1 / 20

Improving Transparency in Financial and Business Reporting

This CEN/WS.XBRL publication discusses the current situation and latest evolutions of CWA2, which aims to standardize the way of submitting instances in a container with standardized encryption, digital signature, compression, and more. It also covers the way of transmitting the usual metadata that determine the context of an XBRL reporting instance.

elockridge
Download Presentation

Improving Transparency in Financial and Business Reporting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CEN/WS XBRL: Improving transparency in financial and business reporting CWA2 Situation & latest evolutions Present situation Emile Bartolé CWA2

  2. Objectives of CWA2 CWA2 Dual objective of CWA2: standardize • The way of submitting instances, a container with standardized • Encryption • Digital signature • Compression • … • The way of transmitting the usual metadata that determine the context of an xbrl reporting instance • the sender of the document • contact details • date and time of submission • …

  3. Submission container

  4. Feedback containers

  5. Standards used: Compression & Hash Zip as defined in http://www.pkware.com/documents/casestudies/APPNOTE.TXT SHA256 as defined in http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf

  6. Standards used: Digital signature The file structure generated by the signature SHALL be XAdES-BES/EPES http://uri.etsi.org/01903/v1.4.1/ using RSA with SHA512 http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 implemented in accordance with http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2011:053:0066:0072:EN:PDF

  7. Standards used: Encryption W3C Encryption http://www.w3.org/TR/xmlenc-core/ using key transport RSA-OAEP http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p and encrypting data with AES256. http://www.w3.org/2001/04/xmlenc#aes256-cbc

  8. Requirements input EBA Easy to use, minimal model (1 instance per container) Senders identified in transport system, only encryption required (no digital signatures) Known people from NSAs, no need to identify them explicitely in a header EIOPA Minimal structural header Extensibility of header for content-based fields

  9. Reserved extended suffix .signed.xml exclusively reserved for signed files .encrypted.xml exclusively reserved for encrypted files

  10. File name change upon signature

  11. header.xml file1.xbrl file2.xbrl file3.xbrl Compress Container.zip Sign with a first signature and replace extension Container.signed.xml Filename in XML: Container.zip Sign with a second signature and replace extension Container.signed.xml Filename in XML: Container.signed.xml Encrypt and replace extension Container.encrypted.xml Filename in XML: Container.signed.xml Container creation example

  12. Container reception example Container.encrypted.xml Filename in XML: Container.signed.xml Decrypt and extract file Container.signed.xml Filename in XML: Container.signed.xml Validate first signature and extract file Container.signed.xml Filename in XML: Container.zip Validate second signature and extract file Container.zip Uncompress header.xml file1.encrypted.xml file2.signed.xml file3.xbrl container.zip header.xml file1.signed.xml file2.xbrl file3.xbrl container.zip header.xml file1.xbrl file2.xbrl file3.xbrl container.zip

  13. Exchange files Header file - characteristics of the data files in the submission (caution: deprecated, not yet extensible version!) http://www.eurofiling.info/eu/fr/esrs/header Container feedback files - confirming (or not) the success of the reception of a submission container http://www.eurofiling.info/eu/fr/esrs/ContainerFeedback Instance feedback files - Result of the (XBRL-)validation of every submitted data file http://www.eurofiling.info/eu/fr/esrs/InstanceFeedback

  14. Sender Receiver signed(optional) encrypted (optional) Subnission container Feedback container encrypted (optional) signed(optional) Containerfeedback file Rest of the Feedback container Exchange model

  15. 2-level support: Forwarding Submission container 1 header.xml nationalinstance1.xbrl nationalinstance2.xbrl Submission container 2 Submission container 2 Reporting Entity Response Container 1 Response Container 2 European Supervision Authority National Supervision Authority

  16. 2-level support: Repackaging Reporting entity submission NSA submission header.xml re1.xbrl re2.xbrl … … … ren.xbrl header.xml re1.xbrl re2.xbrl … … … ren.xbrl Reporting Entity Response RE Response NSA European Supervision Authority National Supervision Authority

  17. 2-level support: Regeneration Reporting entity submission header.xml re1.xbrl re2.xbrl … … … ren.xbrl NSA submission header.xml nsa1.xbrl nsa2.xbrl … nsan.xbrl Reporting Entity Response RE Response NSA European Supervision Authority National Supervision Authority

  18. BasicHeader ExtendedHeader RegisteredOrganizationVocabulary OtherModule(s) Extensible Header

  19. Use-cases provided by CWA2

  20. Thanks for your attention emile.bartole@cssf.lu Comments or questions? Page 20 CWA2

More Related