The digital assets ecosystem is rapidly developing. In this quickly evolving environment, trust is more important than ever for investors, and audit committees have a critical role to play when it comes to this emerging area.
New data confirms that digital assets are no longer the exclusive domain of crypto-native companies; they are slowly becoming a part of the reporting landscape. In our analysis of S&P 500 companies’ Form 10-Ks filed in 2025, the CAQ found that 47 companies (approximately 9 percent) mention digital asset-related information. Furthermore, a Fall 2025 survey revealed that 22 percent of audit partners indicated companies in their primary industry sector have exposure to digital assets, a significant increase from 11 percent reported in Spring 2025.
With these changes, the audit committee’s agenda may be expanding beyond the traditional boundaries of financial reporting. The Center for Audit Quality’s latest resource, The Role of the Auditor in Digital Assets: Present and Future, provides an overview of this current state and explores how public company auditors are adapting to meet stakeholder needs.
But what does this mean for audit committees and boards? Let’s unpack that.
The Evolving Regulatory Landscape
Developing comprehensive legislation related to digital assets has become a priority for Congress. A significant milestone was the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act), signed into law on July 18, 2025. The GENIUS Act promotes transparency and accountability by requiring monthly reserve reporting that is examined by a registered public accounting firm.
Separately, the SEC has focused on providing clarity regarding its oversight of digital assets. In January 2025, the SEC announced a Crypto Task Force aimed at fostering innovation while protecting investors. These developments underscore the importance of staying current with regulatory changes that might impact company’s operations.
The Audit Committee’s Role: Oversight Beyond the Financial Statement
As the digital asset ecosystem rapidly evolves, the responsibilities of audit committees are expanding. While the objective of a financial statement audit is to obtain reasonable assurance that the financial statements are free of material misstatement, these audits are not a “stamp of approval” on a company’s business strategy or the merits of its digital asset decisions. To fulfill their oversight duties, audit committees may need to look beyond traditional financial reporting to address the unique operational and technical nuances of the digital asset landscape.
To support robust oversight and risk management efforts, audit committees are increasingly working with auditors to perform specialized attestation engagements. These engagements provide targeted transparency into the specific risks introduced by digital asset activities, including:
- Safeguarding Assets: Evaluating the company’s or third-party custodian’s controls around private key management to prevent and detect unauthorized access or loss.
- Reserve Transparency: For those involved with stablecoins, examining monthly reserve reporting to ensure assets are backed 1-to-1 by permitted reserves, as increasingly required by legislation like the GENIUS Act.
- Risk and Control Preparation: Engaging in “readiness assessments” to identify gaps in processes and develop effective controls to address digital asset risks before a formal audit occurs.
By engaging in these specialized services, audit committees can gain a deeper, more granular understanding of the company’s digital asset operations. This proactive approach not only helps mitigate emerging risks but also enhances the overall quality and credibility of the information provided to investors and stakeholders.
Essential Questions for Audit Committee Oversight
As your company navigates its digital asset journey, it is the audit committee’s responsibility to exercise informed oversight and risk management. To help frame your next discussion with management and your external auditor, consider these key questions:
- Strategy and Expertise: Does the company have the requisite expertise—including at the management and board levels—to effectively use, monitor and report on digital assets?
- Risk Assessment: How is the company identifying, assessing and mitigating the unique risks of the blockchain, such as the “immutable” nature of transactions, where lost or stolen assets may be impossible to recover?
- Regulatory Changes: Is the company prepared for upcoming reporting requirements or attestation mandates, such as those found in the GENIUS Act?
- Stakeholder Transparency: What information do our investors and customers expect regarding our digital asset operations, and how are we meeting those needs?
By asking these questions, audit committee members can ensure that the company’s digital asset strategy is grounded in a framework of accountability and transparency.
Looking Ahead
In an environment where technology often outpaces regulation, trust is the ultimate currency. By prioritizing transparency and leveraging the independent expertise of auditors, audit committees and boards can help their companies navigate the digital asset frontier with confidence.
Explore the Full Resource: To dive deeper into the current state of digital assets, explore the full resource here.
