Grant Thornton give Data Gumbo blockchain clean bill of health

Financial ‘System and Organization Controls’ (SOC) methodology extended to cover blockchain. Study finds ‘transparency of blockchain transactions negated by their complexity and nascence of the underlying technology’.

Houston-based blockchain boutique Data Gumbo has announced completion of a ‘SOC 1Type 1 Audit*’ of its blockchain-as-a-service platform for industrial customers. The SOC 1 audit focuses on ‘controls likely to be relevant to an audit of a customer’s financial statements’. Data Gumbo retained Grant Thornton, an independent audit, tax and advisory firm, to perform its SOC 1 work. Grant Thornton’s testing of Data Gumbo’s blockchain included examination of Data Gumbo’s platform for smart contract set up, maintenance and execution and received an unqualified opinion from that its procedures and infrastructure meet or exceed the SOC 1 Type 1 criteria.

SOC validation for blockchain is a rather novel field. A recent publication from Grant Thornton titled, ‘Managing virtual currency and blockchain risk with SOC attestation’ argues that traditional SOC audit controls for company finances can be extended to cover blockchain risk. SOC validates that an organization is operating as efficiently as possible, minimizing risks and offering a best quality service. SOC level one covers an organization’s financial controls. A Type 1 report provides a snapshot of such controls as provided by management.

We asked GT for more on their blockchain SOC certification and were pointed to an article on ‘The Challenges of Auditing Crypto' interview that appeared in Coin Notes News. Here we read that ‘the transparency of blockchain transactions is negated by their complexity and nascence of the underlying technology’. There are problems with many implementations of blockchain explorers which may not satisfy conditions required for an audit. There are other problems for cryptocurrencies, blockchain addresses hide coin owners’ identities, although it is unclear to what extent such issues affect non-cryptocurrency applications of blockchain.

* System and Organization Controls. More from the American Institute of CPAs.

Click here to comment on this article

Click here to view this article in context on a desktop

© Oil IT Journal - all rights reserved.