Proof of Reserves vs a Financial-Statement Audit

After several exchange failures, "we have proof of reserves" became a trust signal. It is a useful one — and routinely overstated. A PoR report is not an audit, does not prove solvency, and often carries no assurance at all. This guide is the scope gap, the limitations, and how to use each correctly.

TL;DR

• PoR ≠ audit. PoR is limited-scope, point-in-time: on-chain assets vs customer liabilities. An audit is a comprehensive examination ending in an opinion.
• PoR often provides no assurance and can be issued by non-registered firms or third parties.
• PoR generally excludes off-chain liabilities, debts, related-party obligations, controls — so it is not a solvency proof.
• Limitations: point-in-time (borrow-for-the-snapshot risk), no universal standard (Merkle-tree variants), firm expertise/independence.
• Regulators (e.g. the SEC investor caution) warn against treating alternatives to audits as equivalent.
• They are complementary: audit = foundation; PoR = customer-facing transparency on custodied assets.

What proof of reserves actually is

PoR is a procedure that takes a snapshot of on-chain assets an entity controls and compares it against a representation of customer liabilities — usually via a Merkle-tree commitment so an individual user can verify their balance is included. That is its entire scope: inclusion and a point-in-time asset position.

It typically does not cover:

• off-chain liabilities, loans, or related-party obligations;
• the entity's internal controls or governance;
• the completeness of the liability set;
• the overall financial position of the company.

So a clean PoR does not establish that the entity is solvent on a full-balance-sheet basis. It establishes a much narrower thing.

What a financial-statement audit is

A financial-statement audit is a comprehensive examination of the financial statements by a registered accounting firm under professional standards, resulting in an opinion. It addresses assertions across the whole entity — existence, completeness, rights and obligations, valuation, presentation — including liabilities and going concern. It can only be performed by a registered firm. A PoR/valuation/calculation report, by contrast, may be provided by a registered firm, an unregistered firm, or another third party, and often provides no assurance as to the reliability of the information.

The limitations to state plainly

This is why the SEC has cautioned investors that alternatives to financial-statement audits — including reserve/calculation reports — are not equivalent and should be treated with care.

Use both, and be precise

The right posture is not "PoR or audit" but both, accurately labelled:

• Financial-statement audit — the foundation for regulatory credibility and a complete view of the entity.
• Proof of reserves — a customer-facing transparency layer for custodied assets, between audit periods.

The failure mode is using PoR as a substitute for an audit, or describing a no-assurance PoR as if it were an opinion. Precision about what each report assures is itself a trust signal (see crypto audit readiness and auditing crypto existence and ownership).

Practical guidance

1. Never present PoR as an audit — state its scope and assurance level explicitly.
2. Read the engagement wording — "no assurance" means no assurance.
3. Check who performed it — registered firm vs third party changes its weight.
4. Treat PoR as point-in-time — pair it with frequency and with an audit for the full picture.
5. Maintain full books for the audit regardless — PoR does not reduce that obligation.
6. Disclose liabilities separately — PoR does not cover them.

How vendor tools support reserves and audit data

Cryptio and Ledgible maintain the wallet inventory, balances, and reconciled ledger that both a reserves exercise and a financial-statement audit draw on. Confirm the tool produces an auditable, complete wallet set with a reconciled ledger — PoR and audit are only as good as the completeness of the underlying records, which is the part a tool should guarantee.

How Wag3s helps

Wag3s Ledger keeps a complete, reconciled multi-chain wallet inventory and ledger — the substrate a financial-statement audit tests and a reserves exercise samples — so the company can support both correctly and describe each accurately rather than conflating them. See the Ledger product page and the Wag3s for accountants page.

Further reading

• Crypto Audit Readiness
• Auditing Crypto Existence and Ownership
• Auditing Crypto Fair Value
• The FEC for Crypto in France
• Crypto Audit Trail and Piste d'Audit Fiable
• Multi-Chain Reconciliation

Sources

• Scope/assurance distinction between proof-of-reserves procedures and financial-statement audits (limited-scope, point-in-time, often no assurance; audit only by a registered firm)
• SEC — Investor Bulletin cautioning that alternatives to financial-statement audits in crypto markets are not equivalent — investor.gov
• Proof-of-reserves limitations: point-in-time snapshot, off-chain liabilities excluded, no universal Merkle-tree standard, firm expertise/independence