Bitcoin: Risks and Controls

Publication Date01 July 2015
Date01 July 2015
AuthorRobert Hogan,Gerry Grant
© 2015 Wiley Periodicals, Inc.
Published online in Wiley Online Library (
DOI 10.1002/jcaf.22060
Bitcoin: Risks and Controls
Gerry Grant and Robert Hogan
Bitcoin1 is a vir-
tual currency that
began as a white
paper in November
2008 and transitioned
from an idea to real-
ity in 2009 with the
mining of the first
bitcoin. While not the
first virtual currency,
Bitcoin has solved
the fundamental
problems that plagued earlier
attempts at virtual currency.
Through the use of cryptogra-
phy and the combination
of a public and private key,
Bitcoin had made its use
almost completely anonymous
and has eliminated the need
for a central authority that can
see the details of every transac-
tion. Additionally, the creation
of bitcoins through the mining
process provides a mechanism
that generates a stable sup-
ply of the currency without
the intervention of a central
regulatory body that might be
tempted to devalue the cur-
rency through arbitrary cur-
rency creation.
The total number of bit-
coins that can be mined is
about 21 million, with about
12million created so far
(Brito& Castillo, 2013; Tucker,
2013). Even though the total
number of bitcoins that can be
mined is capped, Bitcoin is a
fractional currency, meaning
that a portion of a bitcoin can
be used to complete a transac-
tion (Fowler, 2014). The small-
est denomination of a bitcoin,
called a “satoshi,” is 0.00000001
of a bitcoin. Based on current
estimates, the last satoshi is
expected to be mined in the year
2140 (Brito & Castillo, 2013;
Tucker, 2013).
The advantages and grow-
ing acceptance of Bitcoin
suggest that the integration of
virtual currency may be rap-
idly approaching. The use of
Bitcoin introduces a variety of
risk and internal control mat-
ters that must be understood
and addressed before a firm
integrates bitcoins
into the firm’s opera-
tional model. In this
article, we discuss the
risks associated with
Bitcoin and related
internal controls.
is responsible for
designing and imple-
menting a system
of internal controls that will
safeguard the firm’s assets.
Thischallenge is never simple,
and adding or including bit-
coins into the firm’s opera-
tional processes exposes the
firm to additional risks that
potentially were previously
beyond the concern of the firm.
Addressing these types of con-
cerns is often delegated to the
internal audit department, as
they tend to serve as internal
consultants as well as process
and control advisors to man-
agement concerning system
and data processing. Regarding
Bitcoin specifically, the audit‐
related concerns include:
• Assessing data security and
risk vulnerabilities,
• Performing regular security
Proponents hype the benefits of Bitcoin transac-
tions as being faster and cheaper than traditional
methods; however, concerns around the lack of
a central governing agency, lack of controls over
Bitcoin exchanges, and the volatility of the virtual
currency persist. Therefore, a company’s use of
Bitcoin, as a medium of exchange or as an invest-
ment, involves risks and internal control concerns
that merit careful consideration.
© 2015 Wiley Periodicals, Inc.

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT