Introducing Digital Signatures in XBRL
Digital business reports created in XBRL undergo careful preparation, involving a number of skilled individuals, specialised systems, and robust controls to ensure accuracy. As these reports can directly impact an organisation’s value and reputation, preparers, auditors, regulators, and end users must have assurance that the reports remain unaltered and reliable.
Bridging this need for trust with the growing concern over cybersecurity, digitally signed XBRL reports emerge as a critical solution. Digitally signed XBRL reports offer an added layer of security and a reliable mechanism to verify the authenticity and integrity of the information contained within the report.
We are excited to announce the release of the first Public Working Draft of the “Digital Signatures in XBRL reports” specification. The draft is a good starting point for understanding the proposed mechanism of applying digital signatures to XBRL reports.
Key features of the specification include:
- Standardisation of a mechanism for applying digital signatures to all or part of an XBRL or Inline XBRL report, including supporting resources such as an extension taxonomy, or embedded images.
- Signature technology agnostic – the specification avoids prescribing any specific signature technology in order to facilitate the reuse of existing digital signature infrastructure and allowing for the adoption of any digital signature technology that is legally recognised, such as the EU-recognised *AdES standards.
- Digital signatures are embedded within a report package, giving end-users a simple, single file that incorporates both the XBRL report and its signature or signatures.
- Support for multiple signatures by different signatories and with different scopes.
We expect that once the specification is finalised, regulators will be keen to adopt a standardised approach to signing XBRL reports. For software vendors, the specification is an opportunity to innovate by integrating the capability to add digital signatures to XBRL reports. This development not only requires adaptation to new standards but also opens avenues for enhancing product offerings and meeting customers’ evolving needs in a digitally secure manner.
The specification is not yet ready for production implementation, but we would encourage software vendors and other stakeholders to review and validate the approach being taken.
In particular, we encourage you to:
- Review the draft specifications thoroughly. Your feedback and comments are crucial in refining and strengthening the specification to ensure its robustness and effectiveness.
- Create “proof of concept” test reports that conform to the draft specification.
- Assess the compatibility of the proposed solution with existing digital signature infrastructure or technology in the markets in which you operate.
- Begin considering how to optimise the user experience around digitally signing XBRL reports. Think about how to make the process intuitive, secure, and efficient for users, ensuring that this new feature adds value without complicating the reporting process.
You can read the Public Working Draft of ‘Digital Signatures in XBRL’, and the corresponding requirements document on our specification site.
The specification is being developed by the Digital Signatures in XBRL (or “D6”) Working Group. If you are an XBRL member, and would like to get more actively involved in the development of the specification, or would simply to keep abreast of the latest developments, please consider joining the Working Group.
