Cloud-Computing Risk Disclosure and ICFR Material Weakness: The Moderating Role of Accounting Reporting Complexity
43 Pages Posted: 20 Aug 2019
Date Written: April 24, 2018
Regulators have expressed concerns over management’s ability to maintain effective internal controls over financial reporting when adopting cloud-computing services (PCAOB 2015), as well as the auditor’s ability to cope with such changes (PCAOB 2015, 2017). Further, the complexity of the client’s accounting concepts, proxied by their XBRL taxonomy, could adversely impact financial reporting quality (Hoitash and Hoitash 2017). Therefore, we investigate the association between a firm’s disclosure of cloud-computing risks and their likelihood of disclosing a material weakness, moderated by their level of accounting reporting complexity. We find that, for firms that do identify cloud-computing as a significant risk, the external auditor is less likely to issue a material weakness when the firm uses a greater number of customized XBRL tags. We also find that the external auditor is more likely to issue a material weakness for firms that do not identify cloud-computing as a significant risk to their operations when they use a greater number of customized XBRL tags. The results have implications for standard-setters’ concerns about the auditor’s ability to cope with the changing control environment in the presence of cloud-computing.
Keywords: cloud-computing; XBRL; risk disclosure; financial reporting quality; accounting reporting complexity; ICFR; material weakness
Suggested Citation: Suggested Citation