ThinkTWENTY20
  • HOME
  • ERIC'S BLOG
  • FORUM
      • Hey! What's New?
  • ABOUT US
  • CONTACT US
  • REGISTER
      • ThoughtLeader Gateway

The Case for “Sticky” Assurance

on 27 November 2019

Twenty-one years ago, the U.S. Securities and Exchange Commission began the first of a series of “Internet Securities Fraud Sweeps”[1], bringing enforcement actions against individuals and companies across the United States for committing fraud over the Internet and deceiving investors around the world. The SEC’s Cyber Fraud website[2], set up as part of those sweeps and last updated in 2011, sounds as relevant today as it was then – especially when applied to cryptocurrencies.

I did not think that XBRL was going to be a solution to every problem; “pump and dump” and spam or most of the other exploits go beyond the domain. There was, however, one issue I hoped XBRL could make better: providing trust to the reader when corporate reporting data is included in a later report. This is the item I listed in my August blog entry of as yet unfulfilled goals for XBRL:

Setting data free; creating that “gossamer thread” so reported and assured facts can be traced from later re-publication back to some original source, including audit documentation

As an investor, you see a number on the Internet about a company’s performance.

Now you want to do some due diligence. You use your favorite search engine to try and find that company’s web site. You look for the investor relations pages. You try to find an entry or report that substantiates the information. You are probably interested in whether there is any additional context necessary to better understand it. (The old “numbers can jump when the company is a going concern” concern.)

Is the relevant report audited? By whom? With what opinion?

What if a number on a web page contained an unambiguous cross-reference back to its original, authoritative source with instantaneous access to necessary contextual information? That’s the goal.

Here’s what I wrote in 2007[3] for the World Wide Web Consortium on the topic:

The Case of the Sticky Assurance

An investor sees a press release with the quarterly sales results from a company they have considered investing in. The numbers look very promising; are they too good to be true? Are they what the company reported?

In the past, the investor would choose some more "authoritative" sources to verify the number. They would go to the EDGAR system and search for a filing from the company. Alternatively, they would try to find the investor relations section of the corporate web site to also look for the filing.

In the new authentic XBRL environment, the investor right-clicks on the number to see if there are any assurance attributes that have been provided. Indeed, the fact does have assurance attributes (as well as links to some analyst reports). The investor clicks to see that the number was drawn from the 10Q filed with the SEC (with the ability to drill to the text on the EDGAR site or to load the XBRL version of the 10Q into their [XBRL-enabled] spreadsheet). They can also see instantly from the signatures on the facts that the facts were signed by management and the external auditor, the level of assurance the auditor provided on the XBRL representation of the facts (either individually or pointing to the original document from which the individual fact was drawn) and also see the type of assurance that was provided on the source document represented by the XBRL document.

[1] https://www.sec.gov/reportspubs/investor-publications/investorpubscyberfraudhtm.html

[2] https://www.sec.gov/reportspubs/investor-publications/investorpubscyberfraudhtm.html

[3] http://www.w3.org/2007/xmlsec/f2f-2007-11-08/BusReq_711072.pdf

Leave a comment

    Comments

    • No comments found
    Powered by Komento
    Forum Recent Posts
    Digital Trust – A New Look at an Older Issue
    Tuesday, 20 September 2022

    The predominant method of connecting with others to conduct business transactions is now through digital means. In most cases, the actual people connecting don’t know each other and are operating amid a complex web of technologies, many of which they do not understand. As with any business transaction, there must be a degree of trust in order for the transactions to take place successfully. And even for the business to remain viable.

    The need for companies to address this situation strategically and operationally has led to the idea of Digital Trust. According to ISACA, “Digital trust is the confidence in the relationship and transactions among providers and consumers within an associated digital ecosystem. This includes the ability of people, organizations, process, information and technology to create and maintain a trustworthy digital world.”

    It was stated in a recent ISACA survey (Available at https://www.isaca.org/digital-trust/state-of-digital-trust) that “the top three most important components of digital trust according to the survey respondents are security, data integrity and privacy, but only half (50 percent) of respondents agree that there is sufficient collaboration at their organization among professionals who work in these fields.” At the same time, “85 percent of respondents say that digital trust is extremely or very important to organizations today, and 63 percent say that digital trust is extremely or very relevant to their job role, only 66 percent say that their organization prioritizes digital trust in line with its level of importance.”

    Clearly there is work to be done. It is generally agreed that the Directors and C-suite must drive the work. Then it must be carried out by a company wide network of people, including those responsible for security, data integrity and privacy. This in itself cuts across a broad swathe of company activity. But, as always, it’s important to note that digital trust must not be viewed as a technological activity but rather than one that must involve most elements of the organization.

    Companies are generally taking the area of digital trust more seriously than in the past. Some take specific measures to measure their level of digital trust maturity, using outside reviews by experts and/or established security-based frameworks.

    In this time of digital commerce, few business activities are more important.

    Web3 Blockchain is About to Skyrocket.
    Thursday, 15 September 2022

    According to Market Research Future, the value of the Web3 blockchain technology sector will exceed $6 trillion in 2023, and from 2023 to 2030, Web3 will expand at a CAGR of 44.6%.

    It’s seems clear where Blockchain is on the hype cycle. We already went through the initial hype. Then for many, the collapse of cyber currencies this year has brought on a trough of disillusionment. However, after that we have in the Gartner Hype Cycle a period of enlightenment, which may be represented by the Web3 phenomenon as well as a host of other emerging applications of Blockchain. Finally, the new technology settles into a period of productivity, when the usefulness of it is established and it is used in a growing and vibrant new field. This also seems to be where Web3 is taking us.

    The latest Newsletter from the Blockchain Council, available on linkedin, sets out the future of Web3 in more detail.

    ThinkTWENTY20 © 2022. Privacy Policy
    Login

    username / password