It started with a balance sheet full of “digital assets”…
The CPA had reviewed dozens of financials from traditional companies over the years, but this time, something felt different. Wallet addresses. Blockchains. Token valuations that fluctuated by the hour. The firm had just taken on its first cryptocurrency client—and this seasoned auditor was suddenly standing at the edge of a digital cliff with no safety net.
What came next wasn’t fraud, but it easily could have been. Because when you don’t understand what you’re auditing, you’re not just risking bad accounting—you’re risking your professional ethics.
The Allure—and the Ambiguity—of the Crypto World
As cryptocurrency and digital asset companies flood the market, more CPAs are being pulled into engagements involving Bitcoin, Ethereum, tokenized assets, decentralized finance (DeFi), and blockchain-based technologies. It’s a field full of innovation, disruption, and massive volatility. But there’s one thing it often lacks: clarity.
From a technical perspective, understanding how wallets, tokens, staking mechanisms, or smart contracts operate is not something taught in traditional accounting programs or CPE. That lack of knowledge, however, doesn’t excuse ethical missteps. If anything, it makes the stakes higher.
The Ethical Minefield: When CPAs Don’t Know What They Don’t Know
1. Competence isn’t optional. The AICPA’s Code of Professional Conduct is crystal clear: a CPA must only undertake engagements they are professionally competent to perform. Entering into an audit of a crypto company without a firm understanding of digital asset accounting violates this foundational standard. It’s not a gray area. It’s a red flag.
2. Due diligence must go beyond paper. In traditional finance, reconciling to a bank statement may suffice. In crypto, verifying asset existence might mean tracing transactions through block explorers, understanding smart contract logic, or evaluating the integrity of a third-party crypto custodian. Failure to conduct this due diligence thoroughly can lead to materially misleading opinions.
3. Pressure to perform vs. professional skepticism. Crypto clients, especially startups, are often fast-moving and venture-backed. They may push for rapid audit completion to satisfy investor demands or trigger funding rounds. But speed cannot compromise skepticism. CPAs must maintain independence and push back when the integrity or understandability of information is lacking.
**4. Blind reliance on management or third-party platforms. Trusting wallet screenshots or assuming that a third-party platform is secure or accurate without proper technical validation is a breach of audit ethics. Verifiability and validation are the pillars of assurance. Anything less becomes negligence—potentially even complicity.
The Temptation to “Figure It Out Later”
One of the most ethically dangerous attitudes CPAs can adopt is the belief that they can learn on the fly. But auditing crypto isn’t like learning a new industry—it’s learning a new financial language with its own rules, infrastructure, and threats.
If you’re unsure how to distinguish between a cold wallet and a hot wallet, or if staking rewards are revenue or liability, you can’t just “wing it.” Doing so risks misleading financial statement users and damages the public trust—the very thing our profession is built on.
The Right Ethical Move: Know When to Say No
There’s no shame in recognizing a limitation. In fact, it’s a sign of professional integrity.
Before taking on a cryptocurrency engagement, CPAs should ask:
-
Do I (or my team) have the necessary technical competence?
-
Can I verify the existence and rights to digital assets independently?
-
Do I understand the risks involved in decentralized financial structures?
-
Am I equipped to evaluate the legality and compliance framework the client operates under?
If the answer to any of these is “no,” the ethical answer is also “no.” That doesn’t mean you’re turning your back on innovation—it means you’re upholding the standards that protect your license, your clients, and the public.
Final Thoughts: Ethical Courage in the Age of Digital Assets
The CPA profession is evolving, and digital assets are becoming more mainstream. But competence must always precede compliance. CPAs are not just number crunchers—we’re gatekeepers of trust. If that trust is compromised because of ignorance masked as confidence, the damage ripples far beyond a single audit report.
So, before you say “yes” to that next crypto audit, pause and ask: Do I understand this well enough to sign my name to it? Because in this fast-moving space, the most ethical answer may be the hardest one: not yet.
Chuck Gallagher is a business ethics keynote speaker, former CPA, and author who helps organizations understand the real-world implications of ethical decision-making in emerging industries like cryptocurrency and AI.
