The Case for “Sticky” Assurance

: on 27 November 2019

Twenty-one years ago, the U.S. Securities and Exchange Commission began the first of a series of “Internet Securities Fraud Sweeps”[1], bringing enforcement actions against individuals and companies across the United States for committing fraud over the Internet and deceiving investors around the world. The SEC’s Cyber Fraud website[2], set up as part of those sweeps and last updated in 2011, sounds as relevant today as it was then – especially when applied to cryptocurrencies.

I did not think that XBRL was going to be a solution to every problem; “pump and dump” and spam or most of the other exploits go beyond the domain. There was, however, one issue I hoped XBRL could make better: providing trust to the reader when corporate reporting data is included in a later report. This is the item I listed in my August blog entry of as yet unfulfilled goals for XBRL:

Setting data free; creating that “gossamer thread” so reported and assured facts can be traced from later re-publication back to some original source, including audit documentation

As an investor, you see a number on the Internet about a company’s performance.

Now you want to do some due diligence. You use your favorite search engine to try and find that company’s web site. You look for the investor relations pages. You try to find an entry or report that substantiates the information. You are probably interested in whether there is any additional context necessary to better understand it. (The old “numbers can jump when the company is a going concern” concern.)

Is the relevant report audited? By whom? With what opinion?

What if a number on a web page contained an unambiguous cross-reference back to its original, authoritative source with instantaneous access to necessary contextual information? That’s the goal.

Here’s what I wrote in 2007[3] for the World Wide Web Consortium on the topic:

The Case of the Sticky Assurance

An investor sees a press release with the quarterly sales results from a company they have considered investing in. The numbers look very promising; are they too good to be true? Are they what the company reported?

In the past, the investor would choose some more "authoritative" sources to verify the number. They would go to the EDGAR system and search for a filing from the company. Alternatively, they would try to find the investor relations section of the corporate web site to also look for the filing.

In the new authentic XBRL environment, the investor right-clicks on the number to see if there are any assurance attributes that have been provided. Indeed, the fact does have assurance attributes (as well as links to some analyst reports). The investor clicks to see that the number was drawn from the 10Q filed with the SEC (with the ability to drill to the text on the EDGAR site or to load the XBRL version of the 10Q into their [XBRL-enabled] spreadsheet). They can also see instantly from the signatures on the facts that the facts were signed by management and the external auditor, the level of assurance the auditor provided on the XBRL representation of the facts (either individually or pointing to the original document from which the individual fact was drawn) and also see the type of assurance that was provided on the source document represented by the XBRL document.

[1] https://www.sec.gov/reportspubs/investor-publications/investorpubscyberfraudhtm.html

[2] https://www.sec.gov/reportspubs/investor-publications/investorpubscyberfraudhtm.html

[3] http://www.w3.org/2007/xmlsec/f2f-2007-11-08/BusReq_711072.pdf

Comments

No comments found

Forum Recent Posts

Data Driven Sustainability Decisions

Tuesday, 03 May 2022

Gerald Trites, FCA, CISA

While companies have traditionally viewed sustainability decisions as separate from monetary decisions, this is changing. It’s partly because of generational changes, with millennials now being the largest component of the workplace and partly considerations driven by customer demand, investor demand regulatory requirement and common-sense observation of the destruction caused by climate change. Compelling reasons.

Companies have been moving more clearly to data driven decision making for several years. So it makes sense they would turn to data to drive their decisions in the sustainability area.

To accomplish this, they need to first define their sustainability goals. This usually begins with industry trends and information from stakeholders about their sustainability concerns and the development of a sustainability strategic plan. Second, begins the process of data modelling and analysis drawn from internal and external sources. Many organizations have well defined data gathering processes already in place, but these need to be modified to take into account sustainability goals. Finally, the adoption of data driven sustainability decision making requires the adoption of AI techniques to automate data gathering, modelling and reporting functions.

Established enterprise systems are moving in this direction, the availability of which, as well as their compatibility with existing systems, is an important consideration.

Overall, a creative combination of data management, analytics, AI and integration of sustainability processes with established corporate processes are crucial to a successful outcome – the creation of a truly sustainable enterprise.

How All Accounting Reports Will be Digitized

Thursday, 31 March 2022

Gerald Trites, FCA

The SEC was the major regulatory body that got the ball rolling in 2009, when it mandated rules for the use of the interactive data format (XBRL) for public company financial statements. Then several other countries and organizations got on the band wagon. There was a relatively quiet period for a few years, when the new electronic form of reporting seemed stalled. But then the EU stepped in and began requiring their ESEF filings in 2021. That meant most of the major companies in the world were using digitized reporting.

For regulators and governments, digital filing of reports has been an opportunity to streamline the processing and analysis of the reports. Users such as investors, on the other hand, have often been unsure about what to do with these reports.

The fact is, much attention has been given in recent years to the production of digital reports, but very little given to their consumption. True, there are utilities that can be purchased to enable people to read reports in digitized form, the SEC provides such a one, and the recent moves to inline XBRL mean the reports can be read in the conventional way, (ESEF is a variation on inline XBRL). But most of these attempts to render digital reports readable cater to the idea of sequential reading in the conventional sense. Most people do not read this way, unless perhaps they are reading a novel. When they want information, they tend to go to that information as fast as they can. This is the standard approach most people follow in using the internet. People don’t read the internet. Nor generally do they read a corporate website from beginning to end. That would be bizarre!

But yet, we provide annual reports in paper or PDF form, which extend to around 150 pages and often more, of difficult, often technical, material and expect people to read them. It doesn’t happen. Professional analysts might, but they are more likely to employ analytical tools to get the information they need.

There is an excellent article on the website of the International Federation of Accountants (IFAC) by Amir Ghandar, titled “The Accounting Revolution Will Be Digitized”.^[1] In that article, Mr Ghandar points out that “A 2D, static annual report format in paper or pdf is not that different to the papyrus on which Egyptian scribes reported on the royal inventories more than 7,000 years ago.”

Much more than this is needed in the modern world. Technology and complexity have advanced tremendously and the style of reporting needs to keep pace.

Two areas need further work. One involves the steps necessary to encourage legislators and regulators in countries to adopt digital reporting. While a majority of countries have adopted it, there is still a number who haven’t. Then there is the need to take the steps to change digital reporting to make it more understandable and usable to the users. This means providing the resources for them to actually draw out the data they want. These resources need to be made available along with the reports themselves. Some companies in their websites have started doing this, through the provision of data banks and some analytical tools, however it needs to become commonplace and much more powerful and sweeping.

Developing this approach to corporate reporting requires interaction and discussion between corporate reporters and users, regulators and standards-setters to address the issues.

Those issues involve more than figuring out how to present digital information and how to use it. It involves determining what information to present, how to present it and when. It involves looking back at the basic tenets that have ruled accounting since its beginnings. The need for annual and other periodic reports. Can they be continuous? Can we eliminate the need for those pesky annual accounting judgements that cause so much trouble? Can we include the tools for analysis within the disclosures rather than relying on the software industry to deliver them? This cannot be accomplished within paper or pdf reports, but rather on the corporate websites. Most companies have moved their reporting to their websites. But they generally have ported over the old paper paradigm, rather than seriously adopting new and innovative ways to report in the information age. It’s well past time we did that.

https://www.ifac.org/knowledge-gateway/contributing-global-economy/discussion/accounting-revolution-will-be-digitized

^[1] https://www.ifac.org/knowledge-gateway/contributing-global-economy/discussion/accounting-revolution-will-be-digitized

ThinkTWENTY20