Assurance on XBRL Instance Document: A Conceptual Framework of Assertions Rajendra P. Srivastava And Alexander Kogan 16th World Continuous Auditing & Reporting Symposium Rutgers University- Newark November 7 and 8, 2008 Outline • • • • • • • • Definition of Assurance on XBRL Instance Document Background SEC Proposal: Interactive Data to Improve Reporting Current Approaches to Assurance on XBRL Instance Documents Assertions and Assertion Based Audit Approach Materiality concepts Control Test versus Substantive Procedures Conclusions Assurance on XBRL Instance Document General Definition (Srivastava & Kogan, 2008) “The XBRL instance document is a true representation of the electronic document (ASCII or HTML) filed with the SEC” Definition under SEC Proposal “The tagged financial statements are accurate and consistent with the information the company presents in its traditional format filings” Background • SEC Proposal: Interactive Data to Improve Reporting (2008) • Plumlee, D. and M. Plumlee. 2008. Assurance on XBRL for Financial Reporting. Accounting Horizons, Vol. 22, No. 3: 353–368 • AICPA Assurance Services Executive Committee. 2008. The Shifting Paradigm in Business Reporting and Assurance. 1. XBRL Assurance Task Force, 2. Data Integrity Task Force • Boritz, J. E. and W. G. No. 2007. Auditing an XBRL Instance Document: The Case of United Technologies Corporation. Working paper, University of Waterloo. • Assurance Working Group (AWG) of XBRL International (2006) • Public Company Accounting Oversight Board (PCAOB). 2005. Staff Q&A Regarding XBRL Financial Reporting. XBRL Instance Document Preparation Process XBRL Specification 2.1 An XML Schema that provides the rules for valid XBRL instance documents and taxonomies US GAAP Taxonomies • Standard elements • Standard labels • Standard calculations • Standard references • Standard presentations “tagging” Corporate Extension Taxonomies • Unique elements • Unique labels • Unique calculations • Unique references • Unique presentation Corporate Financial Facts Instance Document SEC Provided Viewer Presentation Tools/Style Sheets Final Output Taken from Plumlee & Plumlee 2008 SEC Proposal: Interactive Data to Improve Reporting (May 2008) • Proposal to mandate the filing of corporate financial data in interactive data (XBRL) format as exhibits along with human readable traditional filings and posting of the XBRL instance document on the company’s website. • Companies with a worldwide public float over $5 billion will be required to submit their primary FS, footnotes and FS schedules in XBRL format for fiscal periods ending in late 2008. • Accelerated filers will be required to comply with the new rules starting the following year • The remaining public companies would comply the year after that. General Requirements under SEC Proposal (Rule 405 Regulation S-T) • Information in interactive data format should not be more or less than the information in the ASCII or HTML part of the report • Use of the most recent and appropriate list of tags released by XBRL U.S. or the IASCF as required by EDGAR Filer Manual. • Viewable interactive data as displayed through software available on the Commission’s Web site, and to the extent identical in all material respect to the corresponding portion of the traditional format filing • Data in the interactive data file submitted to SEC would be protected from liability for failure to comply with the proposed tagging and related requirements if the interactive data file either o o Met the requirements; or Failed to meet those requirements, but failure occurred despite the issuer’s good faith and reasonable effort, and the issuer corrected the failure as soon as reasonably practical after becoming aware of it. Legal Liability under SEC Proposal • The financial statements and other disclosures in the traditional format part of the related official filing with which the interactive data appear as an exhibit would continue to be subject to the usual liability provisions of the federal securities laws. • The usual liability provisions of the federal securities laws also would apply to humanreadable interactive data that is identical in all material respects to the corresponding data in the traditional format filing* as displayed by a viewer that the Commission provides. Validation Software: SEC Proposal Expectation • Check if required conventions (such as the use of angle brackets to separate data) are applied properly for standard and, in particular, non-standard special labels and tags; • Identify, count, and provide the staff with easy access to non-standard special labels and tags • Identify the use of practices, including some the XBRL U.S. Preparers Guide contains, that enhance usability • Facilitate comparison of interactive data with disclosure in the corresponding traditional format filing • Check for mathematical errors; and analyze the way that companies explain how particular financial facts relate to one another SEC Perspective on Assurance of XBRL Instance Document No requirement to involve third parties for preparing or providing assurance (Based on the following consideration) • Comprehensive list of tags • User-friendly software to create instance document • Multi-year phase-in for each filer • Interactive data technology specifications • Advances in rendering/presentation software and validation tools • Expectation that filers will take the initiative to develop sufficient internal review procedures to promote accurate and consistent tagging; and • The filer’s and preparer’s liability for the accuracy of the traditional format version Current Approaches to Conducting Assurance Service • PWC – Actual audit of United Technologies Corporation Financial statements • Boritz and No (2007) – A mock audit performed to explore the process • AICPA Assurance Services Executive Committee. 2008. The Shifting Paradigm in Business Reporting and Assurance • Public Company Accounting Oversight Board (PCAOB). 2005. Staff Q&A Regarding XBRL Financial Reporting. • Assurance Working Group (AWG) of XBRL International (2006) Concerns about the Current Approaches In general, there is a lack of conceptual framework It is similar to what the audit process used to be some 50 years back; a bunch of procedures to be performed specific to each balance sheet account Accounting Model: FASB, 1993 User Understandability Usefulness Relevance Feedback Reliability Timeliness Prediction Verifiable Consistency & Comparability Faithfully Represented Neutral Benefit > Cost; Materiality “Statement of Financial Accounting Concepts No. 2, Qualitative Characteristics of Accounting Information”, Original Pronouncements, Accounting Standards as of June 1, 1993, Volume II (AICPA Pronouncements, FASB Interpretations, FASB Concepts Statements, FASB Technical Bulletins), Financial Accounting Standards Board, CN, USA, 1993 Management Assertions (SAS 106) and Related Audit Objectives Assertions about account balances • Existence • Completeness • Rights and Obligations • Valuation or Allocation Assertions about classes of transactions and events • Occurrence • Completeness • Accuracy • Cutoff • Classification Assertions about presentation and disclosure • Occurrence and rights and obligations. • Completeness • Classification and understandability Audit Objectives o o o o o o o Validity Completeness Ownership Valuation Cut-off Classification Disclosure IQ Model (Bovee, Srivastava & Mak, IJIS 2003) Information Quality Integrity Accuracy Accessibility Consistency Completeness Interpretability Timeliness Criterion 1 Non-Fictitiousness Age Volatility Relevance Criterion n Risk Based Approach for Conceptualizing Assertions 1.Data Deficiencies in the XBRL Instance Document Omissions of relevant data from the traditional format documents (Completeness) o Insertions of data not present in the traditional format documents (Existence) o Erroneous element values and / or attribute values (such as context, unit, etc.) (Accuracy: Element Accuracy or Attribute Accuracy) o Risk Based Approach for Conceptualizing Assertions 1.Deficiencies of the Mark-up in the XBRL instance Document Erroneous tagging of data that violates XML syntax rules (Violation of Well-formedness) o Erroneous tagging of data that violates XML Schema (Violation of Validity) o Inappropriate choice of XBRL elements to tag traditional format document data (Violation of Proper Representation) o Risk Based Approach for Conceptualizing Assertions 1.Deficiencies of XBRL Taxonomies used by the Filer Improper choice of general and industry-specific XBRL taxonomies by the filer (Proper Taxonomies) o Violations of XML or XBRL language rules in XBRL taxonomy extensions by the filer (Valid Taxonomy Extensions) o Inappropriate introduction of new elements in XBRL taxonomy extensions (Proper Extension Elements) o Inappropriate / erroneous linkbases in XBRL taxonomy extensions (including the choice of inappropriate/misleading labels) (Proper Linkbases) o A Quality Model for XBRL Instance Document (Srivastava & Kogan 2008) XBRL instance document is a true representation of the electronic document (ASCII or HTML) filed with the SEC 2. Meta-Data in XBRL Instance Document are Reliable 1. Business Facts in XBRL Instance Document are Reliable 1.1 Completeness 1.2 Existence 1.3.1 Element Accuracy 2.1 Well-Formedness 3.1 Proper Taxonomies It faithfully represents the Electronic Filings of FS 3. Meta-Data External to XBRL Instance Document are Reliable 1.3 Accuracy 1.3.2 Attribute Accuracy 2.2 Validity 3.2 Valid Taxonomy Extensions 2.3 Proper Representation 3.3 Proper Taxonomy Extension Elements 3.4 Proper Linkbases Assertion Based Audit Methodology: 1. Business Facts in XBRL Instance Document are Reliable Procedures as items of evidence pertaining to the assertion Specific Assertions Completeness Existence Accuracy Element Accuracy Attribute Accuracy Manual (M): Trace from the text document to the instance document and note that all business facts are tagged. Intelligent Software (IS): Intelligent software can be programmed to tag all the business facts. Compare programmatically each tagged fact prepared for the SEC filing with the tagged facts by the intelligent system. M & IS: Intelligent software creates a text document from the XBRL tagged document and a knowledgeable person traces from this created document to the original document to check if the tagged facts are present in the original document. M: Trace from the text document to the instance document to check if the values of all the business facts are the same as the values on the rendered document. IS: Intelligent software can be programmed to read the values of the business facts from the original document and compare them with the corresponding values in the instance document. M: Trace from the text document to the instance document to check if the values of all the attributes are the same as the values of these attributes in the instance document. IS: Intelligent software can be programmed to read the values of the business items from the original document and compare them with the corresponding values in the instance document. Assertion Based Audit Methodology: 2. Meta-Data in XBRL Instance Document are Reliable Specific Assertions Procedures as items of evidence pertaining to the assertion Well-Formedness Manual (M): Evaluate the error messages generated by the software to verify well-formedness. Intelligent Software (IS): Utilize any approved XML parsing software to verify that the instance document is well-formed. Validity M: Evaluate the error messages generated by the software to verify validity. IS: Utilize any approved XML validating parsing software to verify that the instance document is valid. Proper Representation M: Trace from the instance document to the text document to check if the tags, as they are defined in the XBRL taxonomies, properly represent the facts of the traditional format document. IS: Intelligent software can be programmed to maintain a mapping between the facts of the traditional format document and the elements of the instance document to aid in manual decision making. Assertion Based Audit Methodology: 3. Meta-Data External to XBRL Instance Document Specific Assertions Procedures as items of evidence pertaining to the assertion Proper Taxonomies Manual (M): Compare the discoverable taxonomy set in the instance document with the available approved and acknowledged XBRL taxonomies to check if all the appropriate taxonomies are used and all the used taxonomies are appropriate. Intelligent Software (IS): Utilize XBRL processing software to identify and visualize the discoverable taxonomy set in the instance document. Valid Taxonomy Extensions M: Evaluate the error messages generated by the software to verify validity. IS: Utilize approved XBRL processing software to verify that the taxonomy extensions are valid. Proper Extension Elements M: Analyze new elements in XBRL taxonomy extensions to verify that they are defined properly and they not duplicate unnecessarily existing elements. IS: Utilize XBRL processing software to examine new elements in XBRL taxonomy extensions. Proper Linkbases M: Analyze new and changed arcs in the linkbases of XBRL taxonomy extensions to verify that they are defined properly. IS: Utilize XBRL processing software to examine new and changed arcs in the linkbases of XBRL taxonomy extensions. Audit Approach: Control Test versus Substantive Test • Control tests on the effectiveness of the software that produces XBRL instance document • Control tests on the effectiveness of the validation software • Substantive procedures o All major line items need to be traced and compared • No Statistical Sampling o Each line item is a separate test unit; not appropriate for statistical sampling o However, on certain attribute one would be tempted to perform sampling but the size of the population is too small to use sampling Other Issues: Materiality and Risk • Two kinds of materiality o o Materiality for the entire FS Materiality for each line item in the instance document • Since the materiality concept used in the FS audit is at the aggregate level, the implied materiality in the instance document is also at the aggregate level. • However, since users are going to use each line item separately in their decisions, they will perceive each line item to be accurate in isolation. This would lead to erroneous decisions Conclusion • For effective and efficient assurance process of XBRL instance documents, we need assurance objectives (assertions) as a set of criteria against which evidence could be gathered and evaluated to make a decision whether the assurance objectives have been met or not in order to give an opinion