How to Build a Digital Assets Policy for Your Finance Function

Why a Formal Policy Matters

Without a clear policy, finance functions face: inconsistent accounting treatment leading to misstatements and audit complications; AML exposure for firms without documented procedures for crypto client due diligence; governance failures where ad hoc decisions on crypto payments or holdings bypass board-level oversight; and training gaps where staff make incorrect accounting or tax decisions.

Step 1: Define Policy Scope

Specify which assets are in scope: cryptocurrencies (as investment holdings and transaction mediums); stablecoins including fiat-backed and algorithmic (MiCA introduces specific requirements for EU-facing stablecoins); NFTs (particularly relevant for media, entertainment, and technology businesses); tokenised assets; client holdings (for accounting firms, define how the policy applies when the asset belongs to a client rather than the firm); DeFi exposure (staking, lending, liquidity provision).

Step 2: Establish Accounting Treatment Decisions

Document: Classification — specify whether digital assets will be classified as intangible assets (IAS 38 / FRS 102 Section 18) or inventory (IAS 2 / FRS 102 Section 13), with rationale. Measurement model — cost model or revaluation model (the latter requires an active market — document the basis for this judgment). Pricing source — specify the data source for fair value determination at reporting dates and the time (e.g. midnight UTC closing price on a specified major exchange). Impairment approach — set out the impairment assessment process and frequency. Review these decisions annually and update when relevant accounting standards change.

Step 3: AML Controls

If your firm has clients who hold or transact in digital assets, your AML policy must address crypto-specific risks. The policy should cover: how crypto exposure is assessed in client risk ratings; minimum CDD for clients with digital asset activity; EDD triggers (use of privacy coins, unregulated exchanges, high-volume transactions without clear purpose); a documented list of crypto-specific red flags for staff; a clear process for escalating and filing SARs; how crypto clients are monitored on an ongoing basis.

Step 4: Staff Training Requirements

Define: minimum CPD requirements for staff who handle digital asset transactions or advise clients with crypto; the training topics that must be covered (accounting treatment, AML, MiCA, tax); frequency of refresher training (annual minimum given the pace of regulatory change); and how training completion is evidenced and recorded. Linking to specific training programmes — such as Learnsignal's digital assets CPD courses — in the policy itself makes it actionable.

Step 5: Governance and Sign-Off

Specify: the policy owner (typically the CFO or Head of Finance); approval authority (board approval is appropriate for organisations with material digital asset exposure); review frequency (annual minimum; six-monthly reviews are prudent for organisations with significant digital asset activity); the escalation process for novel transactions not covered by the policy; and how the digital assets policy interacts with the AML policy, investment policy, and treasury policy.

Policy Checklist

1. Scope definition — which assets are covered
2. Accounting classification and measurement basis
3. Pricing and valuation methodology
4. Impairment assessment process
5. Balance sheet and disclosure requirements
6. AML risk assessment and CDD/EDD requirements
7. Crypto-specific red flags and SAR procedure
8. Staff training requirements and evidencing
9. Governance structure, approval, and review frequency
10. Interaction with related policies

Frequently Asked Questions

Does my organisation need a digital assets policy if we don't hold any crypto?

If your clients hold crypto, or if there is a realistic possibility that your organisation may receive, hold, or transact in digital assets in the near future, having a policy in place before the need arises is prudent risk management. For accounting firms, AML obligations extend to clients' digital assets regardless of whether the firm itself holds any.

Who should own the digital assets policy?

Typically the CFO or equivalent finance leader, with input from legal, compliance, and (where relevant) the MLRO. Board approval is appropriate where digital asset exposure is material to the organisation.

How often should we review our digital assets policy?

Annual review is a minimum. Given the pace of regulatory change — MiCA implementation, IASB standard development, FCA registration requirements — six-monthly reviews are prudent for organisations with significant digital asset activity.

Upskill your finance team with Learnsignal digital assets CPD