By Tommy Tietze, CEO of ArrowTrade AG

Most companies think about crypto too late.

They first ask whether Bitcoin, Ethereum or stablecoins could make sense for treasury. Then they ask which exchange to use. Then someone opens a spreadsheet, models a few price scenarios and calls it a strategy.

That is not enough.

For a company, crypto is not just an asset you buy. It becomes part of the accounting process, the control environment, the custody setup, the audit file and the board discussion. If the company also trades actively, the topic becomes even more operational because every transaction needs a clean record, a valuation method and a documented reason for existing.

A private investor can make a messy decision and live with it.

A company cannot.

This article is written for founders, CEOs, CFOs and finance teams who are thinking about crypto exposure from a business perspective. Not as hype. Not as a press release. As an operational treasury and reporting question.

Why crypto in a company is different

A private person can buy BTC, hold it and check the price once in a while.

A company needs to answer different questions.

Who approved the purchase?

Which entity owns the asset?

Where is the asset held?

Who controls the keys or the exchange access?

How is the asset valued at month-end?

What happens if the market drops before reporting date?

How does the auditor verify existence?

How does management explain the risk to shareholders, lenders or investors?

Those questions change the whole discussion.

Crypto exposure in a company is not only a market decision. It touches governance, accounting, tax, custody, internal controls and reporting. That does not mean companies should avoid it. It means the setup must be designed before capital moves.

This is also where many crypto conversations become too simplistic.

“Should we buy Bitcoin?” is not the first question.

A better first question is whether the company has the process maturity to hold, trade and report crypto assets properly.

Accounting starts with classification

The first accounting problem is classification.

Under IFRS, the IFRS Interpretations Committee concluded in 2019 that IAS 2 Inventories applies to cryptocurrencies when they are held for sale in the ordinary course of business, and IAS 38 Intangible Assets applies if IAS 2 is not applicable.

That means a company cannot simply call crypto “cash” because it behaves like money in a certain community. The accounting framework asks what the asset is, what rights it gives the holder and why the entity holds it.

The purpose matters.

A company holding BTC as a long-term treasury asset may have a different classification question from a broker-trader holding crypto for resale. A business accepting crypto from customers and converting it quickly into fiat has a different fact pattern again.

Under US GAAP, FASB issued ASU 2023-08, which requires certain crypto assets to be measured at fair value each reporting period, with changes recognized in net income. EY summarizes that the guidance is effective for fiscal years beginning after 15 December 2024, including interim periods within those fiscal years.

That is a major point for CFOs.

The accounting treatment depends on the reporting framework. IFRS, US GAAP, Swiss statutory accounting and local tax reporting can lead to different processes, disclosures and volatility in the financial statements.

The market risk may be the same.

The accounting consequences are not.

Swiss companies need their own view

For Swiss companies, the discussion often starts under the Swiss Code of Obligations.

Crypto Valley Association notes that the Swiss Code of Obligations does not contain specific cryptocurrency accounting rules, so companies need to interpret existing accounting principles when accounting for assets such as Bitcoin.

That sounds dry, but it is highly practical.

If a Swiss company holds crypto, the finance team needs to decide how the asset is recognized, valued and disclosed under the applicable reporting basis. The answer may depend on whether the asset is held short term, long term, for trading, for treasury diversification or as part of an operating business.

Crypto Valley Association also explains that Article 960b can allow subsequent measurement at a market price for assets with an observable market price in an active market, and that year-end prices published by the Swiss Federal Tax Administration may be used for certain cryptocurrencies.

For a CFO, this creates a very practical control question.

Which price source is used?

Is the price source documented?

Is it used consistently?

Can the auditor reproduce it?

If the company uses an exchange price, which exchange price is used and at what time?

These questions look small until the balance sheet date arrives and nobody knows which number is authoritative.

A crypto treasury policy should answer them before the first purchase.

Custody is a governance decision

Custody is not only a technical setup.

It is a governance decision.

A company can hold crypto on an exchange, with a custodian, in a self-custody wallet or through a more structured institutional setup. Each model has different trade-offs.

Exchange custody is operationally simple, but it introduces platform risk and access-control questions. Self-custody gives more direct control, but it makes key management, backup procedures and signing authority much more important. Institutional custody can improve segregation of duties and reporting, but it may add cost and operational friction.

The wrong setup creates invisible risk.

If one person can move all company crypto alone, the company has a control problem.

If nobody can recover access when a key person leaves, the company has a continuity problem.

If the exchange account is not properly separated from private accounts, the company has a documentation problem.

If API keys have withdrawal rights when they do not need them, the company has an unnecessary security problem.

This is why we care so much about non-custodial structures in trading infrastructure.

For unCoded, the user’s capital stays on the user’s own Binance account, and the API key is used for trading without withdrawal rights. That does not remove market risk, but it removes a very specific operational risk: the trading system does not need custody of the funds.

For a company, that distinction matters.

Control is not a marketing phrase. It is an internal control requirement.

Treasury needs rules before exposure

A company should not hold crypto because someone on the management team likes the asset.

There needs to be a treasury policy.

That policy does not have to be a 60-page document. But it should define the rules clearly enough that a board member, accountant or auditor can understand what the company is doing.

At minimum, a crypto treasury policy should cover:

Purpose

Is the company holding crypto as strategic treasury exposure, operating liquidity, trading inventory, customer settlement, ecosystem participation or something else?

Approved assets

Which assets are allowed?

BTC only?

BTC and ETH?

Stablecoins?

No memecoins?

No illiquid tokens?

The policy should be explicit because “crypto” is too broad to control.

Allocation limits

How much of available liquidity can be allocated?

Is the limit based on cash, equity, total assets or another metric?

What happens if price appreciation pushes the asset above the limit?

Trading rules

Is the company allowed to rebalance?

Is automated spot trading allowed?

Are futures, margin or leverage prohibited?

Who can change parameters?

Custody and access

Where are assets held?

Who has access?

Is multi-signature required?

How are API keys managed?

Are withdrawal rights disabled where possible?

Reporting

How often is crypto reported internally?

Which valuation source is used?

Who reconciles balances?

How are realized and unrealized gains shown?

This is not bureaucracy for the sake of bureaucracy.

It is how a company avoids improvising under market pressure.

Volatility affects more than performance

Crypto volatility does not only affect the investment result.

It affects reporting, management discussions and sometimes even lender relationships. If a company holds volatile crypto assets, the balance sheet can move quickly between reporting dates. That movement may be economically acceptable, but it still needs to be explained.

This is where CFOs need to separate three layers.

The first layer is market value.

The asset moves up and down. That is obvious.

The second layer is accounting impact.

Depending on the reporting framework and classification, those movements may affect profit and loss, equity, impairment analysis or disclosures.

The third layer is communication.

Management needs to explain why the asset exists, how much exposure the company has, what the risk limits are and why the setup fits the company’s strategy.

That third layer is often ignored.

A company can be economically right and still create confusion if stakeholders do not understand the policy. The board may think the company is speculating. The auditor may ask for documentation the finance team does not have. A lender may see volatility without seeing the control structure behind it.

Crypto exposure needs a narrative, but not the marketing kind.

It needs a governance narrative.

Why are we holding this?

How much can we lose?

Who controls it?

How do we measure it?

When do we reduce exposure?

Stablecoins are not risk-free cash

Many companies become more comfortable when the conversation moves from BTC or ETH to stablecoins.

That comfort can be dangerous.

Stablecoins may reduce price volatility against the reference currency, but they do not remove risk. They introduce different risks: issuer risk, reserve risk, redemption risk, exchange risk, regulatory risk and operational risk.

For accounting purposes, stablecoins also need careful analysis. A stablecoin may look like cash in a trading interface, but the accounting conclusion depends on its legal structure, redemption rights and the applicable reporting framework.

A CFO should not treat all stablecoins the same.

USDT, USDC and FDUSD may all serve as quote currencies in crypto markets, but they do not have identical issuer structures, transparency profiles or exchange use cases. The business purpose also matters. Holding a stablecoin for short-term trading settlement is not the same as holding it as corporate treasury liquidity.

The practical question is simple.

What happens if the stablecoin breaks its peg, the issuer freezes redemption, the exchange restricts withdrawals or the relevant bank rails stop working?

If the company has no answer, the position is not treasury management.

It is convenience.

Trading activity changes the workload

Holding crypto is one thing.

Trading crypto is another.

A company that buys BTC once and holds it has a simpler recordkeeping problem than a company that trades frequently. Once trading activity increases, finance needs reliable transaction data, realized gain calculations, fee tracking, exchange exports, wallet movements, reconciliations and valuation support.

This becomes even more important for automated trading.

A bot can create many small transactions. That may be part of the strategy, but it also means the accounting and reporting setup must be ready for volume.

The finance team should know:

Which trades happened?

Which trades were realized?

Which positions remain open?

Which fees were paid?

Which quote asset was used?

Which exchange account held the assets?

Which report proves the balance at period-end?

A trading strategy that cannot be reconciled is not ready for a company balance sheet.

This is why transparency is a product requirement for serious trading systems. A dashboard is not enough if the finance team cannot export, verify and reconcile what happened.

For a company, “the bot made trades” is not an explanation.

The accounting file needs the details.

Internal controls should be boring

Good crypto controls should feel boring.

That is the point.

The company should not rely on trust, memory or one person’s laptop. It should rely on documented access rights, approval flows, reconciliations, logs and segregation of duties.

A practical control setup should include:

Access control

No shared logins.

No private email accounts.

No unmanaged devices for critical access.

Exchange accounts should be linked to company-controlled identities and protected with strong authentication.

API control

API keys should follow least privilege.

If the system only needs trading rights, withdrawal rights should be disabled.

IP whitelisting should be considered where available.

Old keys should be removed.

Approval control

Treasury purchases, allocation changes and strategy changes should follow an approval process.

The person proposing a trade should not always be the only person approving it.

Reconciliation control

Exchange balances should be reconciled to accounting records.

Wallet balances should be verified.

Open positions and realized transactions should be reviewed.

Incident control

The company should know what happens if an exchange account is compromised, an API key leaks, a key person leaves or a major market event triggers a liquidity decision.

None of this sounds exciting.

That is a good sign.

In crypto, excitement is usually where the risk hides.

The CFO checklist

Before crypto enters the company balance sheet, I would want clear answers to these questions.

1. Purpose

Why does the company want crypto exposure?

Treasury diversification, trading strategy, customer settlement, strategic ecosystem exposure or another reason?

2. Reporting framework

Which accounting framework applies?

IFRS, Swiss statutory accounting, US GAAP or another basis?

3. Asset scope

Which assets are permitted?

BTC, ETH, selected stablecoins or broader crypto assets?

4. Custody model

Where are the assets held?

Exchange, custodian, self-custody or a hybrid setup?

5. Access rights

Who can trade?

Who can withdraw?

Who can create API keys?

Who can approve changes?

6. Valuation source

Which price source is used for reporting?

Is the source consistent, documented and reproducible?

7. Tax process

Who calculates tax impact?

How are realized gains, losses, fees and transfers documented?

8. Risk limits

What is the maximum allocation?

What is the maximum drawdown tolerance?

When must exposure be reduced?

9. Audit trail

Can every transaction be exported, explained and reconciled?

Can the company prove ownership or control?

10. Board communication

Does the board understand the purpose, risk, reporting impact and control environment?

If one of these areas is missing, the company may still decide to move forward. But it should know what is missing and why.

Unclear risk is worse than known risk.

Where automated spot trading can fit

Automated spot trading can make sense for companies that want structured exposure without manual execution.

But it only fits if the governance is right.

A company should not use automation because it wants to avoid thinking. It should use automation because the rules are clear enough to be executed consistently.

That means:

No leverage unless explicitly approved.

No hidden custody transfer.

No withdrawal rights for trading systems where they are not needed.

No black-box reporting.

No undocumented parameter changes.

No performance claims without proper measurement.

For unCoded, the structure is deliberately focused on Binance spot trading. The capital remains on the user’s Binance account. The API setup is designed around trading without withdrawal rights. The system is built for users who want automation while keeping control of the account relationship.

That can be relevant for entrepreneurs, professional investors and companies that want systematic execution without giving away custody.

It still requires proper accounting, tax review and internal governance.

A bot can execute trades.

It cannot replace the CFO.

FAQ

Can a company hold Bitcoin on its balance sheet?

Yes, a company can hold Bitcoin, but the accounting, tax, custody and governance treatment depends on the company’s jurisdiction, reporting framework and purpose for holding it.

Is crypto treated as cash in company accounting?

Under IFRS, the IFRS Interpretations Committee concluded that IAS 2 applies when cryptocurrencies are held for sale in the ordinary course of business, and IAS 38 applies if IAS 2 is not applicable. That means crypto is not simply treated as cash under IFRS.

How are crypto assets measured under US GAAP?

FASB ASU 2023-08 requires certain crypto assets to be measured at fair value each reporting period, with changes recognized in net income.

What should a crypto treasury policy include?

A crypto treasury policy should define purpose, approved assets, allocation limits, custody model, access rights, valuation source, trading rules, reporting process and risk limits.

Are stablecoins safe for corporate treasury?

Stablecoins can reduce price volatility against a reference currency, but they still carry issuer, reserve, redemption, exchange, regulatory and operational risks.

Can a company use a trading bot for crypto treasury?

A company can use automated trading tools if the setup fits its governance, accounting and risk framework. The company still needs clear approvals, reporting, reconciliation and custody controls.

Conclusion

Crypto on a company balance sheet is not a casual decision.

It is not enough to decide that Bitcoin is interesting, Ethereum has utility or stablecoins are convenient. A company needs a structure that survives accounting close, board review, tax reporting, audit questions and market stress.

That structure starts before the first trade.

The company needs a clear purpose, an accounting view, custody rules, access controls, valuation sources, reporting processes and risk limits. If trading is automated, the need for transparency becomes even stronger because transaction volume can increase quickly.

This is where serious crypto separates itself from hype.

The question is not whether a company can buy crypto.

The question is whether the company can hold it, control it, report it and explain it.

That is the CFO-level standard.

And for any company that wants to use automated spot trading, it should be the minimum standard before capital goes into the market.

This article is for educational purposes only and is not accounting, tax, legal or financial advice. Companies should consult qualified advisors for their specific jurisdiction, reporting framework and tax situation.

Learn more about unCoded: https://uncoded.ch Built by ArrowTrade AG: https://arrowtrade.ch