View
34
Download
0
Category
Preview:
DESCRIPTION
Communicating Assurance on XBRL-Tagged Reports to the SEC: Challenges and Opportunities. Eric E. CohenPwC Roger Debreceny University of Hawai’i at Mānoa Stephanie FarewellUniversity of Arkansas at Little Rock Saeed Roohani Bryant University. Setting the Stage. - PowerPoint PPT Presentation
Citation preview
Communicating Assurance on XBRL-Tagged Reports to the SEC:
Challenges and Opportunities
Eric E. Cohen PwC
Roger Debreceny University of Hawai’i at Mānoa
Stephanie Farewell University of Arkansas at Little Rock
Saeed Roohani Bryant University
Setting the Stage• This is a non-theoretical paper. There are no hypotheses.
As a matter of fact there isn’t even a single solution in the end.
• We are interested in providing a discussion of a potential problem and moving towards a solution.o Should we be proactive or reactive?
• The problems discussed pre-date XBRL.• Who thinks all managers are honest in financial reporting?• Who knows the movie Rogue Trader?
o What did Nick Leeson do when the auditors wanted a non-existent client confirmation?
• Does electronic communication of financial information change the risk of deception?
• If we can ensure the integrity and security of the instance document and the assurance report we can improve the consumption of financial information.
Prestigious Company
Two Obvious Interconnected Tracks
Management’s
Assertions (e.g., the financial
statement)
The Auditor’s Message (e.g., the auditor’s report)
“Mutually exclusive” goals• Maintain clear separation for responsibility and
authentication• Make inseparable so stakeholders get complete
message
Q: When Is a …… door not a door?A: When it’s ajar.
… Financial Statement not a document?A: When it’s digital.
http://pcaobus.org/Standards/Auditing/Pages/AU9550.aspx
E-Reporting and the AuditorIn March 1997[1], the AITF issued its interpretation
of AU 550 in the Journal of Accountancy, stating 'that electronic sites (including Internet sites) are a means of distributing information and are not "documents" as that term is used in SAS No. 8. Thus, auditors do not have an obligation pursuant to SAS No. 8, to read information in electronic sites or to consider the consistency of other information included in electronic sites with the original documents.' [1] http://www.aicpa.org/members/div/auditstd/opinion/apr97_3.htm
The interpretation is TO THIS DAY a PCAOB interim standardhttp://pcaobus.org/Standards/Auditing/Pages/AU9550.aspx
Management’s Assertions (e.g., the financial statement)
The Auditor’s Message (e.g., the auditor’s
report)
The chair of that committee, John L. Archambault, reported on its deliberations in CPA Journal, November 1999
Issue 1: What was the basis for the conclusion reached in Interpretation #4 to SAS No. 8, Other Information in Electronic Sites Containing Audited Financial Statements?
Discussion: On a given website, there may be no clear boundaries between the audited financial statements and other financial or nonfinancial information. Not only can a website include a substantial amount of information generated by the company (i.e., about products, employment, and nonfinancial data) but, through hyperlinks, it can also include information from outside sources. This information may also be continuously changing.
It is not only impractical, but almost impossible for an auditor to access all of the information that is on or linked to a client's website. This is analogous to the auditor attempting to access all of the client's internal information, reports, or documents and all external information about the client from other sources. Thus, under SAS No. 8, a website is not considered to be a "document" as that term is used in AU section 550, and an auditor is not required to read the information on a website or to consider whether it is consistent with information in original documents. Management’s
Assertions (e.g., the financial statement)
The Auditor’s Message (e.g., the auditor’s report)
What does the SEC have to say about XBRL
Assurance?• No audit of the instance document is required• The audit report on the financial statements
cannot be tagged
SEC: Auditor Involvement in XBRL
• We note that issuers can obtain third-party assurance under the PCAOB Interim Attestation Standard—AT sec. 101, Attest Engagements on interactive data, and can start and stop obtaining assurance whenever they choose.
• Although Rule 405 as adopted does not include a requirement that auditors’ reports be tagged, the rules do not prohibit issuers from indicating in the financial statements (such as in a footnote) the degree of auditor involvement in the tagging process. Accordingly, we believe that an issuer can make clear the level of auditor involvement or lack thereof in the creation of the interactive data exhibit. Management’s
Assertions (e.g., the financial statement)
The Auditor’s Message (e.g., the auditor’s
report)
Quiz Question:
What is envelope theory?
US SEC and Electronic Disclosure
• 2000 – “Envelope Theory”
• 2007 – disclosure on Corporate Web Sites
• 2009 – Audit on XBRL ok – but no audit report
• 2013 – Twitter and social media suitable for disclosures
http://www.sec.gov/rules/interp/34-42728.htm May 1, 2000
Sticking Your Neck Out
Do you want to lead or follow?
Historical Examples of XBRL Assurance
• BDO Spain and Software AG Spain• PwC and UTC, WR Grace under SEC VFP• Deloitte NL and EY NL auditor report with hash• Deloitte NL/EY NL and EY NL/BDO NL with digital
signature
W. R. Grace under PCAOB Staff Q&A
http://sec.gov/Archives/edgar/data/1045309/000110465907086296/0001104659-07-086296-index.htm
Is the auditor associated with this set of XBRL documents? Have they provided an auditor’s report?
Display on EY NL Web Site
http://www.ey.com/NL/nl/About-us/XBRL-financial-statements-and-sustainability-information
BDO Assurance Report
Potential Solutions for Ensuring Integrity and
Security
This represents the examples we just examined.
Document Level Assurance Report on Client Website (5)
Document Level Assurance Report: Document Level Assurance Report on Client and Auditor Website (6)
Document Level Assurance Report:XLink Identification of Covered Facts (7)
Document Level Assurance Report:XLink Identification of Covered Facts
(8)
Document Level Assurance Report XLink Identification of Covered Facts
(9)
Item Level Assurance Report XLink Identification of Covered Facts Quasi- or Real-time Management Context (10)
Communicating Assurance: Human
Interaction
Fool-proof Agreed-Upon User Interface
Search for: XYZ Corp. financials
Financials for XYZ Corp
Balance Sheet
Income Statement
Performance metrics
More info at www.xyzmgmtinfo.com
http://assuredfinancials.iasc.org.uk
Key:Assurance provided No assurance provided
Signature check: Company CPA
Certified repositories or data sources
Best practices data searches
Color coding or other tool to
highlight whether
assurance is provided.
Digital signature
check: green is clear, yellow is questionable,
red is bad.
Why Yello? e.g., firm
checks ok; signer is not on
file …
Call to action
Inline XBRLChanges the game but doesn’t eliminate the problems
• We have audited the financial statements of ABC BERHAD, which comprise the balance sheets as at 30 June 2009 of the Group and of the Company, and the income statements, statement of changes in equity and cash flow statements of the Group and of the Company for the year then ended, and a summary of significant accounting policies and other explanatory notes, as set out on Pages XX to XX.
• Directors’ Responsibility for the Financial Statements • The Directors of the Company are responsible for the preparation and fair presentation of these financial
statements in accordance with Financial Reporting Standards and the Companies Act, 1965 in Malaysia. This responsibility includes: designing, implementing and maintaining internal control relevant to the preparation and fair presentation of financial statements that are free from material misstatement, whether due to fraud or error; selecting and applying appropriate accounting policies; and making accounting estimates that are reasonable in the circumstances.
• Auditors’ Responsibility• Our responsibility is to express an opinion on these financial statements based on our audit. Except as described
in the Basis for Qualified Opinion paragraph below, we conducted our audit in accordance with approved standards on auditing in Malaysia. Those standards require that we comply with ethical requirements and plan and perform the audit to obtain reasonable assurance whether the financial statements are free from material misstatement. An audit involves performing procedures to obtain audit evidence about the amounts and disclosures in the financial statements. The procedures selected depend on our judgment, including the assessment of risks of material misstatement of the financial statements, whether due to fraud or error. In making those risk assessments, we consider internal control relevant to the Company’s preparation and fair presentation of the financial statements in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control. An audit also includes evaluating the appropriateness of accounting policies used and the reasonableness of accounting estimates made by the directors, as well as evaluating the overall presentation of the financial statements.
• We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit opinion.Qualified Opinion
In our opinion, except for the effects of the adjustments on the financial statements, if any, as mentioned in the preceding paragraph, the financial statements have been properly drawn up in accordance with Financial Reporting Standards and the Companies Act, 1965 in Malaysia so as to give a true and fair view of the financial position of the Group and of the Company as at 30 June 2009 and of their financial performance and the cash flows for the financial year then ended.
Qualified Opinion In our opinion, except for the effects of the adjustments on the financial statements, if any, as mentioned in the preceeding paragraph, the financial statements have been properly drawn up in accordance with Financial Reporting Standards and the Companies Act, 1965 in Malaysia so as to give a true and fair view of the financial position of the Group and of the Company as at 30 June 2009 and of their financial performance and the cash flows for the financial year then ended.
Microformat Audit Reports and AssociationFinancialStatement(HTML)
Auditor’s Report(HTML)
Assembler
XBRL Instance
Take-aways• It’s an old issue that is finally at fruition: what is
the risk to the profession if we don’t get it right• XBRL exacerbated the problem but can help
resolve it• Solving the problem enhances the consumption
and reliability of financial information across multiple constituents
Conclusions• Need for formal evaluation• Need for market discussion and collaboration• Need for prototypes• Need for technical, legal and professional guidance
and change• Evolutionary process … (WhatsApp exceeds Twitter)• Need agile solution
Contact author:roger@debreceny.com
Questions?
Recommended