Intersect WebsiteBecome a member

FAQs

Administration Financial Audit Policy

  1. What Tier of Audit is required for different types of treasury-funded entities?

There are 3 tiers of financial audit expectations. Tier one is required for small organisations with a low proportion of Cardano treasury funding, which can be considered low risk, such as small development teams or easily refundable funds. Tier two is required for medium-sized organisations that have a more moderate proportion of funding and can be considered a moderate risk, for example, a request for multiple teams within an established organisation. Tier three is required for larger organisations with a higher proportion of funding and elevated risk, for example, teams delivering critical services to the ecosystem.

  1. Why is Financial Auditing required?

Its sole purpose is to verify that treasury funds were used as approved, specifically for the intended proposal and its stated benefits.

  1. Who does the Administration Financial Audit Policy apply to?

The policy applies to the beneficiary, as defined in the Policy, who enters into contractual relationships, transactions, or projects with Intersect or with Cardano Development Holdings (CDH) where Intersect is acting as its Administrator.

  1. When will financial audits take place?

For each Statement of Work (SoW) term, a financial audit is required. Should an SoW extend beyond 12 months, a financial audit will be conducted annually.

  1. What is Intersect’s role as part of the Administration Financial Audit Policy?

  • Intersect will provide periodic reporting, which demonstrates the use of any ada as far as distribution to vendors.

  • After the point of distribution by an administrator, should it be required, proposal vendors are required to periodically provide an assessment of the use of any such ada received from this point onward.

  • Intersect will provide periodic reporting which demonstrates any ada received as part of a Cardano Blockchain treasury withdrawal is;

  • Kept in one or more separate accounts

  • Which can, as practically possible, be audited by the community or part thereof

  • Not used for any delegation to an SPO, but delegated to the predefined auto-abstain, where practically possible.

  1. What is the beneficiary's role as part of the Administration Financial Audit Policy?

The Beneficiary holds a critical role in maintaining financial integrity and transparency:

  • Taking full accountability for the responsible use of received funds, ensuring alignment with approved proposals.

  • Upholding transparency in all financial dealings related to the funds.

  • Audit Cooperation: Collaborating completely with financial auditors, providing all requested documentation promptly.

  • Responding promptly and thoroughly to all audit questions and inquiries.

  1. Who is responsible for the cost of a financial audit?

The beneficiary is responsible for any costs associated with conducting a financial audit. As per the Constitution, after the point of distribution by an administrator, if required, proposal vendors are required to periodically provide an assessment of the use of any such ada received from this point onward.

  1. How do I choose a financial auditor that is best suited to my project?

Please check the procedures section of the policy (section 13) where the audit tier is suggested split by criteria, requirements, and examples provided.

Delivery Assurance Process and Best Practice Policy

  1. When are Milestone Acceptance Forms (MAFs) required to be submitted, and what happens if they are submitted late?

The MAF and invoice must be submitted within 5 business days of milestone completion.

  1. What should be considered when setting milestones?

  • Milestone Description - milestones should be concise & specific, outcome-based, use consistent naming and numbering, be achievable, and provide a realistic timeline for completion.

  • Acceptance Criteria - milestones should have clear and testable acceptance criteria that are measurable, output-driven, and binary, leaving no room for interpretation for whether the milestone is complete

  • Third Party Assurance - each milestone is required to have a second capable vendor/person/organization who can help attest to the quality delivered and the milestone being complete

  1. What is the process when a MAF is not completed fully?

If a MAF is deemed to be incomplete by the Delivery Assurance team, including missing the third-party assurance without any apparent justification, the beneficiary will be informed and requested to provide supplementary information. If this causes substantial delays, then the payment for the milestone in question may be deferred to the next payment cycle. As per the policy statement (section 11), if there is a consecutive failure to successfully complete a Milestone on two or more occasions, this may result in the termination of the Agreement or corresponding Statement of Work.

  1. Will MAFs be made public?

Yes MAFs will be made public through a public dashboard. This allows all work undertaken to be shared transparently with the Community.

  1. Who are the third party assurers and what is their role?

Each milestone is required to have a second capable vendor/person/organization who can help attest to the quality delivered and the milestone being complete. This assurer does not need to be the same person throughout the contract if the beneficiary believes that a better person is suited to a particular milestone. The assurance provider is genuinely independent of the delivery team, from a different company, and independent of any key stakeholders with vested interests.They have the necessary expertise relevant to the deliverable being assessed.They are independent of an Intersect Committee.Intersect Delivery Assurance team will verify with the vendor that the third party assurer is acceptable and falls within these conditions.

  1. Is a third party assurer the only way to verify a milestone being complete?

A third party assurer is the most appropriate way to ensure a milestone has met the agreed acceptance criteria as they are independent to the work and typically have sufficient subject-matter knowledge. If providing public evidence to the Community better demonstrates the milestone's achievement (eg, a Video, an X-post), this is also acceptable but the beneficiary may be asked to justify the reasoning behind this decision.

Due Diligence Policy

  1. What is the purpose of the due diligence policy being in place?

The due diligence policy is in place to ensure that a risk-based assessment is carried out on the beneficiary to make sure that legal and regulatory requirements are met, ensuring compliance and preventing fraud. Intersect will therefore conduct Know Your Customer (KYC) and Know Your Business (KYB) checks through a third-party due diligence provider, Sumsub.

  1. How often will screenings of beneficiaries take place?

Repeat screening of beneficiaries who remain in business with Intersect will be conducted on an annual basis.

  1. What happens if Intersect is not satisfied with the outcome of a KYC/KYB?

Intersect may request Sumsub to do a manual verification if it is not satisfied with the outcome. Should the check be incomplete, the beneficiary may be requested by Sumsub to resubmit documentation to complement their case.

  1. What are the requirements of the beneficiary in the due diligence process?

The beneficiary is responsible for fully disclosing all relevant information, even if they perceive it as potentially negative. All information provided as part of the KYC/KYB checks must be factually correct, and all requested documents and data should be provided without omission.

  1. Are any other checks other than the KYC/KYB carried out?

Intersect will also check that the country of incorporation of the beneficiary is not based in a country where cryptocurrency is illegal. A number of sources will be used to keep this list up-to-date (eg, CCN).

Technical Review Policy

  1. What does the technical review policy apply to?

This policy applies to any deliverable which has the potential to affect the core code responsibilities under Intersects administration. Where a deliverable does not affect any core code, this policy should be undertaken as best practice, where practically possible.

  1. Who must a technical audit be completed by?

Review of a technical aspect or deliverable undertaken by a capable third party to the creator.

  1. What is the purpose of the Technical Review Policy?

The policy ensures that deliverables do not endanger the security, functionality, performance, or long-term sustainability of the Cardano Blockchain. Where deliverables do not potentially affect the security, functionality, performance, or long-term sustainability of the Cardano Blockchain; vendors should consider undertaking the practices defined to demonstrate trust and promote adoption of deliverables within the ecosystem.

  1. When will a Technical Review take place?

Technical reviews or audits will take place prior to commencement of deliverables, as deemed reasonable by the administrator.

  1. What needs to be agreed upon before any mainnet integration takes place?

Functionality Tests, Security Reviews, Code Audits, Performance Tests, Integration Functionality Tests and Performance Tests must be agreed in advance with Intersect or a chosen third party of Intersect, produced where possible and reviewed by Intersect as the administrator.

  1. Who is responsible for the cost of technical review or audit?

Any cost associated with a proposal's technical review or audit is the responsibility of the vendor.

PreviousTechnical Review PolicyNextGeneral Glossary

Last updated

Was this helpful?