LAKE MARY, Fla. (December 5, 2022) – The Institute of Internal Auditors (IIA) – the internal audit profession's leader in standards, certification, education, research, and technical guidance worldwide – today released a letter calling for Congress to establish new requirements designed to bolster corporate governance at cryptocurrency exchanges operating in the United States.
In a letter to Chairs and Ranking Members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs; U.S. Senate Committee on Agriculture, Nutrition, and Forestry; U.S. House Committee on Financial Services; and U.S. House Committee on Agriculture; The IIA points to the recent Chapter 11 bankruptcy filing of cryptocurrency exchange FTX as an example of the devastating impact on American consumers when companies lack sufficient internal controls and fail to provide objective assurance over those controls.
In the letter, Anthony Pugliese, CIA, CPA, CGMA, CITP, President and CEO of The IIA notes that as a privately held company, FTX was not required to comply with certain provisions of the Sarbanes-Oxley Act of 2002 (SOX) intended to promote sound internal controls over financial reporting and provide transparency to the investing public and accountability from corporate leaders.
“Unfortunately, since most cryptocurrency exchanges are not subject to SOX compliance, consumers were denied basic organizational transparency and did not possess relevant information to assess investment risk,” Pugliese wrote.
He notes that the absence of a robust internal audit function at FTX prevented the identification and mitigation of multiple material risks and highlighted the important role of internal audit in providing a board of directors with objective assurance, insight, and advice that is independent from management.
“The FTX collapse is the latest reminder that organizations without a robust internal audit function are, at best, playing with fire and, at worst, setting themselves and their stakeholders up for a disastrous – and entirely preventable – fall,” said Pugliese. “Countless investors are now paying the price for FTX’s failures. It’s clear that we cannot rely on unregulated crypto exchanges to do the right thing on their own – we need to mandate stronger corporate governance standards and ensure accountability when these exchanges aren’t protecting their customers. When bad corporate actors fail, it shouldn’t be investors who are left holding the bag. A robust internal audit function protects investors and the business itself, ensuring transparency and accountability.”
Based upon preliminary lessons learned from the FTX collapse, The IIA calls upon Congress to enact two new mandates designed to promote transparency and prevent future cryptocurrency internal control failures:
- Require all cryptocurrency exchanges operating in the U.S., as well as affiliated partners, to possess a sufficiently resourced and highly qualified internal audit function.
- Require the senior management of cryptocurrency exchanges operating in the U.S. to certify, annually, that their exchanges’ internal controls are adequate and appropriate based upon an independent internal audit assessment.
The IIA notes in its letter that these recommendations are an important step in establishing greater confidence in the cryptocurrency market.
Read the complete letter here.
About The Institute of Internal Auditors
The Institute of Internal Auditors (IIA) is a nonprofit international professional association that serves more than 218,000 global members and has awarded 180,000 Certified Internal Auditor (CIA) certifications worldwide. Established in 1941, The IIA is recognized throughout the world as the internal audit profession's leader in standards, certification, education, research, and technical guidance. For more information, visit theiia.org.
Media contact:
Chris Almonte
Chris.Almonte@theiia.org
+1-407-937-1349