The collapse of the TerraUSD stablecoin raises a question: Would new audit rules help prevent another, possibly more destructive, stablecoin death spiral?
The debacle—in which Terra went from multibillion-dollar valuation to nearly zero in a matter of days—has shown the need for regulatory clarity on how stablecoins are audited, said Sean Stein Smith, chair of the Wall Street Blockchain Alliance’s accounting working group and a lecturer at Lehman College in New York.
“The key questions are: How do they operate, and how is this information communicated,” he said. “The meltdown at Terra is only the most recent example of why these questions have to be asked.”
The Terra disaster has led some global financial authorities to argue that stablecoins—which are essentially unregulated now—need stricter supervision as soon as possible. Officials from the Group of Seven industrialized countries issued a statement May 20 saying that “no global stablecoin project should begin operation until it adequately addresses relevant legal, regulatory and oversight requirements through appropriate design and by adhering to applicable standards.”
In Washington, Sen. Pat Toomey (R-Pa.) introduced legislation in April that would bring stablecoin issuers under the supervision of federal banking authorities. The bill, which has drawn significant interest in the industry and among regulators, would require issuers to publicly disclose the assets backing their tokens each month and file quarterly attestations by a registered public accounting firm. An attestation is a CPA’s declaration that certain numbers are accurate and reliable.
Sens. Kirsten Gillibrand (D-N.Y.) and Cynthia Lummis, (R-Wyo.) are expected to unveil their own proposal as soon as this week with similar elements.
Stablecoins are typically pegged on a 1-to-1 basis to an asset like the US dollar. They play an essential role in the world of decentralized finance (DeFi) by facilitating trade between digital assets, and between fiat currencies and digital assets on crypto exchanges. Some such coins, backed by reserves of dollar assets, are as large as major financial institutions. For example, Tether’s USDT, the largest, has a market capitalization of about $73 billion.
Lack of Regulatory Clarity
“It’s critical that Congress provide clarity in this area as soon as possible,” Toomey said at a recent hearing with Treasury Secretary Janet Yellen. He added: “Thankfully, I am optimistic that the administration is working with members of Congress and that we can find common ground on bipartisan legislation that addresses the risks of stablecoins while also encouraging innovation and competition.”
Vivian Fang, a University of Minnesota accounting professor, said the danger was “a too-big-to-fail problem.” In the event of a panic, she said, a stablecoin issuer could be forced to sell its reserves into a falling market to meet redemption demands, further destabilizing asset prices.
More transparency about the quantity and composition of their reserves would build confidence, Fang said, “because if people know what’s in there, they’ll be less likely to panic.”
Markus Veith, a Grant Thornton partner and leader of the firm’s digital asset practice, said that in the absence of regulatory mandates, issuers have taken a “best practices” approach, looking to bodies like the American Institute of CPAs and interpreting existing accounting rules for guidance.
With most stablecoins, he said, “you have a management report that lists out what the outstanding coins are, what the reserve assets are, and then you have a separate attestation report that’s basically saying, ‘Yes, we agree with management’s assertions, this is the number of coins that is typically backed by at least the equivalent amount of reserve assets.’ ”
Stablecoin audit and attest procedures require a different level of expertise from ordinary company audits, Veith said, and Grant Thornton—which counts Circle’s USDC stablecoin among its clients—has built up its blockchain platform and infrastructure over the past nine years. That, he said, means it can handle financial statement audits of digital asset companies, and it also has the capacity to do reserve attestations and trace digital assets on blockchains.
“We developed our own infrastructure,” Veith said. “We work hand in hand with our audit methodology group, with our forensics practice, with our risk management group. And every time we onboard clients, we take a very, very close look to make sure we are comfortable with the associated risks.”
Veith declined to comment on the USDC audit, saying he couldn’t discuss individual clients. Circle’s USDC approach with Grant Thornton—in accordance with AICPA attestation standards—has nonetheless won it plaudits for transparency.
“The ones who don’t do it like USDC will have to answer the question of, ‘why don’t you do it?’ ” Smith said.
He pointed to USDC’s timely reporting—on a monthly basis, compared with the quarterly reports of Tether—as well as “multiple caveats” related to the information in its most recent report. Nearly $12 billion of its reserves is in secured loans, precious metals, and other cryptoassets “that still could use some more detail and transparency,” Smith said.
Also, Grant Thornton is the sixth-largest accounting firm in the US, he noted, while Tether’s auditor seems “an unlikely choice for the auditor of the world’s largest stablecoin.”
Tether was briefly rocked off of its 1:1 peg to the dollar in the wake of the Terra crunch, but has since regained it. It employs a tiny Cayman Islands-based accounting firm, MHA Cayman—a subsidiary of MHA MacIntyre Hudson, the UK member of Baker Tilly International. Tether and affiliated companies agreed last year with New York Attorney General Letitia James to provide quarterly reports as part of a settlement over allegations that they had hidden the loss of funds and lied about reserves. The allegations have contributed to an aura of mystery about the most-used stablecoin.
Tether’s latest disclosure assured investors last week that “consolidated reserves held for the digital tokens issued exceeds the amount required to redeem the digital tokens issued.”
MHA Cayman declined to comment.
And Then There’s Terra
Terra belongs in a separate category, that of algorithmic stablecoins. Unlike those backed with assets, it is something more exotic: an ingenious—but fatally flawed—protocol that depended on a constant arbitrage between Terra and its sister token, Luna, clever programming, and the faith of users to maintain its value at $1. When stocks and other cryptocurrencies began to fall, Luna came under selling pressure, too, breaking the link between the two and sending both spiraling downward.
“Think of it like two kids on a seesaw,” Fang said, referring to the mechanism that kept Terra in equilibrium at $1 as long as demand for Luna tokens was strong. “If one rider got off, the whole thing became unbalanced, and down it went.”
Not having reserves, Terra didn’t have a traditional auditor, either. It did, however, have a “code auditor” in Certik, a Goldman Sachs-backed web3 and blockchain security company.
Ronghui Gu, Certik’s CEO founder and a professor of computer science at Columbia University, said Certik’s job was to ensure that Terra was as secure as possible, both before deployment and after it went live, and to ensure that the code faithfully implemented the token economics—which he said were “designed either by a genius or by a madman.”
“Most investors, retail investors, don’t have the expertise to evaluate these projects,” Gu said. “That’s our job. We’ll do the assessment and deliver the auditor report that investors can read and see if there’s a mismatch between them.”
Certik holds no responsibility for Terra’s demise, he said.
“Our job is to prevent code exploitations or bugs in implementation, things that can be used by hackers to attack,” Gu said. “It’s not to decide whether it makes sense or not.”
Legislating Transparency
The crypto industry would like to get regulatory certainty, Veith said, “Because it’s better to say, ‘Look, here are the standards that everybody has to follow,’ rather than say, ‘Well, there are no standards. But, you know, be careful.’ ”
Toomey’s legislative proposal “is very important, it would help to define audit responsibilities,” Smith said, “And if you can add some transparency and some consistency on that part, it will solve 80% of the problems.”
—With assistance from Michael Kapoor.
To contact the reporter on this story:
To contact the editors responsible for this story:
To read more articles log in.