Why Professional Audits are Essential in a Post-Gox World

Bitcoin needs an institution-based auditing strategy that does more than simply check exchange funds.

AccessTimeIconMay 31, 2014 at 9:55 a.m. UTC
Updated Sep 11, 2021 at 10:50 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

“Can we pretend February never happened?” asked Gavin Andresen at Bitcoin2014, in an oblique reference to the collapse of Mt Gox.

It’s easy to sympathise with the sentiment. Mt Gox’s demise shone a spotlight on the bitcoin community’s ability to weed out bad actors and found it lacking.

While the legal disputes around Mt Gox continue to trundle on in the background, one issue has risen to prominence as a result of the affair: transparency.

However, with each third-party 'audit’ of bitcoin exchanges and other businesses, the question of who should be performing these checks, and what they should involve, is of increasing importance.

Trust is not enough

Major bitcoin exchanges and wallet providers moved quickly to reassure customers following Mt Gox’s collapse, issuing a joint statement that called for “appropriate security safeguards that are independently audited and tested on a regular basis”.

To date, those independent tests have largely been carried out by trusted individuals within the bitcoin community, who have avoided calling their admittedly narrow checks 'audits'.

Andreas Antonopoulos vouched for Coinbase back in February, Stefan Thomas examined Kraken in March and most recently, Mike Hearn tested Bitstamp, assuring its customers “that at this time Bitstamp holds sufficient bitcoins to cover their customer deposits.”

The system so far has been largely ad-hoc, with exchanges promising to submit to regular checks and selecting different developers each time (which is preferential to the same individual auditing an exchange repeatedly).

In the long-term, though, said George Quigley, a partner at accountancy firm BDO, the community needs an institution-based approach that looks at much more than just how much bitcoin is held:

“Am I going to rely on a person who goes in and says, 'it's okay, all the bitcoin are there,' or are you going to rely on a provider who says, 'here's a management statement, here's how they control the environment'?”

Bitcoin auditors needed

Of course, one would expect an auditing company to make that argument, but it’s an issue that the community has recognized too. Kraken CEO Jesse Powell has previously told CoinDesk of the need for a bitcoin auditing firm, saying:

“The firm would need to independently have a strong grasp of bitcoin, crypto, the ability to review code or write their own, be aware of opportunities for either party to compromise the audit and have the ability to prevent those compromises.”

However, he also added some scepticism about whether established firms could fulfil this role: “Traditionally, this skill set is not what accounting firms are known for.”

One company that has used established firms is Netagio, which boasts that “all funds are audited to an ISAE standard” (ISAE standing for 'International Standards for Assurance Engagements').

The company is one of a handful that deal in bitcoin and gold. And though its website is full of information about the company, including an address and phone number, like all players in the bitcoin space, said Netagio’s Managing Director Simon Hamblin, Mt Gox has cast a shadow over their business:

“That trust and transparency issue has damaged the [whole] bitcoin world.”

Despite engaging BDO, a known name in the auditing industry, to provide assurance that the company is properly run, though, Hamblin said Netagio still faces the same problems as other bitcoin businesses:

"You struggle to get a banking relationship, you struggle to do the most basic things. That applies to insurance, for example. Particularly since the collapse of Mt Gox. The insurance market has closed up. It’s moving forward, but it’s a very slow process."

A gap in the market

Building trust in the bitcoin economy will help to move things forward faster, and proper checks and audits will undoubtedly be a large part of that.

Mike Hearn thinks it’s too early to build a standardised approach to auditing bitcoin businesses, telling CoinDesk earlier this week:

“There’s still a lot of variance in techniques and technologies being used, with new R&D still being done. Once things settle down some more, a standard way to audit exchanges would be useful indeed.”

What’s clear is that the demand for transparency has left a gap in the market, not only for established accountancy firms like BDO, but also for new bitcoin-specific accountancy firms. What they’ll look like is still up in the air.

Magnifying glass image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.