The 21st century has seen numerous information systems technologies arise in science, automotive, aviation, and supply chain, among other fields. But perhaps one of this century's most disruptive technologies is blockchain, which dates to only 2008. That was when an individual — or group of individuals — using the pseudonym Satoshi Nakamoto published a white paper entitled Bitcoin: A Peer-to-peer Electronic Cash System to address the threat of "double-spending" in digital currency.
In 2009, the Bitcoin network was launched. Unlike traditional banking systems, Nakamoto's peer-to-peer, decentralized (peer-to-peer) network allows participants within that network to authenticate the transactions of each user without the support of a trusted intermediary or agent, such as a bank.
The advent of the technology engine behind bitcoin started to change the way some organizations conducted e-commerce and eventually some of their internal processes. Over the next decade, private and public sector organizations started adopting blockchain's distributed ledger technology for services including electronic commerce, procurement, registration, election polling or voting, clearing and settling customer transactions, managing logistics and supply chain, and fraud prevention.
Blockchain is also revolutionizing the conventional ways of administering various government functions. An example is the Republic of Estonia, the first country to use blockchain to provide e-residency and notarization services to its citizens with the aid of an Estonian e-ID. This platform enables Estonian citizens to register and manage a company, file taxes, access banking services, and pay third-party service providers remotely. Similarly, the government of the United Arab Emirates has been pursuing directives to use blockchain platforms to issue government documents starting in 2020.
Many top-notch global organizations are also using or planning to use blockchain as a secure, robust, and cutting-edge technology to better serve customers. The list includes well-known companies such as Bank of America, IBM, J.P. Morgan, Royal Bank of Canada, and Walmart. The Statista publication on June 9, 2020, puts the global market capitalization of blockchain from 2018 to 2020 at $3 billion. Projected blockchain revenues from 2021 to 2025 range from $7 billion to over $40 billion, signifying a huge investment in the technology.
In a nutshell, blockchain is a peer-to-peer distributed digital network with an immutable, decentralized shared ledger that allows network participants to reach transaction consensus without a trusted intermediary such as a bank, escrow company, or regulator. Some of the most salient characteristics of blockchain technology include:
- A decentralized, distributed network that not only does not require a central repository but also allows a very high degree of network fault tolerance, thereby eliminating network single points of failure.
- Cryptographically based, tamper evident, and tamper resistant data storage, thereby rendering the data on the blockchain immutable.
- Member group consensus-based data verification offering additional data integrity protection.
Blockchains may be categorized into three major categories: public, private, and consortium.
Public blockchain — often referred to as permissionless blockchains — are open to everyone. These public platforms are used for various cryptocurrency transactions, such as bitcoin, as well as other uses. A public blockchain, by virtue of being significantly larger than its private counterparts, tends to experience performance or scalability issues if the network continues to grow rapidly in size.
Private blockchains, on the other hand, are referred to as permissioned blockchains. With these private platforms, only allowed members may join the platform upon the approval of the access control administrator following verification of user credentials. An example of a private blockchain platform is Hyperledger Fabric, developed at the Linux Foundation.
Consortium blockchains are hybrid blockchain versions where multiple organizations participate in managing the network. In this model, one or more entities may control the network, thereby causing a reliance on a third party for business transactions.
The tamper-proof attributes of blockchains, leading to immutable sets of transaction records, represent a higher quality of evidence for internal auditors. Blockchain technology will impact the performance of the audit engagement because of its attributes, as the technology can seamlessly complement traditional audit techniques.
Furthermore, various fraud schemes related to financial reporting, such as the recording of fictitious revenues, could be avoided or at least greatly mitigated. Frauds related to missing, duplicated, and identical invoices also can be greatly curtailed.
As a result, the advent of blockchain can enable auditors to reduce substantive testing as inherent and control audit risks will be reduced, thereby greatly improving an audit's detection of risk. As such, the continuing use and progress of blockchain may soon mean that auditors will need to deepen their knowledge of this disruptive technology.
Shaun Aghili, DBA, CIA, CRMA, CISA, is an assistant professor specializing in internal audit, fraud prevention, and information systems assurance at Concordia University of Edmonton in Alberta.
Harriet Tenge is a graduate student researcher in the Master of Information Systems Assurance (MISAM) program at Concordia University of Edmonton.
Maureen Okello is a graduate student researcher in the MISAM program at the Concordia University of Edmonton.
Want to be a part of Your Voices? Click here to learn how to contribute a blog post.