A Conceptual Model of Continuous Government Auditing Using Blockchain-Based Smart Contracts

,


Introduction
Technological advances in the assurance profession aim to improve transparency, effectiveness, and efficiency. One such technology is the blockchain, which documents transactions in units of blocks, thus continuously increasing the list of available records. The blockchain secures the solidity and irreversibility of published data and makes it almost improbable for an individual or a malicious party to manipulate the nodes that contain the blockchain's records. Numerous studies in the accounting and auditing literature have proposed and implemented this technology, emphasizing its potential to remodel the business environment. However, the extant literature has focused mainly on the private sector. It is crucial that governmental accounting organizations do not lag behind. Government auditors may use the blockchain to enhance auditing procedures because doing so will increase their investigative power, encourage new professional qualifications, and support increased transparency.
Discussions arguing for more accountability in the government, financial institutions, and industry indicate a global trend toward growing accountability across different issues (Borthick & Pennington, 2017). Investigators, officials, and researchers have called for more transparency to improve accountability measures in terms of various areas such as funding, auditing, regulatory standards, anti-corruption purposes, and versatile development assistance. Governmental authorities and researchers have tried in recent years to develop an approach for improving accountability and audit procedures (Congress, 2014;Harrison & Sayogo, 2014;Heald, 2018;Murphy, Eckersley, & Ferry, 2017;Norris & Nai, 2017;Zúñiga, 2018). They strived for methodologies that would be rigorous, systematic, and tractable in practice.
One of the earliest studies was Florini (1999), which discussed the difficulties inherent in relying on transparency to address global issues. One main problem is to restructure interagency payment systems so that wire records document the originator and beneficiary of the transaction. Another issue is controlled or personalized systems. Personalization systems display information tailored to individual users, often based on perceived preferences or past behaviors. The content is filtered to fit the user's profile, meaning that "the system can predict what will be relevant for the user, filtering out the irrelevant information, increasing relevance and importance to an individual user" (Bozdag, 2013, p. 211).
procedures (Appelbaum, Kogan, & Vasarhelyi, 2017;Vasarhelyi, Kogan, & Tuttle, 2015). Data analytics, for example, can identify realistic correlations that can be used for decision-making. There is currently increased interest in a specific emerging technology-namely, the blockchain-due to the myriad of potential applications in the business world, such as blockchain-enabled smart contracts. Smart contracts are automated contracts that are self-executing with specific instructions written into their code that are executed when certain conditions are met. This process can enable real-time monitoring of audit testing, such as confirmations and authorizations. Therefore, the blockchain, with its smart contracts, is a technology that permits the decentralized and anonymous recording of disaggregated data to a public ledger with real-time database access.
Based on the fact that seeking to innovate government transparency may be accomplished by adding systematic tools, the blockchain could assist in facilitating higher-quality audits by providing real-time auditing processes like confirmation. Transparency yields improved government auditing accuracy because it is associated with evaluating and performing substantive audit procedures related to a payment's occurrence, completeness, accuracy, authorization, cut-off, and classification. The motivation of this study is that the proposed framework has the potential to improve transparency and audit quality by providing a public blockchain system. Many studies have attempted to address the issue of how to enhance transparency in a formalized way. This study will discuss these studies and the various solutions suggested for the government sector, both in terms of design and implementation. This includes the history of the various blockchain approaches used and the issues related to information systems.
This study's approach comprises three steps. First, I describe the current government auditing practice and the core concepts and features of the blockchain. Second, I discuss the payments process used by government agencies. Third, I consider the implementation of a blockchain-based smart-contracts framework for government auditing using the government procurement process as a conceptual analysis study.

Literature Review
Innovations in accounting information systems such as continuous auditing and monitoring have enabled real-time auditing. Continuous auditing offers auditors a more successful technique for detecting anomalies and yields more relevant and reliable auditing evidence. Continuous auditing provides valuable information to management and stakeholders for decision making. Nonetheless, labor-intensive auditing has not yet adopted the real-time economy, and the state of the art in the field of assurance has lagged behind. Likewise, technology has the potential to transform the safeguarding of assets; thus, auditors must not lag behind. Utilizing continuous auditing in practice will improve audit quality by increasing efficiency (i.e., migrating from a labor-intensive auditing approach to an automated audit approach) and effectiveness because manual audit procedures are labor-intensive and time-demanding. Some originations maintain specific inactive restrictions to provide flexibility in carrying the origination transactions (Alrefai, 2019). With the introduction of real-time systems, the time required to gather auditing evidence will vary significantly, and auditors may now conduct examinations of real-time events. Blockchain-based smart-contracts technology using continuous auditing may address these concerns. This literature review is presented in two parts. The first part examines the current governmental audit challenges, and the second part presents the state of the art in implementing blockchain technology in the public sector.

Government Audits
It is crucial for the management of public resources for governing processes to be reviewed by auditors, but governmental auditors face many challenges. Governmental agencies and officials that are entrusted with public resources are responsible for preforming relevant public functions. They should offer public services in an efficient, effective, ethical, and economic manner, adhering to the contexts of statutory boundaries on specific government programs (McClure-Nelson, 2020). The primary responsibility of government auditors is to provide an opinion on financial information that is very valuable to stakeholders as it influences the overall economy. Likewise, the auditor's primary responsibility is to express an opinion on whether the governmental agencies' financial records follow identified criteria, and conduct audits. The identified criteria include government planning, budgeting, spending, and reporting. Auditors have a public duty to stakeholders to ensure that agency spending is accurate and that public resources are secure. Audits offer a fundamental level of anti-corruption activity and ensure accountability about government spending. Government auditing provides an objective form of analysis and supplies the information needed for making decisions that are essential for establishing a better future.
The tremendous amount of spending on various governmental projects with questionable oversight is a major concern of citizens. Governmental auditors are currently facing an increasing amount of complexity in financial transactions and procedures with their systems related to these transactions and procedures. Advanced technology-based systems operate on current data, and there is a demand for audit developments. Governmental audits are driven by the concept of materiality (Raman & Van Daniker, 1994) and sampling, which means that the audit includes 15% or fewer of the contracts' transactions. To illustrate this, New York City has existing contracts of $106.7 billion (Note 1) with many complicated requirements to fulfill their obligations, and they are designed based on procurement conditions. The blockchain system and the smart contracts that are based on it may enable audit procedures to be automated and increase testing to all of the contracts' transactions or nearly 90% of them. These procedures audit involve transaction-and account-level assertions such as existence, completeness, occurrence, classification, and authorization.
The continuous auditing methodology uses rules as representation for the knowledge encoded into the system (Vasarhelyi & Halper, 1991). This methodology symbolizes audits in positions of rules that express what to do or signal in various circumstances. These rules imitate the analysis of human skills in addressing a knowledge-intensive problem. It is the practice of automated methods to accomplish auditing activities in real time or near real time, which is made possible by technological development. Technological advances in the assurance profession aim to improve audit quality, effectiveness, and efficiency by overcoming labor-intensive auditing concerns and generating innovative auditing procedures. Continuous auditing performs a significant job in automating the identification of exemptions or variances, investigating patterns in the figures of numeric fields, examining controls, and analyzing trends. For example, in continuous auditing, records roll across an organization's systems, and then the records in the organization's system are continuously investigated (e.g., daily) by utilizing an established set of auditor-defined procedures. Any exceptions to the defined procedures will activate a warning to alert the auditor to any deterioration or anomaly in the business system (Vasarhelyi & Halper 1991). Many researchers have proposed utilizing continuous auditing systems to automate procedures such as addressing material errors, omissions, or fraud, which runs into a wide range of activities (Alles, Kogan, & Vasarhelyi, 2003;Alles, Brennan, Kogan, & Vasarhelyi, 2006;Chan & Vasarhelyi 2011;Chan, Chiu, & Vasarhelyi, 2018;Vasarhelyi, Alles, Kuenkaikaew, & Littley, 2012). The blockchain-based smart-contracts technology with continuous auditing is able to capture these tests in real time.
Technology has changed and improved data flows, which guides government auditors to adopt new approaches to screening and guaranteeing the trustworthiness and relevance of contract transactions on a timely basis. The government has also been improving assurance services and evidence collection. The timing of gathering and evaluating auditing evidence should be addressed, especially since auditing relates to the examination of real-time events. When an entire population of transactions is tested with smart contracts, the nature of auditing evidence becomes significantly better. By applying continuous auditing methodology smart contracts, auditors may solve the data problems, abnormal events, and control failures experienced by agencies. By utilizing an agency's continuously audited system, different contract conditions can be set on smart contracts to screen individual transactions with their controls, which will notify them if they fail. Documents are currently primarily in an electronic format that increases the availability of evidence through a smart contract. Likewise, the technology literature has improved the accuracy, speed, safety, and results of many processes.

The Use of Advanced Technology by Governments
The increased use of technology by governments has been motivated by a desire for greater transparency, and any technology-improved public services have replaced the use of traditional techniques. An essential part of this movement is having an open checkbook, or the attempt to make payments available to every citizen via the Internet. This goes beyond the regular plan for budgets and other expenditure data. There have also been substantial developments in linking current database technology practices to transparency because system controllers may choose what data to show or not show.
In recent years, various blockchain techniques have been used to automate substantive analytical procedures that depend on data availability and reliability, the investigation and evaluation of significant differences, and the documentation of substantive analytical procedures (Borthick & Pennington, 2017). Based on the existing literature, a graphical conceptual framework has been proposed for the applications of the blockchain and smart contracts to automate substantive analytical procedures (Dai & Vasarhelyi, 2017). Lemieux (2016) proposed the value of blockchain technology as a solution to producing and storing trustworthy digital records. The methodological approach includes operating the requirements embedded in records management and digital preservation standards for the Honduras land registry system because of weaknesses in the country's land registration system. The authors used blockchain technology for recordkeeping and then applied substantive automated testing. The findings of this study advise that blockchain technology could be ijbm.ccsenet.org International Journal of Business and Management Vol. 17, No. 11;2022 4 applied to address issues of information integrity. Another important outcome is that this system may enable real-time, substantive testing of the entire population of transactions in a public ledger. This could increase audit efficiency (i.e., less time is required to conduct analysis) and audit effectiveness (i.e., reduce the probability of undetected fraud and error), consequently improving overall audit quality. Nonetheless, these proposed systems have a limitation in the government domain-namely, the availability of reliable data-because most agencies do not have common data elements of financial statements and suffer from machine-readable formatting issues.
Another study provided a preliminary argument on how the blockchain could facilitate a real-time, verifiable, and transparent accounting ecosystem (Dai & Vasarhelyi, 2017). The authors simplified a triple-entry accounting information system that could help the auditors substantively test transactions in real time. In the system, every financial event will be saved as a record in the public ledger using blockchain applications, and the same event will be simultaneously recorded in a traditional double-entry system. Accounts on the public ledger would be systematized in a classified template to aggregate data at different levels, which permits the immediate equilibrium of the accounting equation and different users to oversee the data. Hashes in the public ledger would also be utilized as documentation to prove the ownership of assets. The blockchain system enables the real-time investigation of likely errors or fraud within accounting entries (e.g., repeated payments) and the automation of substantive transaction procedures using the information in the blockchain ledger. Smart contracts are also programmed with auditing processes, and a firm's rules would support testing the efficiency of the recording process by auditors. Dai and Vasarhelyi (2017) investigated a different measurement and audit assurance model employing the blockchain system and related smart contract software that would offer real-time, supportable data disclosure and automate substantive procedures.
Government auditors must use improved blockchain technology to enhance auditing procedures because it increases auditors' investigative power, encourages added professional qualifications, and supports international transparency (Li, Dai, Gershberg, & Vasarhelyi, 2018). Using the blockchain is also a sharp way to limit fraud and errors. Honduras has an agreement with a Texas-based company, Factom, to create a permanent and secure land title record system using the blockchain system (Chavez-Dreyfuss, 2015). Factom provides the service to Honduras with Epigraph, a company that uses blockchain technology. Honduras became the second government to use the blockchain, which will increase transparency. Lemieux (2016) explored the value of blockchain technology as an answer to making and protecting trustworthy digital records, presenting a number of the constraints, risks, and opportunities of the approach used for Factom's proposed solution for the Honduran land registry system. This solution is designed to create systemic records that can protect land records such as proof of land existence, land ownership transfers, and land payment confirmation. The study's results indicate that blockchain technology might be accustomed to addressing data integrity problems, specifically, electronicl transfers (Lemieux, 2016). It is difficult for stakeholders to verify the ownership transfer during and after selling stocks. For example, if Alice wants to sell her capital to Ellen, then blockchain technology could check the ownership transfer and the payment method. Stakeholders could easily verify this with a financial institution that uses blockchain technology. Kiviat (2015) showed that blockchain technology facilitates value exchanges over computer networks by checking, monitoring, and enforcing transactions without the interference of any central institution. The blockchain not only moves value, it also integrates many segments of the trading-clearingsettlement value chain in an economical, practical, and verifiable way (Kiviat, 2015).
The commercial and military context universally utilizes cloud computing to maintain data storage. Cloud computing environments are shared with various sophisticated software and hardware implemented by vendors, possibly including the risks of vulnerability and incompatibility. Cloud auditing can only be efficient if all reliable and relevant data processes can be traced, so auditors must test the internal controls of cloud computing by determining the history of a data product. Another study developed ProvChain, a blockchain data system used to assure data processes in a cloud storage application while improving real-time availability (Liang et al., 2017). ProvChain provides real-time auditing for all data in cloud storage, and ProvChain also collects and monitors all of the data. ProvChain has a list of blockchain transactions that will be employed to create a block, and the block must be verified by a set of nodes that are saved in the blockchain. Because the blockchain uses the theory of cryptography concept, it is almost impossible to alter data in a blockchain system.
In 2015, Kaspersky Lab discovered an extensive cyberattack on over 100 financial firms that embezzled money from account balances valued at approximately $1 billion (Note 2) (Gaetani et al., 2017). Blockchain technology can prevent two particular characteristics of malicious online activity: double-spending and record hacking (Xu, 2016). Double-spending occurs if you perform more than one payment utilizing one form of funds such as Bitcoin because in the mining process, the blockchain catches this issue by asking miner nodes to solve a puzzling mathematical problem to confirm the transaction. Records in the ledger are adjusted, or an individual ijbm.ccsenet.org International Journal of Business and Management Vol. 17, No. 11;2022 inserts fraudulent transactions into the ledger. The blockchain secures the solidity and irreversibility of published business events and makes it almost improbable for an individual or a malicious party to manipulate the nodes that contain the blockchain's business events and records (Dai, 2017).

The Challenges of U.S. Government Auditing
There are many vital challenges for government auditing in the United States (Center, 2019;Harrell & Barbacci, 2017;Heald, 2018;McClure-Nelson, 2020). In terms of financial audits, government agencies' complexity and the scope of financial transactions are significantly enhanced. The wide range of government services and their scope has significantly evolved along with different regulations that may be verified. If these services and their records are audited, the auditor must collect records from data sources and structures upon request. In this context, current governmental transaction data is one such domain of complexity.
Another issue is the complexity of financial transactions. Governmental financial transactions come in varied forms from simple credits and debits to more complex forms like deferred payments, advanced credit term-based receivables/payables, and internal processes. The current data structure used by government agencies has an enormous scope of complexity for financial transactions and complicated internal systems.
The range, scope, number, and financial value of the projects and programs undertaken by the U.S. government have increased. In this context, a case in point was the public healthcare system's highly complex and broad scope. All of these projects and programs require internal auditing and suitable systems. The core assets of planning, undertaking, and delivering these complex and significant internal audits are qualified, competent, and experienced personnel with an adequate skillset. In contrast to the expansion and growth of the projects and programs undertaken by the U.S. government, there is a deficit of available government auditors. This shortage in the availability of government auditors represents a significant challenge.
A government program, project, or entity, on account of its contractual obligations, entails operations and systems that involve participation and collaboration with wide-ranging external and internal bodies including other government departments and entities, the Internal Revenue Service, external suppliers and vendors, and third parties like banks, financial institutions, carriers, and other bodies. A significant advancement that has occurred over the past decade is the prevalence and almost ubiquitous nature of digitization in all aspects of government operations-transactions, communications, documentary records, and legal documents. While digitization is essential for efficient and effective operations, it also poses specific challenges from the auditing perspective in terms of data integrity. Various digital records and transactions have the potential of being amended or changed either intentionally (due to fraudulent or ulterior motives) or unintentionally (due to human or other error), and the exact cause of data integrity therein represents a key auditing challenge.

Motivation and Contributions
The motivation of this study is that with the large number of records being created daily, government auditors are facing more critical approaches to identify and investigate anomalies or cover significant government contracts. Government agencies can benefit from this blockchain-based smart-contract system using continuous auditing to prevent or eliminate corruption. For example, auditors set rules to detect atypical events in the data, such as fraud, that enable anomaly detection to be performed in real time. After the passage of the Digital Accountability and Transparency Act in 2014, a system was required to audit many complicated contract tasks such as spending, planning, and cash management and to analyze data for tracing expenditures and assurance purposes with different data structures from various sources. Continuous auditing is initially observed as a methodology to automate transaction testing. Blockchain-based smart contracts, like Hyperledger Fabric, are the most natural tool for applying continuous auditing methodology to audit government procurement conditions. Blockchain-based smart-contracts technology with continuous auditing can implement different tests on the entire population of agencies' transactions and their procurement conditions on a real-time basis.
Currently, governmental auditors are facing increasing complexity in financial transactions and procedures and in the systems related to these transactions and procedures. The blockchain system and its smart contracts can automate auditing procedures and improve accountability. This includes establishing a real-time, verifiable, and transparent accounting ecosystem. Many studies have proposed different useful blockchain applications and smart contracts to implement different assertions of balances and transactions. The most unique approach was suggested by Dai and Vasarhelyi (2017) because their model enables the automation of testing auditing assertions such as existence, completeness, occurrence, valuation, classification, rights and obligations, and cut-off.
The contributions of this study are threefold. First, it is one of the first studies proposing blockchain technologies ijbm.ccsenet.org International Journal of Business and Management Vol. 17, No. 11;2022 6 aimed toward governmental auditing. The second contribution is devolving a conceptual model for auditing contracts in the domain of the accounting and auditing literature. Third, it demonstrates the process of testing the proposed framework using contract data and transactions. These contributions are discussed in detail in Section 5.

Methodology and Discussion
Governmental agencies require services and goods to provide public services, and these goods and services are usually requested through procurement. Many parties are involved in procurement and payment processes including financial institutions, sellers, agencies, cities, states, and auditors. Procurement and payment processes have different systems that include stakeholders. A procurement starts with a request for services or goods made to the public, and then different suppliers send quotes. After the relevant agency reviews these offers and ensures that they satisfy their requirements, the state will decide who meets the obligations at the lowest price and award the procurement to them. This framework consists of three routines: processes for purchases of goods and services, payments processes, and blockchain processes.

Framework
The proposed framework automates government contract audits using smart contracts that continuously enforce a contract's events and flag any violations. Therefore, the system blocks and alerts any events that do not meet the identified rules rather than relying on an after-the-fact response. The system can also automate contracts and enable real-time controls to conduct a systematic government project audit. The following illustration of the proposed framework uses a governmental direct purchase procurement process, but it can be implemented for other governmental auditing events. The framework consists of three stages that are as follows:

Process for Purchasing of Goods or Services
The procurement process, which is depicted in Figure 1, has seven steps: tender opportunity, qualification, invitation, bidding, presentation, selection, and contracting. In this stage, identifying tender opportunities is an internal state or city process that occurs when a city or state agency or department requests an order. The state will examine the request and qualify them based on state budgeting and planning. After the agency sets up their order's requirements, they will invite sellers. Selecting the bidders is another process in which some sellers are not qualified or have an unqualified reputation. After the agency announces their tenders, the invited sellers will bid. After the seller presents its goods or services, the state will select the lowest price with the highest quality. The state or agency will create a contract with all of the requirements and the time frame for meeting obligations.
After the seller provides the goods or service, the agency will process the payment. The payment goes through different stages: invoice submission, bill recognition, invoice processing, crediting the amount from the state or city, invoice completion, and lastly, payment. The second component, processing data, automatically applies the actual process flows of procurement from activity logs to the baseline model established in the framework's first step in creating the smart contract. Then, the nonfinancial data (i.e., supplier name, conditions, etc.) will be stored on the public blockchain. When delivering the goods or services, the controller will confirm its receipt and then the blockchain will automatically store the receipt and invoices issued. After the state or agency completes the invoicing process, the blockchain confirms if the invoice meets the procurement conditions with a smart contact. Subsequently, if the procurement conditions are satisfied, the blockchain will store the financial data or if not, the violation. The goal is to distinguish between recording violations and recording activities. For example, some transactions can be completed, even if they are for different orders. Therefore, some rules must be established to classify deviations from the process as either an acceptable deviation or a violation. Figure 2. Auditing process using blockchain-based smart contracts

Payment Process
The third component, active enforcement, ensures that regular payments comply with prescribed process flows, as shown in Figure 2. Therefore, no payment would go through the system if it violated of any of the rules put in place by controllers. In this step, the controller verifies the imposing constraints on payment activities at execution. Therefore, if an event violates a specific control, the system will block the implementation of further activities in the payment. However, if there is an override for a specific violating event, which could be allowed by the controllers, then the blockchain would not permit the payment to proceed and would record the violation in an activity log maintained for auditing purposes.

Discussion
As presented, governmental auditing is an assurance service designed to add value to improve the operations of a governmental body and protect public resources. This assurance service accomplishes its objectives by bringing a disciplined and systematic approach for improving and evaluating the overall effectiveness of risk management, controls, and governance processes. The current system is significantly challenged in the United States. These challenges are related to corruption control, how technology may enhance government auditing, and how government auditing lags behind prevailing practices in public auditing.
In its purest form, blockchain-based smart contracts are described as enhanced lists of records that encompass cryptography. Each time a transaction occurs between connected parties, a data block shall be created and stored, after the transaction is confirmed (Dai, He, & Yu, 2019). All data blocks shall be connected to the one before it and the one after it. This chain of record blocks enables the irreversibility functionality of blockchain technology. Since no blocks are allowed to be created or inserted between previously created data blocks, this enables a secure form of data storage and safeguards the same against hacker attacks. This blockchain technology could be employed to safeguard critical data within government audits and generate irreversible transactions through the auditing process. The functions of a smart contract can be the assessment of data integrity on a real-time basis while a transaction is being executed. The entire auditing process is appropriately controlled and defines the various critical data that must be gathered, stored, and retrieved (Simoyama, Grigg, Bueno, & Oliveira, 2017). Government agencies must fulfill their original mission while responsibly controlling their resources and records.
Considering government auditors who investigate billion dollar projects with low budgets, blockchain-based smart contracts represent a much needed technology. Within an optimal context, the solutions of this technology may decrease redundancy, streamline processes, decrease audit burdens, increase security, and improve data integrity (Ølnes, Ubacht, & Janssen, 2017). With the evolution of blockchain-based smart contracts, the implementation of this system will increase data control, security, trust, and efficiency (Ayoade, Karande, Khan, & Hamlen, 2018).

Conclusion and Future Work
This study discusses how applying the blockchain to governmental audits has the potential to provide governmental auditors with a higher level of transparency and accountability. Furthermore, this study argues that this technology, coupled with the application of smart contracts for the government procurement cycle, may enable real-time, continuous auditing through integrated data. In addition, this study reviews influential papers on the blockchain and its recent application in the government sector. The first component of the methodology is to process procurement conditions and prices using smart contracts on the blockchain because smart contracts can enforce certain rules and conditions that are very important in government auditing. This step automatically applies the actual process flows from procurement to create smart contracts. The second component of the methodology is to ensure that regular payments comply with the conditions of the smart contracts.
Future research may extend this study by exploring the possibility of generalizing this model and applying it to other types of assurance services. A possible future work would be to investigate whether the elements of the blockchain can be broken down to the table level in an information system so that monitoring can be done automatically as a preventative measure. For example, a script could be written to extract the necessary data from a database on a continuous basis (i.e., daily) that could then be fed into the blockchain to audit and flag any violations. Therefore, instead of relying on "after-the-fact" techniques, this system would flag any transaction that does not conform to the approved model for that payment process. This idea is a combination of Alles et al.'s (2006) pilot implementation of a continuous control monitoring system and process mining, but it requires further study to determine its viability.