The Public Company Accounting Oversight Board (PCAOB)’s Office of the Investor Advocate has issued an advisory not to “place undue reliance” on "proof of reserve" reports that some cryptocurrency companies have provided to verify assets and liabilities.
These “PoR” reports have become more visible in recent months, particularly after the collapse of crypto exchange FTX. Several crypto exchanges hired outside auditors to provide PoRs. They fall short of a full audit, which is not required of a privately held company.
One audit firm, Mazars, paused work on all cryptocurrency clients weeks after being hired by Binance in December. At the time, the firm said that it had “paused its activity relating to the provision of proof of reserve reports for entities in the cryptocurrency sector due to concerns regarding the way these reports are understood by the public.”
"Proof of reserve reports are inherently limited, and customers should exercise extreme caution when relying on them to conclude that there are sufficient assets to meet customer liabilities," the PCAOB alert read, emphasizing that PoRs “are not within the PCAOB’s oversight authority.”
"Importantly, investors should note that PoR engagements are not audits and, consequently, the related reports do not provide any meaningful assurance to investors or the public," the alert read.
“Despite any representations to the contrary, PoR Reports are not equivalent or more rigorous than an audit, and they are not conducted in accordance with PCAOB auditing standards. In addition, there is a lack of uniformity regarding service providers that perform PoR engagements,” the warning says. “For example, some PoR engagements are performed by accounting firms, whereas others are performed by non-accountant assurance providers. Management of the crypto entities also have discretion on whether the results of PoR reports are made public, including the extent and format of the information provided."