Diversified Reporting Assurance

Yes, let’s call it DRA. The new wave of “accountants’ statements” in the wings.
[Warning: for those not interested in accountancy, the rest will be boring. Or, let me restate that: very boring. Or even deadly boring.]

[Continuing with a slight recap]
Where previously, the agent was sent by the principal to assess annual financial statements, to establish that the reports were true and fair hence could be relied on to assess (not by the auditors) the quality with which ‘management’ (proper, nowadays usually called ‘governance’ – turning that into an insult) oversaw, controlled and directed the use of investments by the principal(s). Which worked in time so desperately slow that annual financial statements had some predictive value for the next full year, even when the ‘officially approved’ annual figures were released many months into the ‘next’ year anyway, and principals with sufficient clout already knew quite well how things were (in the mean time), by what can be considered insider knowledge.
But the times, they were a’changing. Annual financial statements are useful still, but limitedly, and the assurance; oh well, it’s nice to be able to sue yet someone else when later, much later, the figures turn out to be wrong or misleading. Which is two different things…
And when (not if) one cannot (in practice hardly ever successfully) sue the messenger boy accountant sent for an errand when the errand is not completed faithfully to 100% the master’s interests but even the slightest to another party’s interests, the messenger boy is useless.

In come improvements in the way the annual financial statements are checked. By means of smart / ‘big’ data analysis of transaction flows. The goal of the method is, now, finding its place as, enhancement of the audit, not sweeping aside earlier methods. In order to gain (much) better insights apart from just formal statistics, to have better understanding of errors, etc.

[Interlude: ‘annual’ can be replaced with ‘quarterly’ without loss of semantics (note: true semantics, not meso-syntactics that that is usually but wrongly supposed to mean) in this discussion.]

At which point the spin-off of insight also leads via the better understanding of how the company operates (in purely administrative and financial terms) at the shop-floor level.
Which is what all sorts of in the mean time diversified stakeholders require. Diminishing the need for an overarching annual financial statement.
Increasing the need for inclusion of much, much data (don’t start me on the difference with Information of this) that is other than financial or even other than formal quantitative. NFI, the non-financial information, is a separate mer a boire – for the drinking of which the accountant may not necessarily be the best party, much so by professional deformation. E.g., taking ‘factual’ information without (demonstrating to) understanding that there are no such things as ‘facts’ since the pre-socratics (and non-Europeans) started philosophy.

But OK, let’s not digress too far. Assuming for a moment that an organization’s administration might have sizeable data troves that external stakeholders may want to derive their own insights from, in their own way, using their own (proprietary or not) algorithms. And taking XML, in this case XBRL, to be the way to deliver such (detailed) information to those stakeholders. What will the role be of the auditor ..?

A short pictoral intermission for a break of direction:
20140906_104256[Cheesy Rietveld in the cheese museum in cheesetown, NH, Holland]

I suppose there is a role; to assure (without limitation!!!) the recipient that the data received, is correct. But how to establish that, when the extractions are a great many, at all sorts of times, in all sorts of directions, etc. …? Through certification of the correctness of the productive processes – nice challenge, when already now we know these are far, very far, from 100% water tight (or they would completely stifle business). What language to use to calculate, and to describe, the margins of error? A new language may need to be invented altogether. Shunning the ridiculous insults of ‘reasonable’ or ‘limited assurance’.

And how to assure only the intended, authorized recipients have access and not others ..? (Or would one want to do that, as selective access may construe illegal informational advantages.) Process checking again, with no language for describing the risks of one needle ruining the hay stack, as is Normal in today’s totally IT-subservient organisations.

So, openness, full (sic) transparency, via XBRL is one element. Vast extensions with other-sort information, quantitative but also qualitative (e.g., re risk management (link and many others on this blog)), is another. Having accountants develop a societally recognized and fully understood language about this all, should come first, not only after early adoption. But leaving it to accountants, would be without good reason; other parties may be better versed in this. Which ones ..? Definitely not actuarians or other insurance-types. Maybe IS auditors and ‘risk managers’ of all sorts but then again these groups together aren’t coherent let alone understanding sufficiently broad enough throughout, to be able to pull this off. A slew of PhD students then, but these would be too remote from practice (both experience/insight-wise and qua tractability of results-wise). You thoughts …?


About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in ERM, GRC, Innovation (technologicallly driven) and tagged , , , , , . Bookmark the permalink.

Your comments are welcomed!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s