Skip to content

Audit XBRL?

With approximately 15,000 unique US GAAP Taxonomy Elements, any mapping of company financial data is almost guaranteed to have errors in it. Errors in instance documents are detrimental to “telling the company story” to the SEC, investors and the public. How can we mitigate against these potential errors? How can we be sure that we are managing the XBRL mapping process appropriately?

Managing the mapping process is even more difficult if the mapping process is outsourced. An outside provider might have a better understanding of taxonomy elements and there specific meanings, but it is very unlikely that they would possess the in depth knowledge that you have about your company’s financial amounts and how they were derived.

The mappings between company data and taxonomy elements are persistent making accuracy even more important. In other words, once a business or financial fact is mapped to a taxonomy element, the mapping generally doesn’t change. So generally speaking, mapping or tagging data is a one-time activity and is never repeated. There are exceptions to persistent data mappings. For example, if a new line item is added to a financial statement, the new line item would need to be mapped to the appropriate taxonomy element. Other exceptions that may require modifying a mapping could include the issuance of a new US GAAP taxonomy where an element previously used was deleted or discovery of a mapping error that needs correction.

With the persistence of taxonomy mappings and the importance of communicating the correct message about company results, it is clear to see why accurate taxonomy mappings are so important. How then shall we manage the mapping process? First, like accounting and finance processes, mapping data to taxonomy elements is a business process. Thought should be given to how the process is designed, who has what authority and where are approvals needed along the way. Controls need to be in place and key controls need to be identified, documented and tested to maintain SOX compliance. System controls should also be considered such as login authorities, change controls and version controls. Internal audits should be performed and attestations by external providers should be considered (especially after the limited securities law liabilities are phased out at the end of two years of XBRL utilization)

Whether you outsource the XBRL process to a third party or perform the processes internally within your company it is clear that a well designed XBRL process involves internal controls to provide satisfactory comfort that XBRL is accurately communicating the proper financial results for you company.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: