CEN/WS XBRL

1. CEN/WS XBRL • CWA2: • Hot topics of interest in 2nd level reporting 20 February 2013 Ignacio Boixo CWA2

2. Hot topics of interest in 2nd level reporting Workflow on 2nd level reporting Proof of concept e-mail validation Core Business Vocabulary Legal Entity Identifier Any other Business?

3. Requirement: example workflow Signature (and encryption) via National regulator public certificate Signature (and encryption) using European regulator public certificate Submission container Subcontainer header.xml nationalinstance1.xbrl nationalinstance2.xbrl Subcontainer Declarer European Supervision Authority National Supervision Authority

4. Alternative A: Signature encapsulated Zip Zip Zip Header Instance 1, Instance 2, …, Instance n Header Instance 1, Instance 2, …, Instance n Header Instance 1, Instance 2, …, Instance n Encryption (public key of the first addressee) Other Authority: BIS / ESRB / Banking Union / … National Supervision Authority Other Authority: e.g. EBA Signature 1 (contributor 1 - private key) Signature 2 (contributor 2 - private key) Signature/ Encryption (addressee certificate) & transfer Encryption (public key 2nd addressee) Signature 3 (contributor 3 key) transfer …

5. Alternative Z: Zip-encapsulated Encryption (public key of the first addressee) National Supervision Authority Other Authority: e.g. EBA Other Authority: BIS / ESRB / Banking Union / … Signature 1 (contributor 1 - private key) Zip • Header • Instance 1 • Instance 2 • ... • Instance n • SignedSubContainers • XadesSignedSubcontainer.xml • signed with contributor 2 private key • Inside, zip file with a new Header, Instance 1, Instance 2, …, Instance n. • FullSubContainers • EncryptedSubcontainer.xml • public key 2nd addressee • signed with contributor 3 private key • Inside the signed, zip file with a new Header, Instance 1, Instance 2, …, Instance n. Encryption (next addressee) & transfer Transfer only Page 5

6. Characteristics Alternatives are functionally equivalent: both provide Xades-signed sub-containers for trusting authorities Fully encrypted subcontainers for non-trusting authorities Both alternatives can deliver as a result a set of files using a generic decomposition tool For Alternative 1, the result file set will be a flat set of files having their original filenames For Alternative 2, the result file set will be a hierarchical set of files (in accordance with the folder hierarchy defined in the .zip container, both folders and files having their original name) Problem : How shall the NSA identify the final recipients of the subpackages (EBA, Banking union, etc)? For Alternative 1, the addressee of the subcontainer has to be identified using a non-standard xml tag (requiring thus an intermediate xml schema which is not standard?) For Alternative 2, a file naming convention would be required in the instructions of the NSA to identify the addressee of the subpackage

7. Proof of concept e-mail validation Encryption (XML Encryption) Encryption (XML Encryption) Signature (XADES-EPES) Zip Signature (XADES-EPES) Instance-1 … Instance-n Package & Compress (zip) Feedback instance1.xml instance2.xml … instancen.xml Eurofiling Test Validator (Arelle) Anonymous

8. http://joinup.ec.europa.eu/asset/core_business/description

15. Legal Entity Identifier and mapping to Core Business Vocabulary

16. Legal Entity Identifier

17. Legal Entity Identifier

18. http://www.dtcc.com/downloads/news/CiCi_Report.pdf

19. http://www.dtcc.com/downloads/news/CiCi_Report.pdf

20. http://www.dtcc.com/downloads/news/CiCi_Report.pdf

21. Thanks for your attention boixo@bde.es (as back up of emile.bartole@cssf.lu) Comments or questions?