Written by Matt Kelly     Posted on October 28, 2008

Matt Kelly is editor-in-chief of Compliance Week, a magazine and online newsletter on corporate governance, risk, and compliance. Prior to his role at Compliance Week, Kelly was a reporter and contributor on corporate compliance and technology issues for magazines such as Time, Boston Business Journal, eWeek, and numerous other publications.

Occasionally the technology of XBRL gets a giant boost forward. The recent XBRL International conference in Washington, D.C., was not one of those times.

For months, XBRL officials had promoted the conference as the denouement of a great movement, when XBRL enthusiasts who had wandered corporate corridors for years would finally arrive in the promised land. Christopher Cox, chairman of the U.S. Securities and Exchange Commission, was to be the keynote speaker on the first day of the conference — and there, everyone knew and nobody spoke publicly — he would unveil a final rule to mandate XBRL reporting in the United States.

Then Cox canceled. No final rule came forth. And I, like so many others at the conference, went back to wander the corridors. Mostly to bug the vendors for some free pens.

It’s hard to describe exactly how much of a letdown the XBRL conference was. Without Cox, the collective conversation meandered back to the same old topics hashed over since I started attending XBRL International events three years ago: the great untapped potential of XBRL technology, and Corporate America’s utter lack of interest in tapping it until the SEC requires companies to do so. The same old faces were singing the same old songs, and that’s about all.

Of course, you can’t fault Cox for canceling and putting XBRL on the back burner. With the U.S. financial system in shambles, the SEC chairman has more important demands on his time (mainly, getting called on the carpet by Congress almost every week). Either Cox and his staff need more time to develop a full final rule, or they can’t devote enough time to a final rule — because critics in Congress and elsewhere will immediately crucify Cox for fiddling with XBRL while Wall Street burns.

Either way, the end result is no rule. And without that mandated motivation, XBRL will go nowhere in the United States.

Now speculation is turning to whether the SEC will enact a final rule at all, and the answer may well be “no.” The XBRL rule originally proposed five months ago called for the 500 largest public U.S. companies to start filing XBRL-tagged financial statements in the spring of 2009. At the time, most financial reporting folks familiar with XBRL thought that deadline was at least theoretically possible — if the SEC’s final rule explained all the details about validation, auditor assurance, errors, grace periods, and so forth. If the SEC could deliver that final rule by, say, an international XBRL conference in mid-October, the schedule would be tight but still feasible.

Now we’re staring at November, the end of the fiscal year for most large companies, and the end of the White House administration that happened to put Chairman Cox in office. Cox’s own tenure will probably end on January 20, 2009. And we have no rule.

Cox has now become the bureaucrat who cried XBRL once too often. Quite simply, nobody believes the final rule will come before he leaves office, and nobody is particularly worried about it. One school of thought is that the SEC will pass a final rule that requires compliance starting with quarterly reports sometime in fiscal 2009, rather than the annual report for 2008. Another theory is that Cox will unveil a roadmap for XBRL adoption and let his successor decide specifically when to put it into force. Some do still believe the SEC will stick with its promised timetable to mandate compliance with fiscal years that end on or after Dec. 15, 2008 — but those folks are quickly becoming the crackpot fringe.

Me? Like lots of other SEC watchers, I’m starting to wonder whom a President-elect Obama will name as the next SEC chairman, and what that person’s priorities will be. I don’t know that XBRL will be one of them.

Written by Lily Bi     Posted on October 23, 2008

Lily Bi, CIA, CISA, is Director, Technology Practices at The Institute of Internal Auditors (The IIA).  Bi is responsible for developing the Global Technology Audit Guides (GTAG®) series and spearheading other initiatives to position The IIA as a leading provider of IT audit guidance for internal auditors.

Financial statements, IFRS, XBRL…it has been a lot for internal auditors to catch up with. Being responsible for providing assurance service, the internal audit profession is pushed forward to face the challenges of both technology and regulation. The mandate of filing financial reports in interactive data format, specifically XBRL, is not only an emerging trend, but a reality that companies throughout the world have to face today. And it raises some important questions: What is the current status of XBRL adoption? What is internal auditors’ involvement in the XBRL implementation process, if any? Is there a need for guidance developed by internal audit professionals?

As the globally recognized, guidance-setting body for the profession, The Institute of Internal Auditors (The IIA) conducted an XBRL survey in early September to find out the answers to these questions. More than 200 chief audit executives worldwide, such as audit generals and directors, participated in the survey. Here are some of the key results:

Familiarity  The survey tells us that 51% of internal auditors don’t have any XBRL knowledge at all; 42% only know the very basics.

Adoption   Only 8% of respondents say that their companies are currently filing financial reports in XBRL format, but more than 37% say that this will happen in the coming three years.

Internal auditor’s involvement   Among those companies who file financial statements in XBRL format today, only four respondents say they play some role.

Adoption approaches   The survey results indicate that 52% of respondents’ companies chose an in-house approach, and 48% chose a co-sourcing or outsourcing approach when implementing and creating financial reports in XBRL format. No respondents say XBRL is used in the company’s internal process other than financial reporting.

Financial reporting standards    The majority of the respondents state that they use country-specific accounting standards, such as US-GAAP; only 17% currently use IFRS.

Need for guidance Almost 90% of respondents say The IIA’s coming XBRL paper is needed to provide knowledge and guidance for the internal audit profession.

From a technology perspective, XBRL is a ten-year-old computer language for business reporting. But the survey states that internal auditors currently have not been engaged in helping their companies to convert financial reports in XBRL format. By definition, internal auditing is an independent and objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. With mandatory mandates either in place or under review in countries like US, Canada, Australia, Belgium, China, Denmark, Japan, France, Netherlands, Singapore, and United Kingdom, and more to come, there will be an inevitable impact on the internal audit profession.

Management in an organization has overall responsibility for ensuring accurate and complete financial statements in XBRL format.  Internal auditors can help management implement XBRL and provide objective assurance on the implementation process. To do so, internal auditors should first understand the new interactive reporting format, the mandate requirements, and pros and cons of various implementation approaches.

In addition, the business reporting supply chain starts from initial transactions, internal consolidation and reporting, to external financial reporting.  Many organizations use XBRL at the end point of this supply chain because of the urgency of compliance with a regulator’s mandate. But XBRL as an interactive business reporting language can be used to serve throughout various stages in organizations’ business reporting supply chains. This will potentially give internal auditors great opportunities to access deeper business data, perform data analysis more easily, improve profiling and risk assessments, and identify potential issues. As an audit tool, interactive data will ultimately accelerate continuous auditing and monitoring.

The IIA’s forthcoming XBRL guidance paper, which will be released in January 2009, will address these topics.

Written by Neal Hannon     Posted on October 15, 2008

Neal Hannon is an XBRL consultant and the former Director, Financial Reporting Technologies for the Financial Accounting Foundation (FAF). Active in the XBRL community since 2000, he served on the first XBRL US steering committee and has written over 60 articles on XBRL. You can contact him by email.

Neal wishes to thank Walter Hamscher for his assistance in preparing this post.

What is the difference between level 1 block tags and level 4 tags as defined in the SEC’s proposed rule for XBRL financial reporting? The answer lies in the details of the footnote itself. Footnotes and disclosures contained within footnotes are an essential part of financial statements adding more detail and understanding to the financial condition of a company.

What are the footnote tagging requirements according to the SEC’s proposed rule? The SEC’s proposed rule identifies four levels of tagging:

1. Each complete footnote tagged as a single block of text;
2. Each significant accounting policy within the significant accounting policies footnote tagged as a single block of text;
3. Each table within each footnote tagged as a separate block of text; and
4. Within each footnote, each amount (i.e., monetary value, percentage, and number) separately tagged, and each narrative disclosure required to be disclosed by U.S. GAAP (or IFRS as issued by the IASB, if applicable), and Commission regulations separately tagged.

The image below shows when each type of tagging will be required as proposed in the SEC rule. (As with all the thumbnails in this post, click it to open the image in a new tab or window.)

What is Block Tagging (Level 1)?

According to the SEC proposed rule, Level 1 tagging means tagging each complete footnote as a single block of text. Block tagging may also include the embedding of HTML tags for formatting purposes.

Using block tagging, XBRL tags are placed around an entire block of text and numbers. The simple process of block tagging a note to a financial statement would involve the following steps:

1. Select the block of text you wish to tag. This could be the note explaining a company’s application of fair value or their disclosure of investment securities.
2. Select the text block tag from the XBRL taxonomy and create your text block in your XBRL tagging tool of choice. Most companies will choose: FairValueDisclosuresTextBlock

Here is an abbreviated example of block tagged note number 2 from the Bank of Hawaii’s recent form 10-K:

The actual text of the tag is considerably longer than the above sample but illustrative of how a block tag works, including HTML for formatting purposes.

Level 2 Tagging

Level 2 tagging requires that each significant accounting policy within the significant accounting policies footnote be tagged as a single block of text. The tagging methodology for level 2 will be the same as level 1.

Level 3 Tagging

Level 3 tagging should be considered as part of level 4. As written in the proposed rule, each table within each footnote will be tagged as a separate block of text and be combined with all Level 4 requirements as detailed below.

Level 4 Tagging

At level 4, which is applicable to all companies after their initial year of block tagging, the proposed rule requires companies to deeply tag every footnote. Within each note, any monetary value, percentage, or number will need to have an XBRL tag applied; however, it is not necessary for that level of tagging to exactly preserve the original formatting or layout, because it is assumed that if the level 4 tags are available then the level 1 tags are too.

Here again is what the SEC’s proposed rule says about level 4 tagging:

(4) Within each footnote, each amount (i.e., monetary value, percentage, and number) separately tagged and each narrative disclosure required to be disclosed by U.S. GAAP (or IFRS as issued by the IASB, if applicable), and Commission regulations separately tagged.”

If the company is following IFRS, as issued by the IASB, the IFRS disclosures will also need to be tagged. Companies may also want to expose additional information contained in detailed footnotes that go above and beyond US GAAP requirements.

So level 4 tagging means preparing an XBRL tag for:

1. Each and every number, monetary value, percentage, etc. contained within a footnote;

2. All GAAP required disclosures; and

3. Company-specific disclosures that go beyond GAAP requirements

The third item hasn’t been specifically asked for in the proposed rule but preparers may want to include them in their XBRL exhibits.

XBRL Implications for Level 4 Tagging

To capture each and every numerical disclosure included in a footnote, companies will need to use the dimensions capability of XBRL. XBRL software tools with dimension capability such as Fujitsu XWand, Rivet Dragon Tag and UBMatrix Report Writer have the capability to produce the correct XBRL. Clarity FSR also has dimension capability.

To address the need to separately tag each narrative disclosure, accountants will need to identify which lines within the footnote are being driven by US GAAP and Commission regulations. The accountant will need to dissect the narrative to discover the correspondence between what is disclosed and US GAAP. Level 4 tagging requires each narrative GAAP disclosure to be separately tagged.

The US GAAP taxonomy contains thousands of elements specifically created to capture required narrative disclosures. The task of the accountant will be to match the accounting intent in the required disclosure to the correct element in the US GAAP taxonomy. If management’s accounting intent as represented by a particular disclosure within a footnote cannot be matched to an existing XBRL element, the company will have to create an extension to the taxonomy.

Here are the steps required for level 4 tagging:

1. Identify and tag each amount of all numerical disclosures (i.e., monetary value, percentage, and number). Multi-dimensional data often found in tables is tagged using the dimension capability of XBRL.

2. Identify and tag all narrative disclosures that are present in the note due to disclosure requirements in US GAAP or SEC regulations.

3. Block tag all remaining textual disclosures that are not driven by US GAAP requirements.

It’s likely that companies will want to extend the taxonomy to capture required disclosures that are not currently represented by elements in the US GAAP taxonomy. This need will be driven by the many different interpretations allowable under US GAAP that meet the test of complying with GAAP disclosure requirements. Accountants will make the judgment call concerning whether management’s accounting intent in the disclosure under XBRL review is correctly represented by an existing US GAAP taxonomy element or there is a need to create a new extension.

Bank of Hawaii Level 4

Let’s take a look at a portion of a footnote tagged to level 4 requirements for Bank of Hawaii.

Here is the table for Gross Gains and Losses from the Sales of Investment Securities as presented in the 10-K. The raw XBRL appears below the table:

Here is a pivot table created by the US GAAP taxonomy team at XBRL US to demonstrate how the above XBRL (tagged with dimensions) data could be displayed in Excel:

Level 4 Required Disclosures

The second type of level 4 tag is for required US GAAP disclosures. Here is an example of a required US GAAP disclosure embedded in the text of a note for Bank of Hawaii from a recent form 10-K:

Investment Securities

Investment securities are accounted for according to their purpose and holding period. Trading securities are those that are bought and held principally for the purpose of selling them in the near term. Trading securities, comprised primarily of mortgage-backed securities, are carried at fair value, with realized and unrealized gains and losses recorded in noninterest income. Held-to-maturity investment securities comprised of debt and mortgage-backed securities, that management has the positive intent and ability to hold to maturity are reported at amortized cost. Available-for-sale investment securities, comprised of debt and mortgage-backed securities are those that may not be held-to-maturity and are reported at fair value, with unrealized gains and losses, net of taxes, reported as a component of other comprehensive income. The estimated fair value of a security is determined based on current market quotations. A decline in the fair value of investment securities that is considered other than temporary is recorded as a reduction in noninterest income. Realized gains and losses are recorded in noninterest income using the specific identification method. Interest and dividends on investment securities, including amortization of premiums and accretion of discounts, using the effective interest method over the period to maturity, are included in interest income.

The underlined text is a required US GAAP disclosure. The financial reporting accounting team will be able to identify the sections of text inside a note that are driven by US GAAP requirements and those that are not. It is likely that some companies will elect to separately tag each and every line of text as printed in the footnotes.

Looking at the US GAAP taxonomy, the following element was identified as a proper accounting fit with the above disclosure:

From the US GAAP taxonomy:

AvailableForSaleSecuritiesBasisForValuationOtherThanEquitySecurities

Once identified as the proper tag, the next step is to marry the appropriate text to the taxonomy element. The results (without HTML formatting tags) look like this:

The XBRL in the image would be added to the instance document submitted to the SEC to comply with level 4 requirements.

Summary

Block tagging simply takes the text and numerical displays from a note to a financial statement and adds a block text tag to the information. The resulting XBRL will be compliant with the SEC’s first year notes tagging requirements but will yield little or not additional information. Level 3 tagging, required in the second year of participation, places each table occurring in a Note into a separate element. Level 4 tagging, also required in the second year of participation in the new SEC program, requires detailed tagging of the notes including each amount (i.e., monetary value, percentage, and number) separately tagged and each narrative disclosure required to be disclosed by U.S. GAAP (or IFRS as issued by the IASB, if applicable), and Commission regulations separately tagged.

The financial reporting team will be called upon to not only tag each amount but to also extract from the language inside a note to provide required narrative disclosures driven by US GAAP. The first time this task is completed, the accounting team will need to be deeply involved in the XBRL creation. Only members of the team that created the disclosure will understand the intent of the item and therefore know how to properly match it to the US GAAP taxonomy.

Written by Bob Schneider     Posted on October 12, 2008

A few months ago, Toshinori Kobayashi of Japan’s Financial Services Agency contributed three posts (on May 5, June 6, and July 1) on the FSA’s implementation of XBRL for financial reporting. One thing that struck me about the XBRL adoption in Japan was that — unlike in the US, where SEC Chairman Chris Cox has been at the forefront of the implementation effort — there was no mention of any involvement by the Minister of the FSA. In email correspondence, Mr. Kobayashi confirmed that the role of the political leadership of the agency had indeed been quite limited through much of its development stage.

In Japan, XBRL adoption was treated simply as a technology decision that did not require much political muscle from the top. And as a technology decision, the logic for XBRL adoption is straightforward:

1. The financial reporting arm for a nation like Japan collects and manages an enormous amount of data.
2. To manage huge amounts of data, the IT world is moving toward the adoption of computer languages that structure data to give it context and meaning, and offer flexibility, extensibility, greatly enhanced search, and other advantages.
3. In the field of financial reporting, a huge investment in money, time, and energy has already been made in developing one such language, namely, XBRL.
4. Many countries — large and small, developing and advanced — are adopting XBRL, further strengthening the argument for implementation in those countries that have yet to do so.

However, as I mentioned, in the United States, Chairman Cox has expended much of his energy and political capital in championing interactive data. His assumption of the role of XBRL evangelist made me recall these thoughts of Walter Hamscher from our recent interview:

Consequently, it is a lot easier for some countries — the Netherlands has a thrifty culture, as does Japan — to look at something like XBRL and figure out pretty quickly that, yeah, this is good for everyone; it will be more efficient and therefore we will all benefit, so let’s do it. Now, I am not saying it is trouble-free and that everybody in these countries has jumped on the bandwagon right away. But, by contrast, in the United States, so many other things pile on to our considerations around business and government decisions, things that really have nothing to do with thrift or efficiency.

In this light, it’s not surprising that in the United States XBRL was viewed, not as a technology decision, but as a major policy initiative (with political overtones) that required a forceful voice at the top. The strong resistance and controversy that met Sarbanes-Oxley (SOX) — a wide-scale and multifaceted response to corporate malfeasance — was likely one factor that compelled the SEC to see that XBRL adoption might follow the same path.

The concern I have is that when XBRL is viewed as a major policy initiative with such high visibility by the agency’s top managers — rather than as a technology improvement implemented at lower management levels — expectations may be raised unreasonably high, especially at a time when there’s a desperate search for solutions to problems in financial markets. Given that surveys of financial professionals still show many have little knowledge of XBRL, I’m not sure it’s widely understood that XBRL financial statements are GAAP financial statements, with all their accompanying limitations. To the extent that GAAP accounting fails to provide sufficient clues about the true exposures and underlying weaknesses of financial institutions and corporations, putting GAAP statements into XBRL isn’t going to help matters.

Chairman Christopher Cox has been a strong friend of the XBRL community. We can only be thankful to Mr. Cox for the leadership he has displayed in championing interactive data and bringing an XBRL mandate close to reality. I only hope in doing so he hasn’t raised hopes too high of what XBRL can accomplish in the current reporting framework.

Written by Daniel Roberts     Posted on October 2, 2008

Daniel Roberts is the former Chairman, XBRL-US Steering Committee, and member of the AICPA and XBRL International working groups on assurance over XBRL. He is the former National Director of Assurance Innovation for a Global 6 accounting firm. Mr. Roberts can be reached by email.

This is the second installment of a two-part article; the first part was published last week.

Role of the Audit

What is the role and purpose of the audit?  Simply put, to provide an independent opinion on the financial statements as provided by a company.  Note that this includes both publicly-held and privately-held companies, as audits are performed on the financial statements of privately-held companies to be provided to their financial institutions.

The audit provides comfort to the regulator and investor that the financial statements, when taken as a whole (an important concept that we’ll come back to), provide a fair and accurate representation on the state of the business. Various regulators require audits of companies’ financial statements, and banking institutions require audited financial statements from their nonpublic clients.

To the reporting company, the audit itself is overhead of the purest type.  It is a cost of doing business that cannot be avoided, and with Sarbanes-Oxley, it can no longer be offset by financial benefits identified by the auditor while performing related or even unrelated engagements. This naturally creates conflict between the company purchasing audit services (and what they are willing to pay) and the extent of work that the auditor feels compelled to perform in order to provide the audit opinion.

The client wants to keep audit fees to an absolute minimum; however, they also want to ensure that adequate work was performed to enable them to sign their SOX declarations with confidence.  Let’s go to the courtroom.  The discomfited CFO is in the witness box:  “Can you please explain to the court why you thought it would be acceptable to only have assurance on the printable version of the accounts, but not on the version that is actually used by investors? What were you trying to hide?”

With this picture firmly in mind, while they will not want to see any increases in their audit fee, it is pretty clear that CFOs will either agree to inclusion of the XBRL in the audit scope or they will ask for the XBRL submissions to be included in the scope of the audit.  Clients and auditors will decide that there is too much risk in providing unaudited XBRL to the SEC, regardless of the SEC’s currently not requiring such an audit.

The SEC’s Game

The SEC does not want to state categorically that XBRL data is subject to a requirement for assurance. They have gone so far to as to recommend that the XBRL that is required to be provided by companies will actually be treated as “furnished,” as is currently the case with the Voluntary Filing Program (VFP).

The SEC’s Proposed Rule on interactive data (XBRL), page 63, states:

We expect that each filer would be in the best position to determine the appropriate manner in which to assure the accuracy of the interactive data it would be required to submit and the viewable interactive data that would result. We also expect that software providers and other private sector third parties would help develop procedures and tools to help in that regard. As an adjunct to those private sector efforts, we plan to make available to filers, on an optional basis, the opportunity to help assure accuracy by making a test submission with the Commission or using software we provide to create viewable interactive data.

Basically, the SEC is saying that it is up to the filer to determine the level of assurance that they require, thus being able to say to the markets that XBRL does not require assurance; therefore, the unknown expenses associated with an audit are not the responsibility of the SEC to estimate.

What Assurance Might Look Like

I don’t represent any accounting or auditing firm, but I did spend four years as an active member of the AICPA and XBRL International working groups on assurance and XBRL. Contributing to these discussions and the outputs of these two groups leads me to the following thoughts.

Auditors will include the XBRL instance documents that will be provided to the SEC as part of their audit scope.  They will, for the first year or two, struggle with the concept of materiality.  What is material in the XBRL world?  The mistagging of a piece of information might be material if it influences the analysis of reported information.

Companies should expect the auditor to begin by including the processes that exist to create the XBRL version of the financial statements (and footnotes) as part of the SOX 404 internal controls review.  This should be an insignificant addition to the overall audit.

With regard to the stability of the XBRL mapping, there is an assumption today that — once a company has created a template for tagging their financial statements (having mapped all financial statement line items to their respective XBRL elements) — there should be few changes to the tagging in future periods.  However, a company may choose to change their tagging; as such, a change of tagging between periods, while it may be perfectly accurate XBRL, may raise auditor flags, and therefore become “material.”

So, should the auditor look at every financial statement element and confirm the choice of XBRL taxonomy element? Well, if every line item on a financial statement was checked to source, this would impose a significant burden on the auditor and company.  Would any change to the default XBRL element labels to reflect the actual labels or line item titles used by the filer constitute a material change worthy of review? Will all changes to the presentation order or calculations be considered “material”?

There will be many different answers, and we should expect to see auditors determining how they will perform their sampling of which elements they will review in detail. As a rule of thumb, companies should expect that all company-specific extension elements will be treated as material, and the requirement for the extension will need to be documented by the company. Discussions within the various XBRL assurance working groups seemed to arrive at a consensus that where a company creates an extension element instead of using an existing taxonomy element that represents the same accounting principle, such extension elements would “cause a problem for the auditor” and may impact the auditor’s willingness to provide a clean opinion.

Auditing of XBRL will happen, and companies should take the opportunity presented by the lead-in time before XBRL is mandatory to ensure that their assurance provider is as ready as they will need to be.

So what should companies do? First, they should ask their auditors early in the process to explain exactly how they will be including XBRL in their audit, and the expected impact that this will have on overall audit cost and activity. Then, they should ensure that the auditor is able to clearly provide them with a list of all information that will be required to make the audit of the XBRL as smooth as possible. The only caveat is that the auditor cannot participate in any of the XBRL creation or tagging choices made by the company.

Auditing of XBRL will happen, and companies should take the opportunity presented by the lead-in time before XBRL is mandatory to ensure that their assurance provider is as ready as they will need to be.