Blockchain-based Risk Management Framework for Digital Asset Exchanges: Bridging COSO ERM with Emerging Technologies

Mahatthakorn Plensamai

doi:10.69650/jcdrhs.2025.807

Authors

Mahatthakorn Plensamai Ubon Ratchathani Business School, Ubon Ratchathani University, Ubon Ratchathani, Thailand

DOI:

https://doi.org/10.69650/jcdrhs.2025.807

Keywords:

Blockchain, Risk Management, COSO ERM Framework, Governance Models, Hybrid Governance, Digital Asset Exchanges

Abstract

This study proposes and validates a blockchain-based risk management framework tailored for digital asset exchanges by aligning blockchain-specific risks with the COSO ERM 2017 framework. Data were collected using a convergent mixed-methods approach: qualitative data were gathered through semi-structured interviews with 15–20 industry experts—selected via stratified purposeful and snowball sampling—and document analysis; quantitative data included over 100 survey responses and operational metrics such as downtime incidents, transaction volume, and cyberattack rates. Quantitative analysis utilized descriptive statistics, correlation analysis, regression models, and Monte Carlo simulations, with tools such as SPSS, R, and Python, while qualitative data were thematically analyzed using NVivo. Key findings revealed that the framework led to a 60% reduction in downtime incidents, cyberattack success rates, and compliance breaches, while stakeholder surveys indicated high satisfaction with usability (mean = 4.5) and cybersecurity mitigation (mean = 4.2), though moderate satisfaction with decentralized governance alignment (mean = 3.8). The study concludes that the framework effectively bridges technical, regulatory, and governance gaps in current practices, offering a scalable, adaptable model for enhancing operational resilience and regulatory compliance in blockchain-based ecosystems.

References

Barrett, M. P. (2018). Framework for Improving Critical Infrastructure Cybersecurity Version 1.1, NIST Cybersecurity Framework. https://doi.org/10.6028/NIST.CSWP.04162018

ISACA. (2019). COBIT 2019 Framework: Introduction and Methodology. Illinois, USA.: ISACA.

Shah, S. Q. A., Lai, F.-W., Shad, M. K., Hamad, S., & Ellili, N. O. D. (2025). Exploring the Effect of Enterprise Risk Management for ESG Risks Towards Green Growth. International Journal of Productivity and Performance Management, 74(1), 224-249. https://doi.org/10.1108/ijppm-10-2023-0582

Tangprasert, S. (2020). A Study of Information Technology Risk Management of Government and Business Organizations in Thailand Using COSO-ERM based on the COBIT 5 Framework. Journal of Applied Science, 19(1), 13-24. https://doi.org/10.14416/j.appsci.2020.01.002

Truong, V. T., & Le, L. B. (2023). A Blockchain-based Framework for Secure Digital Asset Management. In 2023 IEEE International Conference on Communications (ICC): Next-Generation Networking and Internet Symposium, Rome, Italy, May 28-June 1, 2023 (pp. 1911-1916). https://doi.org/10.1109/ICC45041.2023.10279622

Vincent, N. E., & Barkhi, R. (2021). Evaluating Blockchain Using COSO. Current Issues in Auditing, 15(1), A57-A71. https://doi.org/10.2308/ciia-2019-509

Zhu, Y. (2021). Research on Digital Finance Based on Blockchain Technology. In 2021 International Conference on Computer, Blockchain and Financial Development (CBFD), Nanjing, China, April 23-25, 2021 (pp. 410-414). Piscataway, NJ: IEEE Service Center. https://doi.org/10.1109/CBFD52659.2021.00089