control, and governance
Although more organizations around the world are using XBRL, many internal auditors are still unaware of the benefits this markup language for the electronic communication of business information has to offer.
Keeping up-to-date with the latest audit and reporting techniques can be daunting. As a result, internal auditors may miss out on key developments that can provide substantial benefits not just to them, but to the organizations they work for. Such is the fate of XBRL in the internal audit community. Although the benefits of XBRL — which stands for extensible business reporting language — have been well reported and documented by various publications and Web sites (refer to the Additional Resources section of this article), many internal auditors are still unaware of what XBRL is, how it works, and how it can benefit their work.
WHAT IS XBRL?
According to XBRL International, a consortium of more than 500 companies and agencies worldwide that build XBRL and promote and support its adoption, XBRL is a language that helps organizations prepare, analyze, and communicate business and financial information electronically. "I always tell people that XBRL is three things," says Eric E. Cohen, XBRL technical leader for PricewaterhouseCoopers (PwC) and one of the original founders of XBRL. According to Cohen, XBRL is:
"XBRL is an Internet-based information standard that enables a seamless flow of information within the entire business reporting supply chain, both for private and public organizations and for internal and external reporting," adds Mike Willis, a partner with PwC and the founding chairman of XBRL International. "It can also be customized for unique situations and reporting concepts. Because it is a standard, it allows information to be more easily accessed for comparative purposes."
Originally, XBRL was created to help companies save costs and streamline their processes for collecting and reporting financial information. "XBRL was developed because it was too hard — actually it was nearly impossible — to take information from a financial report and reuse it," says Charles Hoffman, director of industry solutions and financial reporting for XBRL software provider UBmatrix, who is considered by many as the founding father of XBRL. "By getting global agreement on the different taxonomies, XBRL enables organizations to exchange financial information without any problems." Consumers of financial data, including investors, analysts, financial institutions and regulators, can receive, find, compare and analyze data much more rapidly and efficiently if it is in XBRL format.
In the United States, the use of XBRL has been championed by the U.S. Securities and Exchange Commission (SEC) under the leadership of Chairman Christopher Cox. In September 2006, the SEC allocated US $54 million to upgrade the agency's public company disclosure system from a form-based electronic filing cabinet to a dynamic, real-time search tool with interactive XBRL capabilities. This upgrade has enabled companies to report their financial information to the SEC on a voluntary basis using XBRL. Regulatory agencies that have already mandated the use of XBRL in the United States include the Federal Deposit Insurance Corp., the Federal Reserve, and the Comptroller of the Currency. As of 2006, more than 8,200 U.S. financial institutions were using XBRL to submit quarterly reports to banking regulators.
XBRL use around the world is also widespread. Besides the United States, countries where XBRL projects are being actively implemented include Australia, Belgium, China, Germany, Italy, Japan, Korea, The Netherlands, Singapore, South Africa, Spain, Sweden, and the United Kingdom. The Bank of Spain, for instance, developed an XBRL-based Financial Information Exchange System, while in The Netherlands, the Dutch Ministry of Finance is using XBRL to present the country's national budget to large audiences in an interactive and transparent way. (For more information on how XBRL is being used around the world, visit www.xbrlwiki.info/index.php?title=XBRL_PROJECTS and www.xbrl.org/CaseStudies/.)
However, XBRL can be used for more than just financial reporting. "That's a common misconception," Hoffman emphasizes. "A lot of the use of XBRL has been regulator-driven by the finance sector, but there's just as much of a business case for organizations to use XBRL for internal purposes. As the name implies, XBRL can be used for all kinds of business reporting."
Many companies, particularly those that grew through acquisitions or mergers, need to exchange information from application to application in an easy way. "By tagging data, XBRL allows this exchange of information to become seamless," explains Glen Gray, Ph.D., a professor in the accounting and information systems department with California State University at Northridge and a member of XBRL International. "Therefore, if the entire organization tags their information in the same way, it becomes a lot easier to find this information, download it, and use it."
In addition, many organizations already have a variety of XML initiatives to move data from one place to another. For these companies, using XBRL can be seen as an extension of XML. "XBRL is XML — it represents a very specific and standard way of using XML so the learning curve isn't steep if the organization is already exchanging data with XML," Gray says. For example, an organization that uses XML to tag data online has to decide how to name each information element (i.e., Company A could use net income while Company B uses net.income when tagging the same information). As a result, the tags used could present problems when consolidating data or when exchanging information from one company to another because they are named differently. However, XBRL provides a standard way of tagging information so each company uses the same tag, say net income, for the same information. "By tagging the XML data in a standard way, XBRL enables companies to more effectively consolidate internally and externally different subsidiaries into one set of statements," Gray adds.
How It Works
The concept of XBRL is simple. Instead of treating information as a block of text, such as a printed document, XBRL provides an identifying tag for each individual information element that can be read by any computer (e.g., "company net profit" has its own unique tag). XBRL tags enable automated processing of business information by computer software, which cuts manual data re-entry and comparison activities. This enables computers to recognize the information in a XBRL document, select it, analyze it, store it, exchange it with other computers, and present it automatically to users in a variety of ways. Hence, XBRL expedites the handling of business information, reduces errors, and permits automatic checking of information.
As mentioned previously, XBRL consists of:
Understanding the XBRL Global Ledger
The XBRL Global Ledger (GL) taxonomy is used to represent data from a transaction, such as an invoice, purchase order, or check, and follows that information as part of the business reporting process as data gets entered into a subsystem and moves from a transaction to a journal entry, from a journal entry to a trial balance, and finally to an end report.
"XBRL is about the standards used to improve the process of collecting and preparing data to improve end reports. This is where XBRL GL comes in," Eric E. Cohen explains, the major driving force behind the creation of XBRL GL. "Right now, companies use proprietary middleware or custom interfaces to move data along the audit information supply chain. With XBRL GL, there is a standard, holistic, generic data model available to represent that data."
A good example of how XBRL GL can act as a data hub for the use of consuming applications was the implementation of XBRL GL by Wacoal Corp. (PDF), an apparel manufacturer and marketer in Kyoto, Japan. Wacoal used XBRL GL to improve the quality of financial data available to key decision makers and streamline the financial reporting cycle by connecting its 32 independent legacy applications in a seamless data flow. Other examples of XBRL use in the private sector include Microsoft Corp.'s tagging of financials and footnotes in XBRL and United Technologies Corp.'s participation in the U.S. Securities and Exchange Commission XBRL Voluntary Filing Program.
BENEFITS OF XBRL
XBRL enables organizations to share data electronically in a secure and trusted manner. "This means organizations don't need to worry about data conversions or supplying data to others who would then try to interpret it," explains Peter Millar, director of product marketing for ACL Services Ltd. and a member of XBRL International. "Data errors can be introduced whenever there is a data conversion process. However, if there is a trusted, standardized way to share information electronically, data corruption risks or losses are decreased, which, in turn, increases data integrity when sharing information." As a result, XBRL allows organizations to securely share electronic data by using a specific taxonomy, thus reducing data conversion risks.
Besides streamlining the data exchange process and reducing data conversion risks, XBRL benefits internal auditors in their day-to-day work. "Organizations need to accumulate data from different business units," Millar continues. "When data is sent to the internal audit department in a standardized format, the work of internal auditors is streamlined, thus enabling them to dive into their work as opposed to spending a lot of time with data imports and conversions and trying to rationalize data from different sources."
According to both Willis and Cohen, one of the reasons XBRL was developed was to enhance the flow of information throughout the business reporting supply chain. "There are many pervasive supply chain problems that exist today due to the lack of an open information standard and the reliance on proprietary formats to exchange information between parties," says Willis. These problems include:
"XBRL enhances the work of internal auditors by addressing these pervasive information problems and enabling them to do more at a lower cost," Willis adds. For instance, XBRL allows auditors to:
In addition, XBRL enables internal and external auditors to review business information from remote locations. "Imagine that you are an auditor working for the Federal Deposit Insurance Corp., which regulates banks all across the U.S. and you get a report that states something is wrong with a bank," Hoffman explains. "Instead of sending the auditor on a plane ride, he could simply get more information about the report online by accessing the information electronically via a Web service."
To learn more about XBRL, auditors can visit the following Web sites or read the articles listed below:
XBRL also can be used to overcome many of today's audit and control problems, reducing the risks associated with manual entry and re-entry of information, increasing integration, and permitting the use of centralized and standardized rules and tests. "With XBRL GL, auditors can pull information from disparate systems in a single standardized form, potentially in real-time, which simplifies the audit process and enables auditors to review more data in more detail and more frequently," Cohen says.
XBRL is a markup language for the electronic communication of business information that streamlines the process of sharing data from one application to another or from one business unit to another. "XBRL was developed because it solves the problem of data transfer among different applications both internally and externally," Hoffman comments. "Therefore, organizations should use XBRL if they want to do something better, faster, or cheaper than what they are doing right now."
A major misconception is that XBRL has to be implemented by the IT department. As Hoffman explains, "XBRL is a business tool. There is no reason why an internal audit department can't experiment with new prototypes. That's how people check things out and see if they are worthwhile." Therefore, auditors should use XBRL to determine if it is beneficial to their work. "Auditors first need to understand XBRL," concludes Gray. "Once auditors understand how it works and its benefits, they can form the business case for its use."
Taking this first step will enable auditors to enhance the way business information is accessed, shared, and reported. "Internal auditors should see XBRL as an opportunity to reduce the risks associated with the misinterpretation of information and to make organizations more efficient. This will help them to add value to the organization and become agents of change," Millar concludes.
COMMENT ON THIS ARTICLE
Internal Auditor is pleased to provide you an opportunity to share your thoughts about the articles posted on this site. Some comments may be reprinted elsewhere, online, or offline. We encourage lively, open discussion and only ask that you refrain from personal comments and remarks that are off topic. Internal Auditor reserves the right to edit/remove comments.