Holistic services for companies, investors and regulators on financial or non-financial data.
What is Business Assurance?
Assurance services for services related to third parties, (companies, investors and regulators) on financial or non-financial data, including online gaming, hospitality, small and medium enterprises, blockchain, algorithms and emerging external reporting.
As your ‘preferred professional advisor’ and strategic partner, we
will have an in-depth knowledge in your activities and the sector in
which you operate, and will place at your disposal a team of subject
matter experts, built on a core of local and internationally based
individuals with in-depth technical skills and industry knowledge.
Business assurance services can include one or more of the following:
As your organisation begins to embark on a journey to develop and mature blockchain-related applications, it is important to consider and develop a risk mitigation strategy for underlying risks. Through our Blockchain assurance services we can help you address financial, technology, operational and regulatory risks related to blockchain and the crypto space. We position our self as a trusted, unbiased third party that can perform these assurance functions to allay concerns of public, partners, and stakeholders.
Systems Audit Type I & II in line with Virtual Financial Assets Act (VFA) & Innovative Technology Arrangements and Services Act (ITAs) based upon the ISAE3000 framework.
Technical assurance - Agreed upon procedures
• Smart contract review
Assessment of the smart contract source code to etermine whether the code is robust, resistant to commonly known vulnerabilities and implements exclusively the actions/properties that it was designed for.
Key management review
Assessment of the security aspects around the cryptographic solutions and public/private key management in use by the entity.
Comprehensive analysis of transactions In/Out of Wallets to provide assurance that the funds are utilised as expected and of the rate in use when exchanged for FIAT or other cryptos. Conventional cryptos are monitored and traced using public sources or independent Deloitte nodes.
• Proof of ownership
A method that uses public and private key technology that confirms the ownership/control of electronic wallets and the stored virtual financial assets at a specific moment in time.
• Proof of origin (source of wealth)
For each provided address wallet, we will verify that the transactions in relation of acquisition/holding of crypto assets positions with FIAT currency is consistent with supporting evidence. All the above listed Agreed Upon Procedure (AuP) engagements will be conducted in line with the requirements of ISRS 4400 (International Standard on Related Services 4400).
Information security governance
Successful information security governance is a continuous process of learning, revising and adapting. The goal for all companies should be to deliver information security and to reduce adverse impacts and risks to an acceptable level.
Our assurance professionals can assist in the implementation of a strategic information security governance plan to improve the organisation’s security posture while protecting valuable information. Deloitte’s framework is the result of a comprehensive research and amalgamation of NSIT, SANS and ISO 27001 best practices.
IT control assurance
Assess and report on the performance of IT controls across the organisation’s high risk systems at application, database and network layers. The main objective of our service offering is to assist clients in optimising control activities, organisational strategy, and policies and procedures. Our team helps organisations navigate the increasingly complex reporting environments by improving internal controls and increasing confidence in the quality of information produced by their technology systems.
Corporate reporting transformation and assurance
Assurance services to support our clients in efreshing their external corporate reports, ensuring their financial and non-financial key-performance indicators reported are aligned with strategy and providing assurance on financial and non-financial metrics and processes (ISAE 3000). Also includes assurance services related to corporate reporting of sustainability or environmental, social and governance (ESG) information.
Assurance services focused on algorithms that include: third party review of codes to identify risks within algorithms, advanced analytics on algorithm performance under Business As Usual (BAU) or simulated stress tests. Algorithm assurance also includes end-to-end process reviews of current manual processes to identify where tools such as robotic process automation and other cognitive technologies can be recommended.
Other assurance services
Assurance services (beyond the specific business assurance offerings) to express a conclusion designed to enhance the degree of confidence of the intended users about the outcome of the evaluation or measurement of a subject matter against criteria i.e. less in scope than procedures performed in an audit and do not result in an audit opinion being issued. The outcome of the evaluation or measurement of a subject matter is the information that results from applying the criteria (e.g. MGA Systems and Compliance Audits PSD2).