are found under SFAS 157 – Fair Value Measurements. Under mark-to-market principles, assets and liabilities are reported at
their fair market value, which are forward looking statements. Mark to market is also the required financial reporting practice for any financial exchange. None of these principles or practices are reflected in any required cryptocurrency financial reporting.
Cryptocurrencies are a black box to investors and customers, primarily because of a willful failure of disclosure. The tools and practices exist. They have been ignored.
Comments