IARM

Internal Audit in Decentralized Finance

Group 4

Himanshu Singla - 200101184

Ria Gupta - 200101120
Pranav Khaneja - 200101108
Aditya Shukla - 200101181
Soumyadeep Roy Muhury - 200101147
 WHAT IS DEFI?
Banking risk management has become one of the most significant issues for bankers around the world, especially since the
financial and banking crises. Business organisations are moving to develop effective structures, processes, and reengineering their
operations to add some accountability. Internal audit's role is to identify, measure, and disclose these risks in such a way that users
of financial statements can judge the bank's effectiveness in managing and controlling risks.

Decentralized finance, or 'DeFi,' is a new digital financial infrastructure that eliminates the need for financial transactions to be
approved by a central bank or government agency. Two or more parties can swap, lend, borrow, and trade directly using.
blockchain technology and smart contracts using decentralised apps, or dApps, without the involvement or costs of a middleman.
In theory, it's a fair, free, and open digital marketplace.

Despite the fact that the DeFi business is still small, it is worth investigating for a variety of reasons, including the risk of
spillovers into the real economy.
DECENTRALIZATION'S POTENTIAL ADVANTAGES

BLOCKCHAIN-BASED –

• DLTs provide efficiency in the form of faster, cheaper, and frictionless value transmission.
• Process automation, a user-to-smart-contract model, and atomic transactions
• Increased transparency and record-keeping integrity
• Interoperability and composability are possible.

FULLY DECENTRALISED –

• There is no need for centralised trusted intermediates.

• Potential systemic benefits (risks associated with traditional financial intermediaries) 
• Reduces service provider concentration and enhances variety
• The absence of a single point of failure or assault could improve system resilience.

COMMUNITY-DRIVEN –

• Open-source code encourages creativity.

• Democratization of financial services provision 
• Significant network effects possible
 A PLETHORA OF POSSIBLE DANGERS

Investor and consumer

protection are two Lack of AML/KYC and Compliance and Risks to the entire
Governance
issues that need to be anonymity Regulatory system
addressed.
• Investor protection • DeFi systems simply • Services/products that • Accountability is • Feedback loops between
protections are lacking require a wallet aren't compliant difficult to assign in crypto-asset values and
(e.g., no recourse, connection, and certain • Absence of a single governance. collateral pledged in
recovery, or resolution). wallets do not require point of regulatory and • A lack of investment in DeFi, pro-cyclicality
• Extreme volatility, risk KYC/AML procedures supervisory access the game • Leverage and huge
of capital loss, and no for account opening. • With no established liquidations pose a
risk disclosure jurisdiction or physical credit risk due to
• For the ordinary user, location for their collateralisation and
it's difficult to grasp operations, they have a volatility.
(e.g. automated global reach. • The traditional financial
liquidation) system is becoming
increasingly integrated.
• Putting too much faith
in one or two providers
or protocols (ETH)
 Audit in Decentralized
Audit in Centralized finance
finance

What is their purpose? Changes from conventional audit in centralized

•
•
Ensures efficiency standards are met across all departments
Ensures the company is ethical and responsible to other economic entities
• Reporting to Board of directors
• Investigate the financial position at all levels
• Ensure corporate governance rules are followed
finance
• Information access is easier because of near realtime data access
• Pre Audit activities can be eliminated
• Lag time between transaction and verification dates can be reduced
• Smart contracts implementation and monitoring
• Can act as an arbitrator between parties
 Problem of
Overdependenc Unauthorized
Difficulty in illicit activities
e on smart use of admin
traceability & Non-
contracts keys
compliance

Challenges in Internal Audit in DeFi going

forward

Control Environment:
.DeFi ensures better control
environment as the human
intervention is drastically
reduced but the issue of
integrity and ethics would
still be there.
COSO FRAMEWORK
Risk Assessment:
Better Risk assessment with
DeFi as the extant risks are
eliminated but newer risks
such as cybersecurity risks
emerge
Control Activities:
Robust control activities but
the issue would be the
accountability of decisions
Information & Monitoring Activities:
Communication: Regular monitoring will
DeFi supports greater change the way internal audit
visibility of transactions and is carried out
data availability
THANK YOU