1 / 15

Authenticity of Electronic Records in XBRL

Authenticity of Electronic Records in XBRL. Lucas Cardholm, LL.M. Working Group Authenticity and Security, XBRL Sweden lucas.cardholm@se.ey.com. Background. XBRL Sweden objective is to create a Swedish XBRL taxonomy applicable for companies reporting under Swedish GAAP as well as IFRS

marcia-wade
Download Presentation

Authenticity of Electronic Records in XBRL

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authenticity of Electronic Records in XBRL Lucas Cardholm, LL.M. Working Group Authenticity and Security, XBRL Sweden lucas.cardholm@se.ey.com

  2. Background • XBRL Sweden objective is to create a Swedish XBRL taxonomy applicable for companies reporting under Swedish GAAP as well as IFRS • Non-profit organisation • Lucas is IT-Lawyer in WG ”Authenticity and Security” • Ernst & Young, Technology & Security Risk Services

  3. Sw. Companies Reg. Office Auditor Public Authorities Book-keeping Market Signature (authenticity) Confidentiality Project Background Company

  4. Members of the board, Managing Director Data integrity Initials, members of the board and Auditor(s) Proof of adoption resolution, member of the board Auditors endorsement The annual report

  5. Electronic/Digital World ? Signers intention is often not defined when signature is created. One Signature – a variety of intentions Paper World Identify • Assure Authenticity • Integrity • Non-repudiation Legal Effect Declaration of Commitment Warning Signers intention is defined by the nature of the document and years of practise, legal effect by the court of law.

  6. The need for Declaration of Commitment ”I agree that the report is correct” ”Figures are correct” No commitment, but intention ”No pages are (ex)changed” ”I certify that the shareholder meeting has adopted the annual report” ”I have audited and produced an audit report…”

  7. Proposed solution • Definition of four levels of liability • Recommendations on what to include within the signature and how to attach the commitment of the signature • Focus on the XBRL annual report and audit report for them to have legal validity

  8. Signature Liability Levels Personal Liability Electronic Record signed by Natural Person Legally binding signature for natural person Without contractual relationship High Liability Electronic Record signed by Legal Person Legally binding signature for legal person Low Liability Electronic Record signed by Legal Person With or without prior contractual relationship Not denied legal effect No Liability Authenticated Electronic Record Must not give any legal effect!

  9. The need for Liability levels Personal Liability Low Liability? No Liability Personal Liability Personal Liability or High Liability

  10. Current activities • Discussion paper delivered to XBRL in Europe and XBRL International • Discussions with vendors regarding pilot implementations and adoption of signatures

  11. More information • www.xbrl.se • www.xbrl.org • www.etsi.org fredrik.hertz@se.ey.com

  12. Brief drill-down Fredrik Hertz, MSc, CISSP Head of Working Group Authenticity and Security, XBRL Sweden fredrik.hertz@se.ey.com

  13. Electronic Record Application External Dependencies 1 Declaration of Warning Unique Authenticity Level Legal Effect Commitment Identification No DC DC Record Signer Personal Liability SHOULD MUST MUST MUST Yes Yes Yes High Liability SHOULD SHOULD MUST MUST Yes Yes Yes Low Liability MAY Matrix overview MAY SHOULD SHOULD Yes By contract Not Denied No Liability SHOULD SHOULD NOT SHOULD NOT MAY Data integrity only No No Liability 1 “No DC” denotes No Declaration of Commitment present in signature , while “DC” denote s Declaration of Commitment present in signature .

  14. Implementation • <SignedDataObjectProperties> (CommitmentTypeIndication) • <SignedSignatureProperties> (SignatureLiability) • Specification of when the application should present a warning

  15. Useful in this context • Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures • IETF RFC 3275: "XML-Signature Syntax and Processing“ • ETSI TS 101 903: " XML Advanced Electronic Signatures (XAdES)”

More Related