Analysing on-chain data for financial audits of centralized crypto companies

4 min readNov 14, 2022


By Femi Babatunde, Co-founder Savecoins Technologies

It’s often remarked that the beauty of blockchain enabled transactions is the transparency the distributed ledger offers for anyone willing to check, analyze, or dive into them. Regardless of the transparency that technology brings, regulations that should leverage this for the government in relation to financial audits to prevent the failure of these institutions have not been proposed.

This article intends to explain and propose a structure for how on-chain data with audit compliance can help safeguard consumers' funds and also protect against the failure of these centralized institutions.

To properly explain how this will work, we need to give a short insight on how banks in traditional finance are audited.

How are banks audited?

Centralized crypto exchanges, custodians, or crypto banks are essentially shadow banks with little or no regulations and compliance to safeguard consumer funds. Banks involved in traditional finance have failed in the past before better regulations imposed by central banks saved them.

A bank audit is a routine inspection of the organization’s records and services to check for compliance with applicable laws and industry standards. Numerous audits, including statutory audits, revenue audits, concurrent audits, and others, are required of banks. This could be done by internal or external organizations. Some of the processes involved in auditing a bank involves;

1. The statutory auditor’s preliminary evaluation of

A Declaration of Indebtedness and a Statutory Auditors’ Internal Assignments in Banks

a) Making preparations for a financial statement audit

d) Discussions with Former Auditors e) Conditions of Audit Engagements

Initial Partnerships

g) Engagement Risk Assessment

h) Knowledge of the Bank and its Setting

2. Recognizing and evaluating the dangers of material misstatements

3. Being aware of the bank’s surroundings, particularly internal controls

4. Recognizing the Accounting Procedures of the Bank

5. Knowledge of the Risk Management Procedure

6. Participation Team Discussions

7. Formulating the Overarching Audit Plan

8. Making an audit plan

9. Condensing the audit strategy by creating an audit strategy memo.

10. Considering the relationship between the audit and the materiality of the audit.

Some of these processes enable the external auditor to understand the processes of the banks regarding customer deposits, settlements, and liquidity flow to determine if the banks follow certain compliance standards and also determine solvency.

In this article, we will classify centralized crypto companies into exchanges, custodians, and payment companies, There are arguments that most of these companies provide the same services. Crypto companies, because of their integrations with different blockchains, have a different backend architecture that differs from traditional banks and makes the processes of auditing transactions and managing liquidity flows different.

A proposal for audit processes and compliance for centralized crypto companies.

Because centralized crypto companies act as an on-ramp and off-ramp for moving or converting fiat to cryptocurrency, fiat deposits are technically part of their liabilities.

Customer assets

Customer assets should be treated as liabilities on the balance sheet.

Statutory ratio for reserves in both cold and hot wallets to meet withdrawal demands by customers

Customer crypto-assets should not be touched, lent, or traded under any circumstance, as they are not legal tender and can’t be insured.

Customer assets should be analyzed as deposits occur, and total balances should match the liability positions of the company at all times.

Liquidity Flow and settlements

Since the flow of liquidity and settlements are mostly done on-chain, everything is open to audit and transparency. Crypto companies have different hot and cold wallets for several on-chain transactions, and the specificity of these wallets should be documented for any external auditor to understand. This is because, due to deep liquidity concerns, several exchanges or custodians have accounts with other bigger exchanges as trading accounts that provide a frontend of balances for their consumers.

By architecture, crypto companies automatically generate a wallet address for each customer for the present assets on their platform when the customer signs up, so when customers receive crypto-assets, the value of their assets can be checked on-chain to see if it matches what is on their front-end.

With details of what we saw with FTX, it is obvious that privacy & user policies aren’t enough to safeguard consumers that use these platforms

In 2020, EY, the big audit firm, created an analytical tool that allows for better auditing and investigation of on-chain data for verification of transactions. According to EY, financial reporting for blockchain-enabled transactions will be easier with the explorer and visualizer solutions. It will assist in highlighting possible outliers, such as fraudulent red-flag behaviors.

It’s obvious that with research driven policies and compliance with regulations, the operations of centralized crypto companies can align better with consumer protection safeguards and provide for better financial auditing.