Sage Journals: Discover world-class research

Abstract

Blockchain technology has become more common in the audit industry, posing new problems for traditional audit work. Researchers have been studying the effect of customers’ use of blockchain technology on audits, especially on audit risk and audit methods. This paper examines audit cases of Chinese enterprises that use blockchain technology. It analyzes the effect of the use of blockchain technology on the audit and the new audit problems. It also examines an Australian blockchain audit case using a questionnaire. This case study showed that the application of new technologies to the audit industry may lead to increased inherent risks and control risks. The audit methodology is uncertain and there are two possible approaches: (1) a combination of direct, indirect, account-level, and entity-level evidence and (2) an increase in indirect and entity-level evidence. This paper puts forward the reference case of the Australian blockchain audit experience and suggestions for developing blockchain audits in China.

Plain Language Summary

Navigating New Horizons: Challenges and Opportunities in Auditing with Blockchain Technology

Blockchain technology is changing how audits are done. We studied how Chinese companies using blockchain affect audits. We also looked at an Australian case using a survey. Our findings suggest that using new tech in audits can make things riskier. Figuring out the best way to do audits with blockchain is tricky, but we suggest using a mix of different evidence sources. This paper gives advice based on the Australian experience for improving blockchain audits in China.

Keywords

audit evidence audit risk external audit blockchain technology

Introduction

Blockchain technology, also known as distributed ledger technology, does not store data on a centralized node, but divides it and stores it on different nodes in the same system, using encryption to lock the data to each other. The corporate world has a natural affinity for the integration of blockchain technology with big data, platform building, and financial management. The innovation of the “blockchain +” model is ongoing, and the introduction of this model has important economic significance for many fields, such as accounting and finance, including auditing (Q. Zhang et al., 2021). In auditing, the characteristics of blockchains, such as immutability, traceability, and decentralization, are compatible with the requirements of audit quality. “Blockchain + audit” can be considered as a subversive operation in the audit industry, upgrading and optimizing the original audit objectives, methods, content, and other aspects, and can be considered as representing a paradigm shift in the audit industry (Tiberius & Hirth, 2019).

Blockchain technology may introduce certain inherent risks and additional risks to auditing, however (Richins et al., 2017), and these risks have not received adequate attention in the literature (Richins et al., 2017). The main benefit of using blockchain applications for financial systems lies in the decentralization and distribution of information between multiple foreign parties participating in the blockchain. Compared to previous audit work, external auditors pay significantly more attention to assessing governance and internal control-related issues. Auditors must also consider how other parties interacting with their clients on blockchains control and protect their data (Smith & Castonguay, 2020). In particular, auditors must assess the information technology governance controls and independent proof of control that exist in and around blockchain parties, including steering committees (Sheldon, 2019). When a blockchain application coexists with a legacy system such as an enterprise resource planning (ERP) system, it is necessary to evaluate the interface transfer process from the upstream system to the blockchain application. Thus, the claim that the use of blockchain technology means that auditors can check each transaction after random sampling and enable real-time auditing (Rozario & Thomas, 2019) is based on the premise that the governance and information technology controls surrounding blockchain applications are robust. The complexity of the blockchain environment should not be underestimated, however. In 2017, Armitage et al. (2012) described the different requirements for different industries and different geographic regions, with many emerging markets yet to establish governance standards and guidelines.

The present study seeks to answer two questions: (1) How do auditors view the inherent and controlled risks of blockchain financial statements and cryptocurrency audits? (2) During the audit process, how do staff view their approach to auditing blockchain financial statements and cryptocurrencies in the context of evaluating controls and inherent risks? Domestic research and analysis into “blockchain + audit” in China has mainly remained in the application method and prospect development. For example, Fang (2020), T. Zhang (2023), He (2023), and other researchers agree that China’s blockchain industry is still in the initial stage of development. Moreover, the literature lacks research into the inherent risk and audit risk of blockchain-related enterprises, assessment of the inherent risk and audit risk of blockchain-related enterprises, and research into the change in audit risk before and after the application of blockchain technology. Research into the adoption of applicable audit methods on the basis of risk assessment is therefore of practical significance. Figure 1 shows a schematic representation of the research structure.

Figure 1.

Schematic diagram of the research structure.

This study uses a combination of case analysis and questionnaire. Previous research into “blockchain + audit” has mostly examined the application of examples, and the material is relatively rich. This paper analyzes the effect of the application of blockchain technology on the audit risk of enterprises by exploring the audit cases of domestic blockchain technology enterprises in China. In addition, based on an Australian blockchain audit case, the questionnaire is used to determine which audit method should be adopted, focusing on careful evaluation of control and inherent risks, to provide a reference for China’s blockchain-related audits.

Development Status of Blockchain Technology in the Auditing Industry

The effect of blockchain technology on the accounting industry will ultimately have a positive effect on modern audit technology, promoting innovation and further development of the technology. At present, however, the audit field is faced with problems such as data distortion, lack of trust, financial fraud, lack of full coverage audits, and lack of real-time audits. China’s domestic research into the effect of blockchain technology on auditing initially focused on the technical application level. This research can be divided into four types: first, research into the effect and integration of blockchain technology on the accounting and auditing industry; second, research into the new intelligent financial management platform based on “blockchain +”; third, research into accounting information systems based on blockchain technology and real-time auditing based on blockchain technology; and fourth, research into continuous auditing and online audit platforms.

For example, in terms of the effect on the industry, Huang and Chen (2019) show that blockchain technology has great development potential from the perspective of trust and efficiency, and it could have a large positive effect on audit theory and accounting. Blockchain will establish a new type of trust relationship based on technology. Blockchain sharing mechanisms, time stamps, and automated bookkeeping will significantly improve the efficiency of accounting and auditing operations. Liu et al. (2019) believe that “blockchain + audit” is an innovation in auditing. Blockchain technology enhances the authenticity and reliability of audited data, reduces audit costs, and enhances audit work. In terms of the research and development and construction of blockchain platforms, Du et al. (2020) discuss the use of blockchain technology to reconstruct the management accounting reporting system and reconstruct the collection, transmission, feedback, and evaluation of management accounting information from the following five levels: physical layer, definition layer, network layer, collaboration layer, and application layer. The authors believe that the authenticity, timeliness, and accuracy of management reports can be improved, which would improve the efficiency of enterprise management. Cheng and Wang (2020) focused on the intelligent financial reporting of this technology in the process of exploration, expounded the improvement of the generation, analysis and application of financial reports at five levels, including the consensus level and the data level, and studied the causes of the problems arising therefrom.

Furthermore, in terms of trustworthy accounting information systems and real-time audits based on blockchain technology, Jin et al. (2020) took the original certificate solidification mechanism and the financial-report-cannot-be-tampered-with mechanism as the premise and took blockchain technology as the basic condition to build an accounting information generation path and study its optimization model. It is believed that “blockchain + accounting” can prevent financial fraud and build a transparent, credible, and complete accounting information system. Y. Wang (2020) discuss the re-organization of financial reporting and bookkeeping based on blockchain technology and also discuss the accounting informatization process of enterprises. The author believes that blockchain accounting information systems can realize real-time information requirements and personalized financial reports, overcome the limitations of existing accounting centralization, and achieve a high degree of integration of “industry financial audit”.

In terms of continuous auditing and Internet audit platform research, Ding and Li (2020) tried to establish a blockchain based on business processes from the perspective of identification and application of information technology risks. Auditors used real-time information on the blockchain to implement internal audit strategies. Liang and Cao (2021) discuss multi-node audit sharing and argue that blockchain technology can improve the audit process and enhance the internal control and self-audit ability of the audited units. Xu and Chen (2020) discuss how to establish a complete blockchain audit application system and argue that greater efforts should be made to promote the development of blockchain audit technology and the creation and improvement of related technology platforms in the field of domestic autonomy and control. Tang and Jiang (2019) discuss building a blockchain audit big data platform to enable government auditing and improve the effectiveness of corruption governance.

With the further application and development of blockchain technology in the audit industry, the risk that it introduces has become a research focus. Alqaraleh and Nour (2020) examined the timeliness of the annual financial reports of Jordanian listed companies by the Audit Committee on the Amman Stock Exchange for the period from 2014 to 2016. The results showed that there is a significant positive relationship between the characteristics of the Audit Committee (independence, meetings, and size) and the timeliness of financial reporting. In addition, the Board of Auditors plays an active role in overseeing the preparation and publication of financial reports. Hmoud and Nour recommend that companies make annual financial reports within the statutory timeframe, as it has become necessary for them to influence investors’ decisions. This type of research has also been conducted in other financial periods (Alqaraleh & Nour, 2020).

Before the application of blockchain technology in business, Curtis and Turley (2007) commented that audit practitioners inferred from control tests whether financial accounts were at risk of material misstatement. In particular, when auditors perform audit services for clients, they realize that “there is a high probability that information systems will deviate from predetermined strategies, which will adversely affect the ability of these systems to generate relevant, reliable and timely reports.” As a result, if customer control of information systems and technologies cannot be relied upon or if testing these systems is ineffective, auditors may also use audit evidence extracted from substantive testing. Although in theory there is an inverse ratio between indirect and entity-level evidence dependent on control systems and direct and account-level evidence derived from substantive testing of accounts, the study found that, compared with indirect and entity-level evidence inferred from control tests, auditors are generally more receptive to direct and account-level evidence obtained from testing the numbers themselves (Curtis & Turley, 2007). Indirect and substantive evidence obtained from these tests is considered soft evidence. Soft evidence is problematic, but not because it cannot be used to ensure the fairness of financial statements. Instead, practitioners worry about how to respond to questions from peer reviewers and courts about audit quality, which is assessed based on archived audit documents.

Shin and Hwang (2020) believe that users pay more attention to transparency and reliability, and sufficient trust can result in customer satisfaction. Their study has implications for the reliability of blockchain technology in the auditing industry. The findings suggest a role for trust regarding potential links with technology and emotional availability. The cognitive heuristics of users influence their attitudes toward blockchains, where the technical characteristics are defined by the user’s perception and experience (Shin & Hwang, 2020). Nour and Tanbour (2023) consider it necessary to strengthen the ethics and standards of auditors within banks, especially during periods such as the COVID-19 pandemic.

Nevertheless, the advantages of blockchain-based auditing have also been highlighted (Nour & Tanbour, 2023). Smith and Castonguay (2020) predict that the commitment to fair financial statements will be modified to address the unique nature of blockchain technology. Since auditors need to read the information recorded on the blockchain, they need to be confident that the control system applied to the blockchain is reliable. Auditors must understand the code embedded in the blockchain and audit the rules and accuracy of the chain that records the information. Shin and Bianco (2020) examine the availability of user-perceived technological attributes of blockchain technology and investigate how users can find media in blockchains. Focusing on the role of trust, their paper analyzes the ways in which motivational availability affects user experience in blockchain media. The results suggest that little attention has been paid to the technological innovation that blockchain technology can bring to the media space. The findings also provide a perspective for understanding the principles of blockchain usability issues that combine heuristic algorithms with blockchain design and user experience.

As with traditional auditing, a high level of trust in controlling the design and operation of the blockchain goes hand in hand with a high level of trust in the integrity and value of the transactions reported in the financial accounts. For example, a reliable ERP system that encompasses the units of an organization’s information system also eliminates the need to reconcile and adjust entries between those units. Still, auditors need to test more internal controls on ERP systems than traditional systems, because the data is in electronic format and therefore (more) susceptible to tampering and falsification. Shin and Ibahrine (2020) show that blockchain technology requires careful socio-technical examination to avoid simplistic assumptions about its promises and pitfalls. For the development of blockchain technology in South Korea, a range of socio-technical issues must be considered to promote the best outcomes in society. In contrast to blockchain technology, substantive testing of transactions can be enhanced by obtaining immutable and time-stamped documents from audited companies and third parties. Whereas auditors used to rely on matching documents from various external sources (such as bank balance confirmations), auditors can now ignore this process, because the full transaction history and supporting evidence is retained and published directly on the blockchain. Rozario and Thomas (2019) believe that auditors can extract and test all transactions and accounts, and they encourage auditors to focus on the professionalism and relevance of direct audit evidence in their work. In contrast, Smith and Castonguay (2020) recommend that auditors streamline the evidence-gathering process and shift their focus from substantive testing to risk assessment of blockchain information control. Najjar et al. (2023) suggest that blockchain technology can improve vendor visibility. Managers will improve the transparency and traceability of their global supply networks, which will ultimately reduce information asymmetries and limit opportunistic behavior. In addition, the connectivity and fast and immutable information-sharing capabilities associated with blockchain technology improve supplier predictability and can be used to build strong sustainable supply networks. Despite the potential, however, their study highlights that the benefits this technology brings may discourage the adoption of technologies that span multi-layer supply networks (Najjar et al., 2023).

The main benefit of using blockchain applications for financial systems lies in the decentralization and distribution of information between multiple foreign parties participating in the blockchain. Compared to previous audit work, external auditors pay significantly more attention to assessing governance and internal control-related issues. Auditors must also consider how other parties interacting with their clients on the blockchain control and protect their data. In particular, auditors must assess the information technology governance controls and independent proof of control that exist within and around blockchain parties, including the steering committee. When a blockchain application coexists with a legacy system such as an ERP system, it is necessary to evaluate the interface transfer process from the upstream system to the blockchain application. Thus, the claim that blockchain technology means that auditors can inspect each transaction after random sampling and enable real-time auditing Rozario and Thomas (2019) is based on the premise that the governance and IT controls surrounding blockchain applications are robust. The complexity of the blockchain environment should not be underestimated, however. In 2017, Armitage and Fernandez et al. introduced the different requirements of different industries and different geographical regions, and many emerging markets have not yet established governance standards and guidelines (Armitage et al., 2012).

Thus, the use of a financial accounting system blockchain by customers may introduce inherent risks and control risks. The decentralization and distribution of information between multiple foreign parties involved in the blockchain process mean that there may be inherent risks associated with foreign parties that rely on submitting, forwarding, or verifying transactions and verifying new block information. The entity’s internal control system is interlinked with the third-party governance control system around the blockchain node, and so there is also the potential to increase control risks. While blockchain technology provides immutable and time-stamped transaction documentation and financial information, this depends on governance and control systems that protect the integrity of customers and foreign parties accessing the blockchain.

Development of Auditing Practices for Blockchain Enterprises in China

Status of Blockchain Technology in China

With the development of the digital economy, the processing of data has become particularly important, and blockchain technology has therefore received increasing attention. Due to its advantages of decentralization and protection against digital tampering, it has played a diverse role in the development process since its inception, which has driven the application of this technology in other fields. In foreign countries, blockchain technology is mainly applied to digital cryptocurrencies, smart contracts, financial transactions, and clearing. This technology is also playing an important role in China, promoting the economic development of various fields such as the Internet and finance. The technology is widely used for financial transactions in China, such as third-party payments, fund custody, banking, and the securities industry. The automatic contract technology that has emerged from blockchain technology also has a positive role in financial transactions. This technology can improve work quality, reduce capital loss, and promote the smooth progress of financial transactions. In terms of asset management, blockchain technology can be used to monitor the confirmation and authorization of assets in real time, thereby ensuring the traceability of supply chain products and management decisions. In short, with the maturity of blockchain technology, its application scope is continually expanding.

Blockchain Audit Cases and Analysis in China

Company Background

JD established its blockchain technology team in 2016. China’s first anti-counterfeiting platform related to blockchain technology was created in 2017. In the same year, the company reached a cooperation intention and signed a cooperation contract with the Ministry of Commerce on blockchain technology. The team publicly released a blockchain white paper on March 21, 2018, and officially confirmed the blockchain technology brand on August 16. The team made a breakthrough on June 3, 2019, and the application in the data finance field was officially launched on JD.com. On July 13, the concept of blockchain services was first proposed, and the construction of a blockchain strategy began. The first blockchain standard solution, jointly launched by the blockchain technology team and business unit, will be applied to JD’s proprietary platform and will also be an important output direction for JD Finance. As JD.com implements blockchain technology, the emergence and participation of asset management firms, law firms, and accounting firms can improve the overall structure and the quality of the ABS issuance business.

Case Introduction

Currently, JD Data Technology—CITIC Securities No. 9 JD Baitiao Accounts Receivable Debt Asset Support Special Plan. The processing plan of ABS that has been applied has reached an issuance scale of 500 million yuan, with a special plan of 24 months. It was recorded on June 3, 2019, and the service agency that issued assets on June 6 on the Shenzhen Stock Exchange was JD.com. CITIC Securities joined as the plan manager, and transparent management and effective monitoring of assets were carried out. The current project is running smoothly.

The ABS alliance for blockchain construction has developed this plan by introducing synchronous automatic ledgers during the audit process. This measure can effectively reduce the amount of business that participants need to process when conducting cost object programs, and the problem of mismatched information between both parties has been solved. The alliance’s measure promotes multi-party cooperation, reduces manual intervention, reduces the complexity of business, and improves the efficiency of cash flow management. This is a solution that is conducive to managing blockchain for underlying assets by extending the trust system to scenarios with a wide range of data and assets and promoting a trust system that focuses on avoiding collateral leasing. The risks borne by merchants will be greatly reduced with the introduction of blockchain technology, which is conducive to further improving the conversion rate of orders. In terms of obtaining data for merchants, introducing blockchain technology into the leasing system. The conversion of users has increased six-fold, and the order rate has increased three-fold. On December 20, 2019, judicial blockchain technology was officially introduced in civil litigation proceedings and gradually applied in cases.

Commercial Deployment Based on Blockchain Technology

When companies engage in trade finance, they usually use the traditional multiple transfer method to transfer ownership and acquire goods on the blockchain platform. In this process, QR codes are used to facilitate identity recognition. The significance of this transformation lies in the fact that the blockchain platform can complete the operation of digital assets while also conducting internal audits. As the audit work in electronic bills of lading continues to improve with the improvement of internal systems, blockchain technology can be used to further improve work efficiency and complete registration work. Letters of credit can be used for electronic presentation, and the blockchain network can effectively integrate various assets, forming a link asset.

Moreover, relying on blockchain technology for auditing offers certain anti-counterfeiting benefits and can also facilitate tracking, which improves auditors’ asset identification work, the completeness and accuracy of auditing, and internal audit efficiency. It also results in greater economic benefits. In addition, when using blockchain technology to encrypt and transmit paper documents in the form of digital assets for circulation, multiple blockchain nodes will supervise them, and consensus algorithms will be used. If document fraud occurs during the transmission process, it will be quickly caught by other nodes, reducing the probability of fraud in the trade process.

Auditing Based on Blockchain Technology

An audit blockchain is based on the following two aspects. First, business behavior regulation will enhance enterprise value; second, commercial trade will be regulated by the audit blockchain technology, and the data contained in the network can be captured and audited at any time. The data in the blockchain is in an open-source state, and the data content cannot be changed or deleted. All data can be traced, and so real-time tracking and verification of both parties’ data are necessary, and this transmission process may be used by illegal elements. Blockchain audit technology can provide an indelible record of goods and data. Due to the emergence of consensus algorithms, blockchain networks do not require the participation of third-party institutions. The data chain is constantly shortening, and transactions are visible to everyone, which can reduce the difficulty of auditing and improve overall operational efficiency. Blockchain audit technology can provide 24-hour tracking for data analysis during commercial transactions, conduct real-time statistical analysis of data, and form records, which is conducive to subsequent audit work.

Compared to traditional audit methods, audit efficiency is greatly improved with blockchain technology, and the audit outcome is more reliable. The new audit model relying on blockchain technology has replaced traditional manual labor with modern computer technology, greatly reducing the cost of auditing. In the current market environment, with increasing competitive pressure, fraudulent and illegal behaviors occur frequently. Internal auditing therefore requires new solutions. Blockchain auditing technology has the advantage of being more transparent and immutable in data processing, which can promote the establishment of a new mechanism for internal auditing and strengthen control functions. Whether facing old problems or new ones, blockchain auditing can play a deterrent role and reduce the probability of illegal behavior.

New Issues Arising From Auditing With Blockchain Technology

Although the audit in the application environment of blockchain technology in the case described above has the advantages of high efficiency, low cost, and strengthened fraud prevention and control, the application time of blockchain technology in enterprises is not long, and blockchain technology is not yet mature enough, which has brought new problems to traditional audit work.

Audit Risk Issues

As mentioned earlier, enterprises involved in blockchain technology have the advantages of openness, transparency, and protection against tampering in their business data due to the use of blockchain technology. Compared with the data of enterprises not involved in blockchain technology, this reduces the possibility of data fraud and improves the authenticity and security of information. There is currently no unified standard for the application of blockchain technology, however. Due to the influence of development environmental conditions, many institutions and enterprises want to establish their own systems. The distributed accounting technology (DLT) using blockchain technology may have numerous standards and go its own way (Q. Zhang et al., 2021). Due to inconsistent standards, an auditing agency cannot use the same auditing techniques and procedures to audit different types of enterprises and units involved in blockchain technology, which increases the complexity and difficulty of auditing work.

In addition, user private key retention and maintenance are unavoidable issues in blockchain technology. Under current blockchain technology rules, user private keys are personal information, and in the event of information leakage, there is no way to recover them, increasing the risk of user identity theft. A balance is needed between security and convenience. Although blockchain technology has the characteristics of tamper-resistance and traceability, ensuring the accuracy and security of audit data, due to the immaturity of the technology, the problem of data collaboration on and off the chain has not been solved, and the generation, storage, and use of blockchain keys at the operational level faces certain risks (L. Wang & Zhang, 2020). These aspects will probably increase the inherent risks and inspection risks involved in auditing blockchain technology enterprises.

Innovation in Audit Methods

The development of the digital economy has given rise to blockchain technology. With the application of blockchain technology in multiple fields, audit work must deal with blockchain technology applications. If auditors continue to use traditional audit methods such as sampling audits, it will be difficult to adapt to the new environment of audit work. It is necessary to combine traditional audit methods with information technology to achieve innovation in audit methods, develop new digital audit methods, and change traditional audit models. The development of new digital audit methods must also be integrated with blockchain technology. Due to the different nature of businesses using blockchain technology, however, the content and methods of auditing may vary. Researchers have therefore constructed new blockchain auditing frameworks using blockchain technology based on different auditing content, such as a financial institution auditing framework (W. Zhang et al., 2020), continuous auditing model framework (Chen et al., 2020), government auditing logic framework (Fan & Li, 2018), and poverty-alleviation auditing smart platform framework. The combination of audit work and blockchain technology is the focus of current research in the field and has received a great deal of attention in recent years.

Issues with Blockchain Auditors

Auditors engaged in auditing blockchain technology enterprises need to fully understand the principles of blockchain technology in the audited enterprise and apply them in the audit. The standards for different types of blockchain technology enterprises and units vary, and the requirements for the knowledge and experience of personnel in charge of the work are not high. In the context of informatization, auditors in the future will need to use data cleaning technology to transform low-quality big data into high-quality audit leads (van Buuren et al., 2018). With the rapid development of the economy and the advancement of the digital economy, there is an increasing demand for composite auditors. Traditional auditors are unable to handle new audit work, and there is an urgent need for transformation. At present, there is a shortage of auditors capable of auditing blockchain technology enterprises. This raises new problems for the auditing of such enterprises and units.

International Reference for Auditing of Enterprises Involved in Blockchain Technology

Australian Blockchain Audit Case Materials

Pre-Questionnaire Interviews

Before the questionnaire, semi-structured interviews were conducted from February 2019 to January 2020. The Australian Audit Standard 315 provides interview guidelines. The interviews prompted respondents to express their opinions on the factors identified in Table 1: the entity and its environment, financial accounting framework and policies, and the entity’s internal control system and audit methods. The semi-structured nature of the interviews allowed the participants to discuss answers they believed to be relevant to the survey questions. If appropriate, follow-up questions were asked to further explore the questions raised by the interviewees.

Table 1.

Factors to Be Understood for Identifying and Assessing Significant Misstatement Risks as Stipulated in “Australian Auditing Standard 315.”

Factors	Details
Entity and its environment	Organizational structure, governance, ownership, business model (including the extent of IT integration)
Applicable financial reporting framework and accounting policies	Industry, regulatory and other external factors
	Measures for evaluating financial performance (internal and external)
	Control environment
Entity's internal control system	Risk assessment processes
	Processes for monitoring internal control systems
	Information systems, communication and control activities

The interviewees were selected from the author’s professional network and the attendees of the blockchain conference attended by the first author. According to the ethical agreement approved by the university, participants and their employers are guaranteed complete anonymity during subsequent publication and reporting. Several authors interviewed 16 participants, of which 10 were interviewed by the first author and two were interviewed by the second author. The interview time ranged from 30 minutes to approximately 100 minutes. The interviewees agreed that the interviews could be recorded and professionally transcribed. The transcriptions were submitted to the interviewees for verification and confirmation of the accuracy of the recorded content. A copy of the text was returned for minor modifications. Cross collect and analyze data in the iterative cycle of “interview analysis extraction interview.” After each interview, the author summarized and took notes to determine the pattern, theme, and participants’ cognitive scope and then compared the notes with the content of subsequent interviews. If the interview was conducted by one of the authors, the two authors summarized and analyzed the data. After completing the data collection, all interview records were independently coded based on the factors identified in Table 1 and the continuous audit method. The coding results were then processed. Referring to the research of Song (2020) and Q. Zhang et al. (2021), an outline of the questionnaire design was formed. The questionnaire explores practitioners’ perception and judgment of risks from three dimensions: audit method risk, standard consensus risk, and work execution ability risk.

Questionnaire Design

The questionnaire consists of four parts. Part 1 explains the purpose, content, and significance of the questionnaire. Part 2 elicits basic information from the participants, including their working years, age, nature of work unit, and educational background. Part 3 is the main body of the questionnaire, specifically scoring the potential risks of “blockchain+auditing” and scoring each item (see Table 2 for details). The rating uses a 7-point system, from complete disagreement to complete agreement. Part 4 seeks to understand the participant’s familiarity with the research content. The data are used for reliability analysis and evaluation. The questionnaire consists of three dimensions and nine sub-questions. Details of the survey questionnaire can be found in Appendix.

Table 2.

Survey Questions.

Dimension	Question	Score
Audit method	I believe that the “Blockchain + Audit” approach poses certain audit risks.	4.8571
	I believe that the “Blockchain + Audit” approach poses certain audit risks in the control reliance stage.	5.0357
	I believe that the “Blockchain + Audit” approach poses certain audit risks during the substantive testing phase.	4.8929
Standard consensus	I believe that “Blockchain + Audit” has not reached a consensus on accounting standards, which may pose risks.	5.9286
	I believe that “Blockchain + Audit” has not reached a consensus on technical standards, which may pose risks.	5.9643
	The lack of consensus undermines the advantages of using a blockchain platform.	5.6429
Ability to work	Audit firms are not yet capable of ensuring blockchain transactions.	5.1429
	The impact of identified inherent risks and control risks on the audit approach is uncertain.	5.2143
	Due to a lack of standards, there are adverse effects on the inherent and control risks of companies involved in blockchain.	4.9643

Sample Selection and Data Collection

Participants were first invited from the blockchain conference to participate in a questionnaire by email. After receiving their consent, the questionnaire was sent via email. The attendees of the blockchain conference are experts and senior personnel in the field, with a detailed understanding of the application prospects and risk control of blockchain technology. Thirty-nine invitation emails were sent, and 30 consent receipts were received. A total of 30 questionnaires were therefore distributed, and 28 complete questionnaires were collected, giving a recovery rate of 93.33% (28/30).

Expert Authority Measure

The authority of experts is measured by the authority coefficient (Cr). The authority coefficient is composed of a judgment coefficient (Ca) and a familiarity coefficient (Cs). The calculation is Cr = (Ca + Cs)/2. The judgment coefficient is considered the basis for experts to judge the items of the questionnaire, and the familiarity coefficient is considered the degree of experts’ understanding of the topic: the greater the Cr, the higher the degree of expert authority. The judgment coefficients are evaluated in five dimensions, including theoretical knowledge, work experience, relevant literature and intuitive feeling, corresponding to differently weighted criteria. Familiarity is divided into the following levels: particularly familiar, familiar, familiar with the commonly, don’t feel familiar, and unfamiliar. The corresponding weightings are detailed in Table 3. A Cr > 0.7 indicates that the invited experts are authoritative (Y. Zhang et al., 2020).

Table 3.

Quantitative Evaluation Criteria for Expert Authority Level.

Indicators	Divide class	Large	Medium	Small
Ca	Theoretical knowledge	0.3	0.2	0.1
	Work experience	0.5	0.4	0.3
	Relevant literature	0.1	0.1	0.1
	Intuitive feel	0.1	0.1	0.1
Cs	Very familiar = 1	Familiar = 0.8	Somewhat familiar = 0.5	Slightly familiar = 0.2	Unfamiliar = 0

Expert Characteristics

The expert characteristics are shown in Table 4. The 28 experts surveyed were all in the blockchain or audit industry. Four were aged 30–40 years, 15 were aged 40–50 years, and seven were aged over 50 years. There were eight audit firms, nine blockchain suppliers, three regulators, three standard setters, and five accounting institutions. Seven experts had worked for 5–10 years, 10 had worked for 10–15 years, and 11 had worked for more than 15 years. There were 15 students with a master’s degree or above and 13 with a bachelor’s degree. The analysis of the experts’ authority showed that Ca is 0.93, Cs is 0.72, and Cr is 0.83, which is greater than 0.7, indicating that the participants selected had high levels of expert authority.

Table 4.

Expert Characteristics Analysis.

Category	Classification	Count	Percentage
Age	30–40 years old	6	21.4
	41–50 years old	15	53.6
	Over 50	7	25.0
Job Nature	Audit firms	8	28.6
	Blockchain providers	9	32.1
	Regulatory bodies	3	10.7
	Standard setters	3	10.7
	Accounting bodies	5	17.9
Working hours	5–10 years	7	25.0
	11–15 years	10	35.7
	16 years and above	11	39.3
	Total	28	100

Reliability and Validity Analysis

According to the results in Table 5, Cronbach’s α of the audit method, standard consensus, and work carrying capacity are 0.926, 0.920, and 0.933, respectively, indicating high reliability of the questionnaire. From the validity analysis, the audit method, standard consensus, and work ability KMO are all above 0.7, and the cumulative variance is above 80%, which indicates that the overall validity of the questionnaire is high (Table 6).

Table 5.

Overall Reliability of the Questionnaire and Reliability Summary for Each Dimension.

Dimension	Number of Items	Cronbach’s α
Audit method	3	0.926
Standard consensus	3	0.920
Work execution ability	3	0.933

Table 6.

Validity Test.

Dimension	KMO	Bartlett sphericity test	Significance	Cumulative variance (%)
Audit method	0.757	63.150	.000	88.006
Standard consensus	0.721	61.112	.000	86.542
Work execution ability	0.733	74.121	.000	89.302

Result Analysis

By collating the opinions of respondents, the study found that respondents generally believe that blockchain customers pose more risk than other customers, with increased inherent risk and control risk in the auditing of blockchain entities. These views are mainly related to the failure to reach consensus on accounting standards and technical standards for blockchain applications. Table 2 shows that the scores of the three questions on the standard consensus dimension are all above 5.5, indicating that the surveyed experts are more concerned about this dimension, which is consistent with the views of Rozario and Thomas (2019). Smith and Castonguay (2020) argue that the lack of consensus compromises the advantages of using blockchain platforms, which include the integrity and validity of data on these platforms.

In addition, the study also found that audit firms do not have the ability to ensure blockchain transactions, which affects the inspection risk, audit method dimension and work ability dimension score around 5, which also gets the attention of experts. The effect of the identified inherent and control risks on the audit approach is uncertain, however, and there are two views on this. The first view leads to the use of direct, indirect, account-level, and entity-level evidence, which is consistent with the findings of Fang (2020) and T. Zhang (2023). The second view relies more on circumstantial and substantive evidence. The adoption of audit methods for blockchain clients should take into account factors such as audit risk, control dependence, and substantive testing in the audit business. The use of the continuous audit method by van Buuren et al. (2018) helps in assessing the effect of risk at the identification level on audit evidence and audit-related methodological concerns of blockchain entities. Blockchain is a network platform for the parties, which confirms that an entity’s internal control system can penetrate the governance controls of the blockchain parties’ network and that this continuous audit approach (which includes a range of account-level and entity-level audit evidence) may need to be adjusted to accommodate the network-level evidence.

Research Conclusions and Significance

Research Conclusions

The following conclusions can be drawn. First, practitioners have a certain understanding of inherent risk and control risk. The two main findings of the survey are awareness of the inherent risks and control risks of blockchain and cryptocurrency financial statement audits and awareness of these business audit methods. Second, customers who adopt new blockchain technologies are inherently riskier than others, not least because of the link between blockchain and the cryptocurrency Bitcoin. The risk factor is exacerbated by the lack of expertise in the audit business to apply cryptocurrencies and the rest of the blockchain content. Thus, the use of relevant content by customers is classified as high risk.

Third, the study identified the perceived risks of using blockchain technology. Blockchain technology brings both benefits and risks to auditing. Fourth, an appropriate financial accounting framework should be used. The integrity of the blockchain network environment and the relevant regulatory schemes are lacking, increasing the audit risk. The most important action for cryptocurrency assets is to state their own evaluation standards, but the tax law is not precisely defined, accounting can not docking it, and some people suggest using existing accounting and blockchain technology to adhere to the abovementioned standards.

Fifth, the entity should implements an internal control system. While auditors typically need to be aware of a client’s internal control systems, there is an argument that reliance on a client’s internal controls may be more pronounced for an audit in a blockchain environment. According to the comments of the respondents, the security control of the blockchain is problematic. It is different from the traditional business and is not conducive to sustainable operation. If the blockchain is viewed from the perspective of cryptocurrency, however, auditing transactions can be used to reduce the associated risks.

Research Significance and Inspiration

China Should Pay Full Attention to the Effect of Customers’ Use of Blockchain Technology on Audit Risks (Including Inherent Risks and Inspection Risks)

Validation and reliability of data in a blockchain audit rely on a network of external partners of the blockchain platform. However, the lack of technical, data and governance standards in the operating environment of blockchain platforms adversely affects both the inherent risks and the control risks of enterprises involved in blockchain due to the uncertainty in the integrity of the blockchain platform. When conducting a blockchain audit, therefore, auditors should assess the blockchain ecosystem, including enterprises on the blockchain and their partners, to ensure the reliability of the audit data to fully assess its inherent risks. At the same time, the effectiveness of internal controls in the enterprise blockchain environment should also be evaluated to estimate its control risk. On the basis of the full assessment of the inherent risks and control risks of enterprises in the blockchain environment, auditors should adopt corresponding audit procedures and audit methods to reduce audit risks.

Pay Attention to the Application of Audit Methods in the Blockchain Environment

To audit enterprises in the blockchain environment, it is necessary to use the cooperation of domestic enterprises to gradually establish an ecological chain system involving audit blockchain technology research and jointly promote the large-scale application of blockchain technology in auditing. In a blockchain environment, auditors can easily collect direct and account-level evidence of businesses on the chain, especially regarding high-risk transaction accounts, as blockchain allows for 100% sampling of transactions and account balances. This enables comprehensive and efficient real-time analysis and validation. Auditors can thus combine traditional audit procedures with modern information technology and use the continuous audit method proposed by van Buuren et al. to conduct audits.

Discussion and Suggestions

Discussion

While it has been suggested that client use of blockchain technology will change the way audits are conducted, to date there has been little academic research on whether audit practitioners agree with these claims, and if so, what these change will be and why. This study found that blockchain customers are generally perceived to pose a higher risk than other customers, with increased control risks inherent in audit engagements for blockchain entities. These perceptions are mainly related to the failure to reach consensus on accounting standards and technical standards for blockchain applications. This lack of consensus compromises the advantages of using blockchain platforms, which include the integrity and validity of the data on these platforms.

The findings, insights, and limitations of this exploratory study identify areas for future research. The two views on the audit approach to blockchain clients reflect the consideration of factors such as audit risk, control dependence, and substantive testing in the audit business. In theory, each approach is different in the relative attention paid to each element. The exploratory nature of the study identified a possible shift in the relative focus on these elements. However, this finding needs to be further examined through case studies or experimental studies of engagements between blockchain clients and auditors. The blockchain is a network platform for all parties, which confirms that an entity’s internal control system can infiltrate the governance controls of the blockchain parties’ network.

Suggestions

Develop Blockchain-Related Audit Standards and Carefully Assess Audit Risks in the Blockchain Environment

To improve the data security in blockchain technology, each unit should develop a confidentiality system and a responsibility system, strengthen the confidentiality of the data, and carry out periodic inspections to ensure that the various systems are well implemented. In the framework of ISO27001, establish the information risk assessment method and mechanism, from the risk definition, identification, analysis and disposal of the whole process system. In addition, the state should establish and improve laws and regulations related to blockchain technology, keep up with the pace of the development of the digital economy, optimize and improve the current audit standards system, improve the overall work process, and reduce costs.

Explore New Methods of Blockchain Auditing

First, audit activities are based on a private chain, and verification information can be obtained from the collaboration chain. A large volume of data from different places can be easily combined for analysis, truly realizing the sharing of data. Moreover, blockchain uses mathematical methods to establish trust between parties and establish a true and transparent general ledger, which greatly reduces the work burden and risk of auditors. Furthermore, auditors save time and energy on verification procedures.

Second, there is hope that the problem of audit independence can be solved. If the relationship between the auditee and the auditor is too close or involves the interests of both parties, it will have an effect on the independence of the auditor. In terms of audit quality assurance, one of the important system designs is that the audit committee under the board of directors is responsible for the selection and hiring of certified public accountants. However, the power of an enterprise to choose a certified public accountant is essentially in the hands of the management. However, the demand for certified public accountants is usually decided jointly according to the settlement method and amount in the business process, which may affect the interests of both parties and have negative effects on the accountant and the firm. The question arises, therefore, of how to provide the paid service while guaranteeing the independence of the audit. Self-auditing of blockchains has the potential to solve this problem at a fundamental level.

Cultivate Blockchain Auditors

The current biggest development defect of domestic blockchain technology is that there is no professional support. The training of auditors can be divided into two parts. First, the reserve of cross-domain knowledge should be enhanced. In recent years, in the recruitment of all kinds of accounting firms, the demand for non-accounting and audit professionals has been increasing, which means that the knowledge required for audit work goes beyond that of finance and management. Professionals proficient in multiple fields are urgently needed in audit work. Operating computer systems, data screening, and digital statistics have become compulsory courses for auditors, and it will be difficult to engage in audit work without these technologies. The focus of auditors’ work will also change to data screening, analysis, and evaluation to meet the needs of finding audit clues in massive amounts of data. Second, the study of professional ethics should be strengthened. The anonymity of blockchain technology makes it convenient for auditors to collect evidence, but it also increases the possibility of trade secret disclosure, which reminds auditors to focus on improving their professional ethics. The core factors that affect the success or failure of the audit are the auditor’s integrity, confidentiality, diligence, objectivity, impartiality, independence, professional competence, and professional behavior. These are also the key conditions that determine the success or failure of the auditor’s career.

At the same time, auditors should keep abreast of changes in industry development rules, have a complete blockchain thinking, and pay attention to improving personal ability and quality. Auditors should participate in training, including on-the-job training, while acquiring profession-related knowledge, learn about blockchain technology, and seize the opportunities brought by blockchain technology to the audit industry. They should also face the challenges brought by the introduction of blockchain technology in the audit industry, improve their comprehensive ability, and become auditors skilled in blockchain technology and professional auditing skills.

Research Limitations and Prospects

This study carried out a case analysis based on a questionnaire to reveal the effect of blockchain technology on audit risk. The study had some limitations, however. Only 28 participants were selected, and the questionnaire was designed only to elicit data on the links that may have risks, without expert consultation and feedback in the process of developing the questionnaire. The accuracy of the conclusion of this study therefore needs further verification.

The application of blockchain technology in the audit work has had a significant effect on the audit mode, audit quality, and auditors. It has also increased the requirements for professional knowledge and professional ethics for auditors. The further application of blockchain technology in the audit process requires improvement of the theory and further testing of the theory.

Footnotes

Appendix

Acknowledgements

We gratefully acknowledge the assistance of my teachers and my classmates.

Declaration of Conflicting Interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) received no financial support for the research, authorship, and/or publication of this article.

Ethics Statement

This paper does not contain animal and human studies.

ORCID iD

Yang Dong

Data Availability Statement

The data supporting the findings of this study are available upon request. Researchers interested in accessing the dataset used in this journal article may contact the corresponding author at 552475261@qq.com. Access to the data is subject to ethical and privacy considerations, and requests will be evaluated to ensure compliance with relevant regulations and guidelines. The aim is to facilitate transparency and reproducibility while respecting the confidentiality and privacy of the individuals and entities involved in the study.

References

Alqaraleh

M. H. S.

Nour

A. N. I.

(2020). The impact of the audit committee on the timeliness of the annual financial reports in Jordanian companies listed in the Amman Stock Exchange. International Journal of Critical Accounting, 11(4), 287–298. https://doi.org/10.1504/IJCA.2020.110320

Armitage

S. A. O.

Fernández-Marín

Wcislo

W. T.

Boomsma

J. J.

(2012). An evaluation of the possible adaptive function of fungal brood covering by attine ants. Evolution, 66(6), 1966–1975. https://doi.org/10.1111/j.1558-5646.2011.01568.x

Chen

Han

(2020). Research on poverty alleviation audit method based on blockchain technology. Finance and Accounting Communication, 21, 119–123,133.

Cheng

Wang

(2020). Dynamic Research on development of blockchain technology and application of big accounting at home and abroad. Friends of Accounting, (6), 143–149.

Curtis

Turley

(2007). The business risk audit – A longitudinal case study of an audit engagement. Accounting, Organizations and Society, 32(4), 439–461. /https://doi.org/10.1016/j.aos.2006.09.004

Ding

(2020). Research on internal audit of financial sharing model—From the perspective of information technology risk identification and application. Friends of Accounting, 20, 15–20.

Xie

(2020). Construction of management accounting reporting system based on blockchain. Friends of Accounting, 8, 153–159.

Fan

(2018). Blockchain and accounting and auditing. Finance and Accounting Monthly, 2, 39–43.

Fang

(2020). Application research of blockchain technology in accounting field. New Business Weekly, 25(14), 259–261.

10.

(2023). Application research of blockchain technology in Internal Audit – Based on internal control perspective. Times Economic and Trade, 7, 75–77.

11.

Huang

Chen

(2019). The impact of blockchain on accounting and auditing from the perspective of trust and efficiency. Finance and Accounting Monthly, 9, 56–60.

12.

Jin

Wang

Zhang

(2020). Optimization of accounting information generation path based on blockchain technology. Finance and Accounting Monthly, 11, 76–82.

13.

Liang

Cao

(2021). Dialectical thinking on the application of blockchain technology in audit field—Based on the perspective of multi-node data sharing. Journal of Finance and Accounting, 5, 139–144.

14.

Liu

Wang

Han

(2019). The ideal and reality of “blockchain + Audit” operation mode. Journal of Finance and Accounting, 8, 3–11.

15.

Najjar

Alsurakji

I. H.

El-Qanni

Nour

A. I.

(2023). The role of blockchain technology in the integration of sustainability practices across multi-tier supply networks: Implications and potential complexities. Journal of Sustainable Finance and Investment, 13(1), 744–762. https://doi.org/10.1080/20430795.2022.2030663

16.

Nour

A. N. I.

Tanbour

K. M.

(2023). The impact of the code of professional conduct for internal auditors on the effectiveness of internal auditing units in banks listed on the palestine stock exchange during COVID-19 pandemic. Lecture Notes in Networks and Systems, 495, 504–522. https://doi.org/10.1007/978-3-031-08954-1_45

17.

Richins

Stapleton

Stratopoulos

T. C.

Wong

(2017). Big data analytics: Opportunity or threat for the accounting profession? Journal of Information Systems, 31(3), 63–79. https://doi.org/10.2308/ISYS-51805

18.

Rozario

A. M.

Thomas

(2019). Reengineering the audit with blockchain and smart contracts. Journal of Emerging Technologies in Accounting, 16(1), 21–35. https://doi.org/10.2308/JETA-52432

19.

Sheldon

M. D.

(2019). A primer for information technology general control considerations on a private and permissioned blockchain audit. Current Issues in Auditing, 13(1), A15–A29. https://doi.org/10.2308/CIIA-52356

20.

Shin

Bianco

W. T.

(2020). In blockchain we trust: Does blockchain itself generate trust? Social Science Quarterly, 101(7), 2522–2538. https://doi.org/10.1111/SSQU.12917

21.

Shin

Hwang

(2020). The effects of security and traceability of blockchain on digital affordance. Online Information Review, 44(4), 913–932. https://doi.org/10.1108/OIR-01-2019-0013

22.

Shin

Ibahrine

(2020). The socio-technical assemblages of blockchain system: How blockchains are framed and how the framing reflects societal contexts. Digital Policy, Regulation and Governance, 22(3), 245–263. https://doi.org/10.1108/DPRG-11-2019-0095

23.

Smith

S. S.

Castonguay

J. J.

(2020). Blockchain and accounting governance: Emerging issues and considerations for accounting and assurance professionals. Journal of Emerging Technologies in Accounting, 17(1), 119–131. https://doi.org/10.2308/JETA-52686

24.

Song

(2020). Research on the application of Blockchain technology in Enterprise Network Audit: A case study of Zhiyuan Technology Company. Friends of Accounting, 7, 156–160.

25.

Tang

Jiang

(2019). Research on government audit to promote corruption governance: Based on the perspective of blockchain technology empowerment. Accounting and Economics Research, 34(4), 46–58.

26.

Tiberius

Hirth

(2019). Impacts of digitization on auditing: A Delphi study for Germany. Journal of International Accounting, Auditing and Taxation, 37, 100288. https://doi.org/10.1016/J.INTACCAUDTAX.2019.100288

27.

van Buuren

Koch

van Nieuw Amerongen

Wright

A. M

. (2018). Evaluating the change process for business risk auditing: Legitimacy experiences of non-Big 4 auditors. AUDITING: A Journal of Practice & Theory, 37(2), 249–269. https://doi.org/10.2308/ajpt-51748

28.

Wang

Zhang

(2020). Research on continuous audit model construction based on blockchain technology. Friends of Accounting, 19, 154–160.

29.

Wang

(2020). Discussion on Enterprise Accounting information System reconstruction under blockchain. Journal of Finance and Accounting, 15, 146–149.

30.

Chen

(2020). Research on audit methods under blockchain technology. Audit Research, 3, 20–28.

31.

Zhang

Tao

Zhang

(2021). Research on the application of blockchain in audit: Literature review. Times Economic and Trade, 18(10), 27–31.

32.

Zhang

(2023). Review and prospect of the application of regional fast chain technology in China’s audit field. Modern Audit and Accounting, 5, 39–41.

33.

Zhang

Yin

(2020). The present and future of the “blockchain + audit” format. Audit Monthly, 5, 65–69.

34.

Zhang

Ding

Yang

(2020). Construction of knowledge system standard for clinical pharmacists based on Delphi method. Chinese Journal of Hospital Pharmacy, 40(7), 795–799.

Enterprise Audits and Blockchain Technology

Abstract

Plain Language Summary

Keywords

Introduction

Development Status of Blockchain Technology in the Auditing Industry

Development of Auditing Practices for Blockchain Enterprises in China

Status of Blockchain Technology in China

Blockchain Audit Cases and Analysis in China

Company Background

Case Introduction

Commercial Deployment Based on Blockchain Technology

Auditing Based on Blockchain Technology

New Issues Arising From Auditing With Blockchain Technology

Audit Risk Issues

Innovation in Audit Methods

Issues with Blockchain Auditors

International Reference for Auditing of Enterprises Involved in Blockchain Technology

Australian Blockchain Audit Case Materials

Pre-Questionnaire Interviews

Questionnaire Design

Sample Selection and Data Collection

Expert Authority Measure

Expert Characteristics

Reliability and Validity Analysis

Result Analysis

Research Conclusions and Significance

Research Conclusions

Research Significance and Inspiration

China Should Pay Full Attention to the Effect of Customers’ Use of Blockchain Technology on Audit Risks (Including Inherent Risks and Inspection Risks)

Pay Attention to the Application of Audit Methods in the Blockchain Environment

Discussion and Suggestions

Discussion

Suggestions

Develop Blockchain-Related Audit Standards and Carefully Assess Audit Risks in the Blockchain Environment

Explore New Methods of Blockchain Auditing

Cultivate Blockchain Auditors

Research Limitations and Prospects

Footnotes

Appendix

Acknowledgements

Declaration of Conflicting Interests

Funding

Ethics Statement

ORCID iD

Data Availability Statement

References