Are Current Auditing Standards Fit For The Growing Use Cases Of Blockchain?

Are The Current Auditing Standards Fit For The Growing Use Cases Of Blockchain?

Table of Contents

Read Time: 4 minutes

2020-2021 has seen a tremendous increase in blockchain use cases as developers found new technology applications. While 2020 saw the rise of decentralized finance, 2021 has focused more on creativity and the transition from physical to digital application through non-fungible tokens (NFTs), which have played a role in the emergence of metaverse.

While blockchain came into prominence with the advent of the first cryptocurrency, Bitcoin, the technology has expanded to much more over the years. Since its inception back in 2008, the technology has profoundly changed all the major industries cutting across the supply chain and logistics monitoring, banking, digital identity, voting, healthcare, music, smart energy and many others.

 That said, the increasing use of blockchain could affect the nature and extent of information available to auditors and how audits are performed.

Given blockchain’s decentralized, transparent and traceability nature, authorities and key stakeholders have been working on keeping players in check to protect users and project owners. 

One great tool that seems to complete the work is auditing blockchain and crypto-based projects.

What is smart contract audit?

According to Oxford, an audit can be defined as the official account inspection of an organization by an independent body. Blockchain audits are mainly aimed at ensuring participants within the technology are providing the best solution while remaining compliant with the set regulations.

Current regulations and auditing standards

There are already some regulations that require blockchain-based projects in theory to conduct audits.

For instance, the California Consumer Privacy Act (CCPA) directs the project to undergo an auditing process at least once in a given 12 years. In addition, the American Institute of CPAs’ SOC 2 audit standards require firms to undergo audits every six months.

At the same time, the European Union’s General Data Protection Regulation (GDPR) calls for regular testing, assessing and evaluating the effectiveness of technical and organizational measures. The GDPR, however, applies to the handling of personally identifiable information.

Blockchain-based auditors rely on different apparatuses such as data analytics to better understand the project in order to identify errors and anomalies in the data patterns. Unlike traditional assets, auditors find it much easier to audit blockchain-based projects. This is because the technology records all transactions transparently, secure and uninterrupted by third parties. 

This, therefore, facilitates easy access to data, saving auditors time and overall cost work needed. In addition, some blockchain applications, especially decentralized finance (DeFi), use smart contracts to automate business processes. This makes it easier for auditors to verify transactions and the data therein.  

Must Read: Vulnerabilities that can Shake Off the Metaverse, and their Solutions

Need of Guidelines for current auditing standards

However, this is easier said than done. Despite the advantages that come with the technology, auditing blockchain-based projects still need a lot of adjustments. As it is now, many within the industry agree that the current auditing standards are too vague and need more guidelines.  When auditing a blockchain technology or application, entities are faced with a few questions. 

Firstly, they need to figure out (the process) of auditing the network and the data stored within a blockchain. Auditors also need to figure out how to use the current data analytic to support their work.

Secondly, there are currently no specific auditing standards for blockchain. Regulators are still trying to create clear guidelines and regulations for the blockchain. 

Notably, the hard part for most has been understanding the place of law in blockchain’s interoperability. Furthermore, it has been more difficult to predict when and how long it might take to issue such standardized guidelines. 

According to a report in 2016, existing auditing standards are, for a larger part, reactive in nature, responding to particular needs instead of anticipating the needs. The consequence of this is that these standards are always lagging.

Also, jurisdictions have different auditing agendas, making it harder to execute efficient audits. Lastly, some auditing companies or organizations lack the proper skills set like statistical inferences needed to evaluate blockchain.

Possible auditing solutions

As stated earlier, the nature of blockchain calls for a different approach to how things are run. This means taking on new tools and strategies to keep up with the technology. There is a need for information technology (IT) based auditing standards.

There is also a need for regulators to increase the pace at which they release new standards or updates on blockchain audits. Over the last few years, blockchain applications have been evolving almost monthly, if not weekly. This has made it difficult for regulators to create working guidelines. 

However, regulators can correct this mismatch by applying the available technologies to keep up with the blockchain’s changes and technologies. It should also be mandatory for companies to go through another audit following a significant amendment to their code. Auditors should also seek to create a self-regulatory organization (SRO) to create accountability within the ecosystem.

In addition, there should be standardized skill set requirements for auditors that will go a long way in ascertaining the stability of the overall auditing process. 

Finally, governments should create bodies responsible for the oversight of existing blockchain code auditors or make it mandatory for auditing firms registering with regulatory bodies.


Related Articles

View All

Leave a Comment

Your email address will not be published. Required fields are marked *


Due to the fact that Web3 technology is still in its infancy, new types of attacks are possible. Some attacks, like ice phishing, are specific to Web3, while others resemble credential phishing attacks.




The $BEVO NFT Art Token (BEVO) on BSC was exploited, resulting in a $45,000 loss.

The root cause of the exploit is that BEVO is a deflationary token. By invoking function deliver(), the value _rTotal will decrease.

QuillAudits 🤝 Gamestarter

@Gamestarter is a complete Web3 ecosystem including an IDO launchpad, game development studio, accelerator, incubator, and soon NFT marketplace, gaming guild and metaverse.

QuillAudits extends its partnership with Gamestarter.


Thoreum Finance on the BNB chain was exploited on January 18, 2023. The exploit resulted in the protocol losing approximately 2261 BNB (~$680K).

✔ Check out our latest article to learn more about how it happens.👇


#web3 #Security #Audit


phyProxy on BSC was attacked, resulting in a loss of 1.2K BUSD.

The root cause is a forced investment due to the delegate calls unverified input in the public delegateCallSwap function.

Load More

Amidst FTX Saga, Hacker Swept More Than $25 Million in 2nd week of November

The contract reinvested (the earn function was not called) before the user pledged (depositAll function) without settling the reward, which means that when the user pledged, the contract did not settle the previous reward and instead conducted a new investment.

Become a Quiffiliate!
Join our mission to safeguard web3

Sounds Interesting, Right? All you have to do is:


Refer QuillAudits to Web3 projects for audits.


Earn rewards as we conclude the audits.


Thereby help us Secure web3 ecosystem.

Total Rewards Shared Out: $190K+