XBRL and Financial Information Assurance Services

By Stephanie Farewell and Robert Pinsker

E-mail Story
Print Story
MAY 2005 - Because of recent financial reporting scandals, investors have become increasingly skeptical of company-released information. The reporting and reviewing of financial information is fraught with problems and inefficiencies. According to Forrester Research data from 2002, companies spent $404 billion paying workers to find and rekey information, representing 11% of all wages paid in the United States. According to the New York Post, the SEC reviewed only 16% of the 14,000 annual corporate filings in 2001, and it had not reviewed Enron’s annual report or corporate filings since 1997.


Extensible business reporting language (XBRL) is one technology that can increase accuracy, efficiency, and transparency in financial reporting. XBRL is a “tagging” language that has its roots in extensible markup language (XML), but is specifically designed for financial reporting. XBRL.org promulgates taxonomies (which represent a framework for financial information) through a due process system. In Europe, XBRL International (the overall group of XBRL members) worked with the International Accounting Standards Board (IASB) to ensure taxonomy compliance with the new International Financial Reporting Standards, which were released as an exposure draft on January 15, 2005.

XBRL is freely licensable. It is vendor, platform, and application neutral. Most accounting software is capable of exporting an XBRL-compliant instance document (the financial information). The instance document is readable by other systems using a free parser found on Microsoft’s website. For example, an instance document can be opened and its data manipulated in Excel, or, to extract data elements, an information consumer may develop custom stylesheets (which is a customized user interface that reads the XBRL data and formats it for the user).

XBRL can help ease investors’ skepticism through increased transparency in financial reporting. XBRL tags make it possible to transfer data in a format that enables quick, easy, and reliable analysis and distribution. Unlike more general technologies [e.g., hypertext markup language (HTML) and portable document format (PDF)], which simply display information, an XBRL instance document maintains the data context (e.g., reporting period and reporting entity), while being able to meet the needs of different information consumers.

XBRL has the support of an international coalition of regulators, software companies, corporations, and the Big Four. Examples of how XBRL is being applied are numerous. Most recently, the SEC has permitted corporate filings in XBRL. The Federal Deposit Insurance Corporation (FDIC), the U.S. Office of the Comptroller, and other federal government agencies are nearing the end of a $39 million XBRL implementation that overhauls the system of submitting and sharing bank call reports. Bank call reports to the FDIC are required to be submitted as XBRL-tagged instance documents as of the first quarter of 2005, which enables validations to be done at the bank level before the instance document is uploaded to the various bank regulators. Theoretically, the time it takes to make the call report information publicly available can be reduced from around 90 days to only a few days or less. Internationally, the European Union has granted to XBRL International €1 million over two years in order to spread the word regarding XBRL adoption.

XBRL and Assurance Services

A general perception is that the ability to provide third-party assurance is required for instance documents to be accepted in the marketplace. With the international growth of XBRL, CPAs have the opportunity to provide assurance on XBRL instance documents’ compliance with XBRL technical specifications, and on their appropriate use of publicly available and custom taxonomies, as well as the mapping of specific data elements to the published traditional financial statements.

The Auditing Standards Board (ASB) recently passed Interpretation 5, “Attest Engagements on Financial Information Included in XBRL Instance Documents,” of Statement on Standards for Attestation Engagements (SSAE) 10. While many questions remain, such as how to convey instance document assurance in an electronic reporting environment, Interpretation 5 provides users of XBRL instance documents the assurance that the documents comply with rigorous technical specifications and promulgated or custom taxonomies.

Where’s the Market?

The potential market for XBRL instance document assurance is unlimited, ranging from mid-size organizations that receive a variety of information from multiple reporting entities to internationally diverse Fortune 100 companies to government reporting entities. Today’s capital markets are significantly different from those in the past, especially in the increase in institutional investors that, because of their concentrated ownership, have the power to influence corporate governance issues.

Institutional investors typically can correctly analyze company financial information. Providing institutional investors with XBRL-tagged financial information allows them to spend more time on data analysis instead of data reentry. Companies currently providing XBRL-tagged instance documents on their websites are doing so without assurance that the information had been attested to by a trusted, independent party for compliance with appropriate technical specifications.

Companies with distributed operations and public charitable trusts represent additional market opportunities for XBRL assurance services. These organizations often receive financial information in a variety of incompatible formats. Banks and other financial institutions may soon require XBRL instance document assurance for XBRL-tagged call reports. While many validation controls are built into new
call-report software, additional assurance services may be needed.
Given the ability of at least some of the banks’ reporting systems to disseminate XBRL-tagged data, it is likely that bankers will quickly perceive the benefits of XBRL for other aspects of their business operations. For example, the loan application and approval process currently requires inefficient rekeying of information. Automating this process with the extraction and analysis of financial information from tagged financial statements can reduce the time and cost to make a loan decision. Public companies must produce audited financial statements when applying for loans. If the information is submitted electronically in XBRL, banks may require additional assurance on the instance document itself.


As with most forms of new assurance services (e.g., eldercare), many parties, such as insurance companies and financial institutions, can and probably will compete as providers. The most significant advantage that CPAs have over other assurance service providers is the positive history of the financial statement audit. Nonetheless, it is worth recalling the recent experience the profession had in expanding into new assurance fields. CPA assurance on websites (WebTrust) and information systems (SysTrust) have not been as successful as initially expected.

Getting More Information

The AICPA, an advocate of XBRL adoption, provides several links related to XBRL and instance documents on its website (www.aicpa.org). Additionally, the AICPA has published a guide, “XBRL Essentials,” coauthored by XBRL pioneer Charles Hoffman, and Carolyn Strand. Further, the AICPA has provided some sample instance document assurance reports to use as a guideline when providing the service.

XBRL International’s website (www.xbrl.org) is another useful source of information. Reports from international jurisdictions are available, as is the most current XBRL specification version (2.1) and the status of the various taxonomy development projects. Taxonomies can also be downloaded.

There is a worldwide push toward XBRL adoption. XBRL represents the concerted efforts of a diverse group of financial information users and providers. Billions of dollars are wasted and inefficiencies abound when companies use PDF and HTML to report financial information on their websites. The AICPA’s Special Committee on Assurance Services has identified a role for CPAs in providing assurance services related to XBRL instance documents. CPAs should consider whether they have the skills and competencies to expand into this service area.

Stephanie Farewell, CPA, PhD, is an assistant professor of accounting at the University of Arkansas at Little Rock.
Robert Pinsker, CPA, PhD, is an assistant professor of accounting at Old Dominion University, Norfolk, Va.




















The CPA Journal is broadly recognized as an outstanding, technical-refereed publication aimed at public practitioners, management, educators, and other accounting professionals. It is edited by CPAs for CPAs. Our goal is to provide CPAs and other accounting professionals with the information and news to enable them to be successful accountants, managers, and executives in today's practice environments.

©2009 The New York State Society of CPAs. Legal Notices