Title: CEN/WS%20XBRL:%20Improving%20transparency%20in%20financial%20and%20business%20reporting
1CEN/WS XBRL Improving transparency in financial
and business reporting
- CWA2 Situation latest evolutions
Present situation - DRAFT Emile Bartolé
CWA2
2Objectives of CWA2
- Dual objective of CWA2 standardize
- The way of submitting instances, a container with
standardized - Encryption
- Digital signature
- Compression
-
- The way of transmitting the usual metadata that
determine the context of an xbrl reporting
instance - the sender of the document
- contact details
- date and time of submission
CWA2
3Deliverables
- Specification document(s) Delivered (draft)
- Header XML schema Delivered (draft)
- Instance Feedback XML schema Delivered (draft)
- Container Feedback XML schema Delivered (draft)
- Container Test tools In progress (draft)
- CBV in dimensional XBRL In progress (draft)
4Enhanced workflow
Submission container
header.xml nationalinstance1.xbrl nationalinstance
2.xbrl
Subcontainer
Subcontainer
Declarer
Feedback
Feedback
European / Other Supervision Authority
National Supervision Authority
5Submission container
Encryption (XML Encryption)
Signature (XADES-EPES)
- Multiple XBRL instance documents packed with one
xml header file - Header is the only file with a naming convention
header.xml it is located on top-level of the
compression package - Header lists xbrl instances contained in the
container - Instances should always have extension .xbrl
- Use of folders is optional in case they are
used, all references (in header to XBRL
instances in XBRL instances to taxonomy files)
must respect them. - Folder names used here (Instances, Taxonomy)
are given as examples - Authorities may define their naming convention
(files, folders) - Multiple compression packages per security
envelope are allowed - Other files in adequate file formats (e.g. an
audit report to prove the validity of the
figures) are allowed, particularly also valid
subcontainers, whether up to the ZIP, the
Xades-EPES (SignedSubContainers) or to the
encryption structure (FullSubContainers)
Package Compress (zip)
header.xml Instances instance1.xbrl
instance2.xbrl
instancen.xbrl Taxonomy
taxonomy-file1.xml .xsd
taxonomy-file2.xml .xsd
taxonomy-filen.xml .xsd SignedSubContainers
XadesSignedSubcontainer.xml
FullSubContainers EncryptedSubcontainer.xml
Attachment AuditReport.pdf
Page 5
6Single collection - multiple dispatching
Encryption (public key of the first destinee)
National Supervision Authority
Other Authority e.g. EBA
Other Authority BIS / ESRB / Banking Union /
Signature 1 (contributor 1 - private key)
Zip
- Header
- Instance 1
- Instance 2
- ...
- Instance n
- SignedSubContainers
- XadesSignedSubcontainer.xml
- not encrypted
- potentially signed by a different contributor
- FullSubContainers
- EncryptedSubcontainer.xml
- encrypted for final destinee
- potentially signed by a different contributor
- usual container structure
Encryption (next destinee) transfer
Transfer only
Page 6
7EBA requirement Ensure integrity
- Solution use signed subcontainers!
- Integrity of data is guaranteed for both
receivers respectively, for NSA in the Instances
integrity area, for subsequent institutions in
their respective subcontainers integrity area - If InstanceAn.xbrl is meant to have identical
content as InstanceAn.xbrl, enhanced services
possible are possible by NSA guarantee identity
of information delivered to NSA and ESA (via
simple file comparison)
Encryption (XML Encryption)
Signature (XADES-EPES)
Package Compress (zip)
header.xml Instances InstanceA1.xbrl
InstanceA2.xbrl
InstanceAn.xbrl SignedSubContainers
SignedSubcontainer.xml Header.xml
InstanceB1.xbrl InstanceB2.xbrl
InstanceBn.xbrl
N S A
E S A
Integrity areas
Page 7
8EBA requirement use with secure transport
Unsecure or undefined transport
Secure transport
Encryption (XML Encryption)
Signature (XADES-EPES)
Package Compress (zip)
Package Compress (zip)
header.xml Instances InstanceA1.xbrl
InstanceA2.xbrl
InstanceAn.xbrl SignedSubContainers
SignedSubcontainer.xml Header.xml
InstanceB1.xml InstanceB2.xml
InstanceBn.xml
header.xml Instances InstanceA1.xbrl
InstanceA2.xbrl
InstanceAn.xbrl SignedSubContainers
SignedSubcontainer.xml Header.xml
InstanceB1.xml InstanceB2.xml
InstanceBn.xml
Page 8
9Feedback container
- One XML feedback file per XBRL instance in the
original submission container - Feedback files will be generated systematically,
even if no errors at validation time occurred
(also positive acknowledge) - The XML schema for the feedback files will
contain a hash code for the original file
guaranteeing non-repudiation of the submitted
XBRL instances - The feedback file will have the same name as the
original instance it refers to (but with
extension .xml instead of the original .xbrl) - Folder name used here (Feedback) is given as an
example
Page 9
10Standards Algorithms
Topic References Structures Algorithms Remark
Compression http//www.pkware.com/documents/casestudies/APPNOTE.TXT zip V2.0 or higher
Hash http//csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf SHA256 Identify files
Digital Signature http//eur-lex.europa.eu/LexUriServ/LexUriServ.do?uriOJL201105300660072ENPDF XADES-EPES http//www.ietf.org/rfc/rfc3447.txt RSAwithSHA512
Encryption http//www.w3.org/TR/xmlenc-core1/ (Fallback http//www.w3.org/TR/xmlenc-core/) http//www.ietf.org/rfc/rfc3447.txt RSA (OAEPWITHSHA-512ANDMGF1PADDING)
Page 10
CWA2
11Tools developement
Topic Framework Packages
Manage zip files Standard Java java.util.zip
Manage xml files Standard Java
XML Encryption Standard Java javax.crypto, java.security, javax.xml.crypto
Digital Signature (XAdES) Eid-dss http//code.google.com/p/eid-dss/
12CWA2 Header
- XML
- Direct import of the core business vocabulary
into the draft header schema - Support of initial update submissions
- Full support of signed as well as signed
encrypted subcontainers
13Header Orientations
Type of field Way of dealing with it
Related to filing instance reports Integrated into the header XML schema
Transport related Not in the scope of the header taxonomy, this should be part of the submission / transport system used
Data related Not in the scope of the header taxonomy, this should be part of the data taxonomy
CWA2
Page 13
14Core business vocabulary in XBRL
- Re-implementation of the EU Core business
vocabulary - Dimensional XBRL
- DPM (with Tables) being developed
- First taxonomy version available
15Thanks for your attention
emile.bartole_at_cssf.lu
Comments or questions?
Page 15
CWA2