Evaluation Blockchain Using COSO
As companies begin to explore and develop technology solutions based on blockchain and smart contracts, there is a need to understand the impact of blockchain and smart contracts on the assessment of internal controls and enterprise risk. Especially, since the distributed ledger and smart contracts blur the system boundaries between trading partners, there is a need to understand whether internal control assessments based on a single company approach is adequate in an integrated and collaborative environment. We provide an overview of smart contracts for practitioners and describe the associated risks of engaging in a blockchain consortium. We also list potential questions related to internal controls that may be considered when either engaging in a consortium or executing a smart contract. We then discuss whether current frameworks, specifically the Committee of Sponsoring Organization (COSO) integrated and COSO Enterprise Risk Management (ERM) frameworks, adequately address a collaborative supply chain ecosystem.