19th XBRL International Conference“Reducing Regulatory Burden With XBRL: A Catalyst For Better Reporting”

June 22-25, 2009Paris, France

XBRL: What’s In It For Internal AuditorsGianluca Garbellotto, Iphix

June 25, 2009

Why should internal auditors care Where – and how – XBRL is used Intro to XBRL Global Ledger XBRL for internal use What does it all mean for internal audit Resources Q&A

Agenda

XBRL is here … or coming fast The primary concentration: regulatory

filings Drivers for adoption include

◦ Process efficiencies◦ Information transparency◦ Significant cost savings in data integration,

dissemination and analysis XBRL is more than filings, financials and

compliance The benefits above increase the deeper

XBRL/data standardization is embedded

Why Should Internal Auditors Care

Role in external filings◦ Under a bolt-on approach◦ Under an embedded approach

Internal transparency and efficiencies – today and tomorrow◦ Statistical vs. 100% testing◦ Centralized, consistent and application-

independent validation, processing and visualization of data

◦ New collaboration model with external auditors◦ M&A◦ The spectre of “real time”

Why Should Internal Auditors Care

Country Organization ProgramUS SEC Phased-in mandatory filingJapan Tokyo Stock Exchange

National Tax AgencyBank of JapanJapan Financial Services Agency

Registrant Financial Report FilingeTax National Tax Return FilingFiling of Financial ReportsEDINET – Electronic Disclosures for Investors Network

UK Companies HouseHM Revenue and Customs

Account FilingsCompany Tax Filings

China China Securities Regulatory Commission

Interactive Data Filing for Financial Statements

Korea Financial Supervisory Service

Mandatory Filing

Singapore Accounting and Corporate Regulatory Authority - ACRA

Mandatory Filing

Regulatory Projects

Israel, Spain, Italy and many more …

On the basis of reduced compliance burden Cross-government, business-to-government projects Established in The Netherlands and Australia, official

declarations of interest in New Zealand and UK, closely watched in many other countries

Based on long-term partnerships between Government and businesses – not on mandates

Not only - or even mainly - about financial statements

Significant cost savings for both sides If your systems and processes are integrated, you

may not have to report … until needed

Standard Business Reporting

Quarterly data collection from US banks, started in 2005

Key point: validation at the source of data rather then at the consumption point

Substantial impact on processes, resources and costs◦ Errors in data received 68% => 5%◦ Processing time 45/60 days => 2 days◦ Human resources 1,000 => 200

FFIEC/FDIC

Intro to XBRL Global Ledger

Processes

Regulators and AdministratorsExternalAuditors

InternalAuditors

ManagementAccountants

TradingPartners

Investors

FinancialPublishersand Data

Aggregators

Software Vendors and Service Providers

Companies CentralBanks

Business Reporting Supply Chain

US GAAP IFRSSBR

GRI G3Statutory

MD&A

XBRL EXTERNAL REPORTING

SCOA/Trial balanceAP/AR LedgersGeneral Ledger

Fixed Assets, InventoryDocuments/Entries

Parties, entitiesKPIs – financial and not

Others

XBRL GLOBAL LEDGER

AccountingSoftwareERP systemsUBLRosettanetACORD MISMOFPMLOthers

TRANSACTIONLAYER

Crating the seamless interface

ExternalBusinessReportin

g

BusinessOperations

InternalBusinessReporting

Investment,

Lending,Regulation

Economic Policymaki

ng

Participants

Challenges of Working with Data

Different Data Dictionaries: Field names, field orderSystem 1: AccountNo, Amount, Date

System 2: MonetaryAmount, PostDate, AccountNumber

System 3: PostingDate, Account#, Value

System 4: Date, Journal, Account, Amount

Similar DataAccount, Amount, Date

Different Representations for the same concepts in common data fieldJournal: PJ, Payroll Journal, Payroll

Date: 12-31-03, 20031231, 12/31/03

Different Data FormatsCSV

ASCII

WKS

How do ACL, IDEA,

ETL and other tools

span the gaps?

System 1: AccountNo, Amount, Date System 2: MonetaryAmount, PostDate,

AccountNumber System 3: PostingDate, Account#, Value System 4: Date, Journal, Account, Amount

XBRL GL says:◦ accountMainID◦ amount◦ postingDate◦ sourceJournalID◦ (and 400+ other data fields)

XBRL GL is Voluntary Agreement

Joining Systemsqbxml

smbxml

Intacct xml

SAP

Peoplesoftxml

qbxml

smbxml

Intacct xml

SAP

Peoplesoftxml

Oracle

Standards-based Data Interchange

OracleIndustry transactional XML

XBRL GL

qbxml

smbxml

Intacct xml

SAP

Peoplesoftxml

qbxml

smbxml

Intacct xml

SAP

Peoplesoftxml

SaaS, Upgrading, Auditing

AccountingSystem

AccountingSystem A

AccountingSystem B

Chart of Accounts

Customers, Vendors, Employees

Open AR, AP, Inventory Status

Journal Entries, Ledger History

AccountingSystem

CPATrial Balance

Adjustments

Budget

Tax information

Public Books

Management Reporting

Operational Systems

Tax representation format

Forensic representation

format

Consolidation Systems

External Systems

Operational formats

XBRL GL

Link to other standardsLeverage other standardsHarmonize other standards

Facilitate the automated and seamless audit trail

Provide new transparency across systems Designed especially to help capture

reconciliations◦ Book to tax (permanent, timing)◦ US GAAP, local, IFRS

Designed to “Mind the Gap” and the GAAP

Systems integration Data access, assembly and overview Data quality

◦ Validation at the “source”◦ Consistency in data validation rules and

analysis/visualization of data Redefinition of spreadsheets as user

interfaces not data storage/transformation facilities

XBRL For Internal Use

In all these areas, opportunities come from◦ Elimination of one-way interfaces between

systems◦ Elimination of manual reconciliation processes at

all levels of data integration/summarization◦ Seamless traceability of any information to its

source◦ Reusability of consistent templates for

visualization, validation, and analysis across applications/business units

No tight coupling between data, key processes related to data such as validation, reconciliation and analysis, and applications where the data is stored

XBRL For Internal Use

Migration from manual to automated processes in key activities

Ability to more efficiently access and integrate entity-wide data

Abstraction of business rules and controls that can be applied across a wide range of software applications

Lower cost operating environment

What Does It All Mean For IA

Broader set of monitoring controls and assessments – ultimately enabling continuous auditing and monitoring

Connect resources to specific data concepts◦ Relationships◦ Labels◦ References to authoritative guidance and internal

policies◦ Libraries of business rules, entities, assertions,

risks, and controls

What Does It All Mean For IA

Improving report review and assembly Reducing spreadsheet proliferation Reducing/eliminating manual controls Eliminating manual data access across

disparate information sources Rationalizing disparate and redundant

controls that are application-specific rather than purpose-specific

SOX and Internal Controls

Taxonomy related◦ Use of an appropriate taxonomy◦ Use of the appropriate version◦ Corporate extensions

Data mapping related◦ Consistency and completeness of the mapping

process Compliance with the XBRL Specification

and with relevant best practices◦ Taxonomy◦ Instance documents

Audit Issues Specific to XBRL

Awareness and education on the real scope of XBRL

Evaluation of internal audit implications of the mandate and of other related reporting processes – for entities subject to the SEC or other mandate

Identify and prioritize areas that are logical candidates for the application of a standards-based approach◦ Manual control processes where automation would bring

the most significant benefits.◦ Areas of priority for the application of rules-based

compliance testing.◦ Automation of persistent control assessments across

disparate systems (e.g., payables controls)

Where To Go From here

THEIIA white paper http://www.theiia.org/recent-iia-news/?search=xbrl&C=801&I=9119

XBRL International websitehttp://xbrl.org/GLFiles

GaLaPaGoS – Global Ledger Practices Guide for Studyhttp://gl.iphix.net

XBRL members resources [INT-GL] Public XBRL GL mailing list

http://groups.yahoo.com/group/xbrl-gl-public Monthly XBRL column in IMA’s Strategic Finance

magazine http://glg.iphix.net/?page_id=11

Resources

Gianluca GarbellottoPresident/CEO, IphixXBRL Global Ledger WG ChairEmail: gg@iphix.net Blog: http://glg.iphix.net

Questions