Bob Schneider is a Partner in 
Wilson So is the Director of Hitachi Consulting Corporation XBRL Dovetails Nicely with SOX’s Surprising Benefits
Written by Bob Schneider Posted November 8, 2006
In the April 2006 Harvard Business Review, Deloitte executives Stephen Wagner and Lee Dittmar contributed the article The Unexpected Benefits of Sarbanes-Oxley.
An initial, cynical response to that title would be “Yes, SOX has provided an unanticipated boost to local economies from late-night pizza deliveries to accountants’ offices.” Even the less skeptical reader begins the piece thinking: Could the huge investment in SOX compliance been made without some benign side effects showing up somewhere?
But Wagner and Dittmar cite sufficient strong advantages, and back them up with enough examples, to make the case that the gains have been substantial. Wisely, they don’t argue that SOX is really a blessing in disguise. Rather, they demonstrate that, in contrast to the usually negative narrative, the law has had important benefits.
What’s any of this have to do with XBRL? As we read through the successes the authors described, it seemed nearly all of them dovetailed nicely with the increased adoption of XBRL throughout the organization. Here are the benefits the authors cite and how XBRL supports those objectives:
Strengthening the Control Environment Wagner and Dittmar well understand that internal control is less about individual procedures, important as they are, and more about the overall control environment that it is so central to an audit. Experienced CPAs acquire what they call the “auditor’s knack,” a canny sixth sense that tells them a day into an audit whether the client has its act together. If it doesn’t, auditors have to greatly expand the range and number of their tests, because they can’t trust the clients’ numbers. But when the control environment is strong, testing can be reduced, audit costs can be cut, and auditors can focus on improving client procedures and operations.
XBRL can play a vital role in ensuring a strong control environment. It eliminates numerical mistakes. It reduces greatly manual intervention in accounting processes where error, intended or unintended, creeps in. It makes the exchange of data within the company flow more smoothly. Finally, it can be instrumental in creating the audit trails that CPAs depend on.
Exploiting Convergence Opportunities The investment in SOX can often be leveraged for compliance with other standards. The authors describe the experience of RSA Security for meeting ISO 9000 standards. They also discuss how SOX compliance converged with other regulatory regimes in the human resources area, and how “a single set of controls could be used for compliance with the various acts.” Such harmonization can be greatly eased by adopting XBRL-GL, which enables reporting of a diverse variety of corporate information, from employee timesheets to health benefit plans to employee pay.
Standardizing Processes The authors cite the experience of consumer products maker Kimberly-Clark, where hundreds of executives around the world were generating manual journal entries. The process varied widely by division and location, “with some employees creating entries by hand, others keying them into Excel spreadsheets, and still other logging them into the company’s SAP financial software program.” Entering all such entries in XBRL would go a long way toward process standardization. Even where processes remained varied, the fact that all entries were made in the same data standard would enhance consistency and make reconciliation much easier. Another XBRL-related benefit would be that searches on journal entries would be much faster.
Reducing Complexity Wagner and Dittmar cite the case of Iron Mountain, a $1.8 billion records and information management company which over a ten-year period had essentially acquired more than 200 companies. “Some of the companies ran Unix while others ran Linux, Novell NetWare or Windows.” With the easy interchange of data between entities, platform independent XBRL is a boon to M&A.
Strengthening Weak Links The authors write “Another source of complexity arises from outsourcing, partnerships, and shared-services arrangements known as the ‘extended enterprise.’” They cite the difficulty of ensuring internal control when the partner company engages in activities that materially affect the financial statements. XBRL enables much faster reporting, which can be critical when monitoring activities with external entities. Information can also be entered once and delivered in many formats, which can be especially beneficial when dealing with external entities that require certain data formats.
Minimizing Human Error Ask most auditors what they consider the weakest part of internal control, and they’ll tell you “Manual processes.” One of the main benefits of XBRL is the elimination of nodes in supply chain management where human intervention is necessary. Moreover, and of special benefit to auditors, automated controls are highly reliable, so they can be tested less.
In these many areas, the addition of XBRL to the mix enhances the likelihood and the quality of success. In fact, the only two benefits mentioned in the piece where we were a little hesitant to extol XBRL’s virtues were improved documentation (Sarbanes-Oxley required companies to update operations manuals, personnel policies, etc.) and increasing audit committee involvement. And we’re certain less diffident writers with experience in these areas could have expounded on XBRL’s advantages here as well.
Indeed, it may well be that XBRL’s benefits are so pervasive that it is hard to describe a critical area of management operation where its advantages are not manifest.
Note: You can request a copy of the article from Deloitte; the Harvard Business Review is also freely available in electronic form from major libraries.