XBRL SOX Risks? 2837



  • Currently, are there any SOX risks with regards to XBRL? I know that starting 2014, there will be liability for XBRL misstatements, but currently does XBRL have any impact on SOX? My company is going to be submitting their first XBRL financials this year, and I want to make sure we are covered on the SOX side of things.



  • This post is deleted!


  • Hi - While I’m more versed in IT Security than SOX reporting, I believe it is a good approach to be proactive and become familiar with this new SEC reporting requirement. As the SEC has a contact area for questions, it might be worthwhile to contact them or work with your SOX external auditor, so that you are successful in using this new reporting standard.
    I also found some links that might be helpful in a search:
    Please copy/paste to browser as direct links not allowed in forums
    http-and-#58;//www.google.com/#hl=en-and-q=XBRL Sarbanes-Oxley
    http-and-#58;//www.informationweek.com/news/global-cio/compliance/showArticle.jhtml?articleID=207800147
    http-and-#58;//www.insidesarbanesoxley.com/2005/09/xbrl-explained.asp
    http-and-#58;//www.nysscpa.org/cpajournal/2003/1203/dept/d126103.htm
    http-and-#58;//en.wikipedia.org/wiki/XBRL
    http-and-#58;//en.wikipedia.org/wiki/XBRL_assurance
    http-and-#58;//www.xbrl.org/faq.aspx



  • I am intrigued as I have been looking into this recently for my own company.
    Is it really SOX relevant? Are we struggling because this has become a bigger issue after the Act became law and therefore this has not been covered?
    If we disclose our results using XBRL do we fail 302 on disclosure although our accounts under 404 have not been materially mistated? Therefore we could have a clean attestation from our external auditors (who do not give an opinon on our XBRL figures as I understand it) but still have ‘failed’ SOX?
    Or is this just a Red Herring? We are required to ensure our accounts are not materially mistated under SOX. We are required to disclose using XBRL by the SEC. To disclose incorrect data through XBRL is subject to a penalty from the SEC but is not a SOX matter.



  • I would be inclined to say Red Herring.
    Your SOX sign-off is done and dusted before you submit the document to SEC, regardless of whether it is printed and bound or submitted electronically.
    As a matter of course I would expect a company to have an appropriate control in place to cover the compliance risk of submitting to SEC a document other than the one that was signed-off but it would be just a little too circular to have that control be part of the SOX assertion.


Log in to reply