Japan crypto audit-firm landscape — Big4 + Grant Thornton Taiyo + BDO Sanyu crypto-practice comparison
On this page
- Wiki route
- Overview
- Big 4 audit-firm crypto practices
- Deloitte Touche Tohmatsu LLC(有限責任監査法人トーマツ)
- EY ShinNihon LLC(EY 新日本有限責任監査法人)
- KPMG AZSA LLC(有限責任 あずさ監査法人)
- PwC Aarata LLC(PwC あらた有限責任監査法人)
- Mid-tier firms(Tier 2)
- Issues specific to Web3 / token issuers
- The three pillars: VASP audit + legal advice + forensics
- Related
- Sources
Wiki route
This entry sits under exchanges index. Read it against Domestic VASP security / audit / ISMS certification landscape for peer / contrast context and FSA crypto-asset exchange registration system — number system / Local Finance Bureau jurisdiction / registration requirements for the broader system / regulatory boundary.
Overview
FSA-registered VASPs are, under the Payment Services Act + Cabinet Office Ordinance, obligated to receive each fiscal year a financial-statement audit and a segregated-management audit(assurance over the separate custody of customer assets and own assets)from a CPA or an audit firm. JICPA Industry Committee Practical Guideline No. 第 61 号(audits of crypto-asset-related operators) is applied as guidance. The Big 4 (DT Tohmatsu / EY ShinNihon / KPMG AZSA / PwC Japan)and the mid-tier firms(Grant Thornton Taiyo / BDO Sanyu)divide the market, with small and mid-sized audit firms also entering for Web3 startups. Since the Coincheck NEM outflow incident(2018-01), audit quality and segregated-management governance have grown stricter.
Big 4 audit-firm crypto practices
Deloitte Touche Tohmatsu LLC(有限責任監査法人トーマツ)
- Crypto / digital-asset specialist organization: established a “Blockchain & Crypto-Asset Advisory” group
- Target clients: numerous bitFlyer-affiliated / major-VASP audit engagements(on a public basis)
- Strength: a well-developed methodology for segregated-management audits; involved in drafting JICPA Practical Guideline No. 第 61 号
- Additional services: Travel-Rule-compliance consulting(related to Domestic VASP Act on Prevention of Transfer of Criminal Proceeds + FATF Travel Rule Domestic Implementation (2023-)), tax(Deloitte Tohmatsu Tax Co.), risk consulting
EY ShinNihon LLC(EY 新日本有限責任監査法人)
- Crypto practice: “Financial Services Office, Crypto-Asset Team”
- Strength: transfer of audit know-how for overseas VASPs / stablecoin issuers via the global EY network
- Targets: major VASPs / stablecoin issuers / token issuers
- Additional: IFRS crypto-asset accounting advice, Web3 IPO-preparation support
KPMG AZSA LLC(有限責任 あずさ監査法人)
- Crypto practice: “KPMG Japan Digital Assets” group
- Targets: major VASPs / regional-bank-affiliated crypto-asset-related companies
- Strength: integrated audit of internal control(J-SOX)+ crypto-custody controls, SOC2 / ISMS preparation support
- Additional: advice on CEX × Japanese bank unsecured-credit track-record map(business expertise across both financial institutions and crypto assets)
PwC Aarata LLC(PwC あらた有限責任監査法人)
- Crypto practice: “FinTech & Crypto-Asset” team
- Strength: PwC’s global “Time for trust” crypto-asset framework, Web3 strategy consulting
- Targets: a combination of Web3 startups + major VASPs
- Additional: NFT / DAO legal-tax advice, tokenomics-design support
Mid-tier firms(Tier 2)
- Grant Thornton Taiyo LLC(太陽有限責任監査法人) — strength in financial-statement audits / segregated-management audits of mid-sized VASPs. Handles cross-border crypto-asset engagements via the Grant Thornton global network
- BDO Sanyu & Co.(BDO 三優監査法人) — the Japan base of the BDO global network. Audits for mid-sized VASPs / Web3 startups
- PwC Kyoto LLC / EY and other Kansai bases — for VASPs headquartered in the Kansai region
Issues specific to Web3 / token issuers
Audit issues differ greatly between VASP audits and Web3 token issuers:
- Valuation of held crypto assets — year-end fair-value measurement under Article 61 of the Corporation Tax Act(the 2024 revision excluded self-issued + third-party-held tokens)
- Segregated-management assurance — cold wallets / multisig / custodian separation(the choice of Ginco / Komainu / Fireblocks Japan directly bears on audit issues)
- Completeness verification of trading volume / balances — reconciliation procedures between on-chain transactions and the books
- Travel-Rule compliance — verification of the existence of KYC / customer-due-diligence evidence trails
- Recognition timing of gas fees / staking rewards — differences between IFRS / Japanese standards
- Accounting recognition of NFTs / tokens — classification judgment among inventory / intangible fixed assets / crypto assets
The three pillars: VASP audit + legal advice + forensics
The compliance regime of a domestic VASP is supported by the following three layers:
- Accounting audit: the audit firms on this page
- Legal advice: Domestic crypto law-firm landscape — Anderson Mori / Nishimura & Asahi / Mori Hamada / TMI / BCLP comparison
- Forensics / transaction monitoring: Global crypto-asset forensics-vendor layer — Chainalysis / Elliptic / TRM / Crystal comparison
These 3 layers × JVCEA: Overview of the Self-Regulatory Framework + JCBA — Japan Crypto-asset Business Association + FSA crypto-asset exchange registration system — number system / Local Finance Bureau jurisdiction / registration requirements constitute the full picture of domestic VASP compliance.
Related
- jp-vasp-security-audit-certification — VASP security audit / certification
- japan-crypto-law-firm-landscape — law-firm landscape
- global-crypto-forensics-vendor-layer — forensics vendors
- jp-crypto-asset-taxation-detailed — crypto-asset taxation detail
- jvcea-self-regulatory-overview — JVCEA self-regulation
- jp-vasp-parent-company-map — VASP parent-company map
- japan-financial-regulation — upper-level financial regulation
Sources
- Deloitte Tohmatsu crypto assets: https://www.deloitte.com/jp/ja/services/audit-assurance/perspectives/digital-asset.html
- Deloitte blockchain GRC: https://www2.deloitte.com/jp/ja/pages/risk/articles/grc/crypto-assets.html
- PwC Japan crypto assets: https://www.pwc.com/jp/ja/issues/crypto-asset.html
- KPMG AZSA crypto assets: https://kpmg.com/jp/ja/home/services/audit/financial-services/crypto-assets-blockchain.html
- EY ShinNihon crypto assets: https://www.shinnihon.or.jp/services/financial-services/crypto-assets/
- Grant Thornton Taiyo official: https://www.grantthornton.jp/
- BDO Sanyu & Co.: https://www.bdo.or.jp/
- JICPA Industry Committee Practical Guideline No. 第 61 号(public)
Discovery
Keep reading
Read next
- Japan stablecoin issuer regulatory classification matrix — Electronic Payment Instruments business / trust type / bank-issued type / funds-transfer-operator type / prepaid-payment-instrument boundary Japan's yen-denominated and USD-denominated stablecoins (explicitly defined as "electronic payment instruments" under the 2023-06 amended Payment Services Act) divide into 5 regulatory categ... exchanges/japan-stablecoin-issuer-regulatory-classification-matrix
- Japan VASP business-model competitive matrix — comparison of 39 社's business segments / revenue structures / differentiation axes Japan's FSA-registered crypto-asset exchange service providers (VASPs) number approximately 27-39 社 as of 2026-05 (JVCEA membership categories + cumulative count including electronic-payment... exchanges/japan-vasp-business-model-competitive-matrix
- Domestic CEX × deposit tokens / EPI integration strategy — DCJPY / Progmat / JPYC collaboration This entry sits under exchanges index. Read it against グローバル CEX top 10 ランキング比較 (2025-2026) for peer / contrast context and FSA 暗号資産交換業登録制度 — 番号体系・財務局管轄・登録要件 for the broader system / regulat... exchanges/jp-cex-deposit-token-stablecoin-integration
Links here
- Domestic crypto law-firm landscape — Anderson Mori / Nishimura & Asahi / Mori Hamada / TMI / BCLP comparison This entry sits under exchanges index. Read it against 国内クリプト監査法人ランドスケープ for peer / contrast context and FSA 暗号資産交換業登録制度 for the broader system / regulatory boundary. exchanges/japan-crypto-law-firm-landscape
- JCBA — Japan Crypto-asset Business Association This entry sits under exchanges index. Read it against JVCEA — Japan Virtual and Crypto Assets Exchange Association self-regulatory system for peer / contrast context and FSA crypto-asset ex... exchanges/jcba-japan-crypto-business-association
- Domestic-facing Staking-as-a-Service (StaaS) operator layer This entry sits under exchanges index. Read it against 国内機関カストディ三本柱 for peer / contrast context and JVCEA 自主規制 for the broader system / regulatory boundary. exchanges/jp-crypto-staking-as-a-service-operators
- Domestic crypto-asset tax-software vendor layer (Cryptact / Gtax / CryptoLinc / Coinly, etc.) This entry sits under exchanges index. Read it against 国内暗号資産税制詳細 for peer / contrast context and FSA 暗号資産交換業登録制度 for the broader system / regulatory boundary. exchanges/jp-crypto-tax-software-vendor-layer
- BDO Sanyu Audit Corporation (BDO Sanyu) This entry sits under financial-regulators INDEX. Read it alongside 太陽グラントソントン for peer mid-tier audit context, and EY 新日本・トーマツ for the Big 4 comparison; 金融ライセンス INDEX for the Certified Publ... financial-regulators/bdo-sanyu