![](https://steemitimages.com/DQmPsi2nsNJcD1hbWDVqgfmdkp4GHGNP3VpXtDZXBWoRSvT/image.png)
Blockchain presents a challenge to the traditional audit approach, given there’s no practical way to use point-in-time forensic analysis—the standard audit tool. Assurance in a blockchain environment derives from irrefutable transaction history and integrity. So in essence, you have a system that has full integrity, that’s 100% accurate. Attempting to conduct a point-in-time forensic retrospective analysis is ineffective and wildly inefficient. This approach negates one of the benefits of implementing blockchain in the first place: the promise of increased administrative efficiency.

Of course, you still need blockchain audits to build confidence and assurance in the technology. But the audit itself will look very different. The standard approach will be replaced by a process that’s closer to auditing of transactions in real time, and this change will prove challenging for most internal audit departments.

The concept behind real-time auditing is to inspect transactions closer and closer to the point of occurrence, and there are many ways to accomplish this. In blockchain, it's a complicated process that requires a second underlying technology and tapping into the processing itself, in order to create the transparency that third parties require.

Real-time auditing eliminates the traditional concept of sampling. The purpose of sampling is to perform backward-looking assessments of segments of populations to draw conclusions about the rest of the population. Blockchain technology offers new assurance-related baselines that eliminate the need for sampling. In a blockchain ledger, you have an up-to-date, immutable historical record, so auditing in the blockchain environment requires a very different mindset and approach.

Regulatory uncertainty
Regulators also grapple with the uncertainty surrounding blockchain. Driving the uncertainty is that blockchain is a technological concept, not an institutional product, and there are dozens of variants. If we looked at 20 of our clients who are deploying blockchain, we would find that they all resulted in different use case scenarios. This variation creates a significant regulatory challenge, since regulation in its simplest form is all about standardization. Until we see something closer to standardization in blockchain, we’re not likely to see meaningful regulatory standards emerge. But as the technology matures and variants are reduced, I think we’ll see a firmer foot put forward by regulatory bodies.

In the meantime, auditors of blockchain solutions will still be required to comply with existing regulations, such as AML and KYC. The only difference will be in how they go about meeting those requirements and providing the transparency regulators need to assure they are being met