Wednesday, May 10, 2017

Deloitte urges SEC to clarify auditor’s role with respect to inline XBRL data

By Jacquelyn Lumb

Deloitte & Touche LLP, in a comment letter responding to the SEC’s proposal to require the use of the inline XBRL format for tagged data, complimented the agency for its leadership in adopting new technologies that assist investors with their analysis. Deloitte said the use of inline XBRL will improve the transparency of information for financial statement users, but offered a number of recommendations for the SEC’s consideration before it adopts a final rule.

Deloitte expects that some improvements may occur by combining HTML and XBRL filings, but the firm does not believe the proposal will significantly affect the quality of the underlying XBRL data or tagging, and will not ensure consistency and comparability. The firm explained that the quality of data is not a function of technology—it is dependent on strong internal processes and controls. Accordingly, concerns about the quality of the underlying data, including errors in tagging, will likely continue.

Guidance. Deloitte said the SEC may want to consider encouraging filers to use the guidance and validation rules issued by the XBRL U.S. Data Quality Committee to reduce errors in XBRL-formatted information. The SEC also may wish to consider whether interactive data should be incorporated into officer certifications or in Item 9a disclosures. Some companies voluntarily engage auditors to perform procedures related to XBRL, according to Deloitte. If additional assurance beyond these agreed-upon procedures is called for, Deloitte said the SEC should consider issuing interpretive guidance related to examinations or reviews, and additional standards regarding audit procedures would be required.

Assurance. Deloitte encouraged the SEC to work with the PCAOB and the auditing profession to ensure that assurance models evolve to meet the needs of financial statement users. The assurance may be in the form of stand-alone reporting or in an expansion of the scope of internal control over financial reporting to include the disclosure of the interactive data. The application of independent assurance procedures to the interactive data would build trust in the reliability of the information while improving consistency and comparability of tagged data, in Deloitte’s view.

Auditor’s role. Deloitte said it is essential that the auditor’s association with inline XBRL is clear to financial statement users. If the proposal is adopted, the data tags will be embedded in companies’ Form 10-K and 10-Q filings, Deloitte explained, and financial statement users may not understand that the data tags are not subject to the same audit procedures as financial statements and other information that accompanies the financial statements. The SEC should refine the proposal to avoid any unintended expectation gaps with respect to the auditor’s involvement, Deloitte advised.

Deloitte recommended that the SEC identify the parts of a filing that are considered the XBRL code so that financial statement users know which parts of the filing are subject to audit. The final rule should clearly state the auditor’s responsibility, or lack thereof, regarding XBRL, the firm advised. Deloitte also suggested that registrants be required to disclose that interactive data is unaudited, either in management’s disclosures about controls and procedures or in the footnotes or tagging headers.