Xbrl and the Sec Interactive Data Mandate

Attesting Adios! Airways’ XBRL Filings:
A Case Study on Performing Agreed-upon Procedures

Case Background

XBRL and the SEC Interactive Data Mandate

The eXtensible Business Reporting Language (XBRL) provides a foundation for organizations to report their business activities on the Internet. XBRL works by tagging facts in the business reports to a common taxonomy, or dictionary of terms. XBRL means that users of business reports, such as financial statements, can automatically extract key information from the reports without having to undertake expensive analysis and rekeying into databases. XBRL ensures that the meaning of the information is unambiguous. XBRL enhances transparency for investors and other stakeholders. In 2009, the Securities and Exchange Commission mandated that corporations and mutual funds make key filings with the Commission in XBRL.^[1] Their interactive data mandate was the most important change in the disclosure environment in the US in nearly two decades. Over a phase-in period of four years, SEC filers transition their financial filings into XBRL, for corporations and reports on risks, returns and administrative matters for mutual funds. In the initial stage of the interactive data mandate, corporate filers submitted only their financial statements fully tagged in XBRL, with the notes and additional disclosures tagged only at the level of the complete note (“block tagged”). In the second year, the program requires tagging of the full details of the individual facts in the notes and the additional disclosures.

The SEC included a number of rules and processes to ensure the quality of XBRL-tagged filings submitted to the Commission.^[2] Chapter 6 of the Commission’s EDGAR Filing Manual (EFM) has a series of technical reporting rules including many that are specific to XBRL (SEC 2009a). The SEC periodically updates the EFM. The Commission implements some of these rules in software validation – as the corporation files with the SEC, software checks that the report correctly meets those rules that can be checked automatically. There are many rules in the EFM that the SEC cannot validate automatically. Further, even if an instance document meets all the rules of the EFM and validates correctly, it may still be incorrect. If a corporation maps the value of the item “Cash and Cash Equivalents” in the Statement of Financial Position to the XBRL taxonomy element “Inventory,” the instance document will validate and meet the rules of the EFM, but still be incorrect.

Demand for Voluntary Attestation on SEC Filings

In the USA and internationally, current auditing standards do not encompass the XBRL version of the financial statements – the audit is limited to the printed report, even if most often these printed reports are transmitted across the Internet in Adobe Acrobat format. The SEC does not require audited XBRL filings. However, corporations and mutual funds filing with the SEC may voluntarily seek assurance on their XBRL filings.^[3] There are several reasons why filers might seek attestation of their XBRL filings with the SEC. First, there are the risks associated with the very nature of the XBRL reporting process itself. The XBRL filings are some of the most important disclosures that a firm makes. XBRL data is designed to be readily visible, any mistakes will quickly be evident to journalists, investors and financial analysts. It is one thing to have a fact reported on, for example, page 210 of a 300-page document. It is entirely a different situation if investors, analysts, journalists and other stakeholders can quickly pull that fact from the EDGAR XBRL filing. Apart from the responsibility the corporation has to the SEC for correct reporting, there are considerable reputational risks at stake.

Second, there is the inherent complexity of financial reporting. There are many hundreds of facts in a standard 10-K annual financial report. These include the line items in the financial statements, text in disclosures such as accounting policies and the numeric and monetary facts in the various notes. When a company first reports in the XBRL format, they must align each of these facts in their existing reports to the taxonomy. Second, financial accounting standards and regulations from several regulatory organizations set out a variety of standard disclosures. These disclosures provide the foundation for many of the tags in the US GAAP taxonomy.^[4] There is, however, a good deal of variation between companies, even within the same industry. Often, there will not be an exact match between the financial statements and the taxonomy. The US GAAP taxonomy is a generic dictionary of accounting and business reporting concepts, albeit with many elements for different industries. A corporation is reporting the reality of their particular industry and circumstances. Lining up the corporation’s own reports with the US GAAP taxonomy requires knowledge of accounting standards and various regulatory requirements. Accountants must exercise considerable judgment.

Third, there are the issues of reporting the facts in the XBRL report, known as an instance document. Have all the facts been correctly moved from the existing accounting system to the instance document?

Fourth, the US GAAP taxonomy and the SEC interactive data rules allow firms to adjust their XBRL filing to accommodate their industry-level or firm-level differences.^[5] They do so by extending the US GAAP taxonomy.^[6] These extensions may replace or adjust existing concepts within the taxonomy or introduce new concepts into the taxonomy. Each time a corporation extends the base taxonomy there are several issues. Is there a need to extend the element? Has the correct taxonomy been used? Is the new element included in the correct calculations and presentations?

The fifth issue is the management of the XBRL instance document business process. As with any business process, the firm must employ appropriate controls to mitigate the risks inherent in the process. In some firms, production of the XBRL instance documents takes place in the Controllers’ office. In others, the information systems function will produce the instance documents on behalf of the Controller’s office. Given the specialist knowledge required to produce XBRL documents, some firms will employ consultants who fully understand the requirements of the XBRL standard and the many rules set out in the SEC’s EDGAR filing manual (Garbellotto 2009a, 2009b, 2009c). Each of these alternatives has its own set of risks that must be subject to appropriate controls. For example, staff in the Controller’s office may have excellent knowledge of the business and accounting concepts and reporting requirements but have only very limited understanding of the technical complexities of XBRL. Accountants faced with the detailed rules of the EDGAR filing manual may throw up their hands in desperation.

...