What does Standaard 3950N require from auditors?

Standaard 3950N is a Dutch-only standard with no ISA equivalent. It requires the auditor to verify data integrity (numbers in the XBRL file match audited records), tagging accuracy (correct Dutch Taxonomy elements applied to correct line items), and consistency (totals in notes reconcile with primary statements within the XBRL structure). These procedures are part of the statutory audit, performed at completion after substantive work is done.

SBR Reporting in the Netherlands: What Auditors Need to Know

SBR is mandatory for large-entity annual accounts from financial year 2025. At firms like ours, most mid-tier teams still draft the FS in Word, sign a PDF, and reconcile the XBRL afterward. Nobody enjoys the taxonomy mapping. At my firm we keep it on the junior’s desk because that is how it has always been done, and because the file should tell a story that matches the signed FS line for line. When it does not, completion slips by a week.

Your client’s financial statements (FS) used to arrive as a PDF. You reviewed the numbers and signed the auditor’s report on paper. The client filed a printed copy with the Kamer van Koophandel (KvK, the Dutch chamber of commerce). From financial year 2025, that workflow no longer works for large entities. The FS must be filed electronically in XBRL format through standard business reporting (SBR), and your auditor’s report must be a separate XBRL file, electronically signed with a qualified certificate. If you have not adjusted your completion procedures, you are running out of time.

SBR is the Dutch government’s framework for structured electronic exchange of financial data between companies, government agencies, banks, and other receiving parties. It is built on the XBRL data standard and the Dutch Taxonomy, which defines what information must be reported and how it is tagged for machine processing.

Key Takeaways

What SBR is, how it uses XBRL and Inline XBRL, which entities must file electronically, and the timeline for the mandate
What Standaard 3950N requires from auditors when the client’s financial statements are filed through SBR
How the three-file SBR Assurance model works (XBRL report, XBRL auditor’s opinion, detached digital signature, and their cryptographic linkage)
What practical steps your firm needs to take before the first SBR-mandated engagement reaches completion

What SBR is and why the Netherlands built it

SBR started in 2004 as the Netherlands Taxonomy Project. Government agencies, the NBA, banks, and software providers collaborated to create a standardised way of exchanging financial data using XBRL (eXtensible Business Reporting Language). Their goal was to eliminate the duplication of effort that came from reporting the same financial information in different formats to different agencies: the Belastingdienst for tax, the KvK for the trade register, banks for credit applications, and CBS for statistics.

The core principle is “report once, use many times.” A company prepares its financial information using the Dutch Taxonomy (a standardised dictionary of data definitions maintained by SBR-NL) and transmits it through Digipoort (the secure government gateway). Each receiving agency then processes the same structured data according to its own needs. The administrative burden reduction from 2002 to 2007 was estimated at 25%, according to SBR-NL.

For auditors, SBR changes the object you are giving an opinion on. The FS are no longer a PDF or printed document. They are a structured data file where every line item carries a taxonomy tag that identifies what it represents. Your auditor’s report is no longer a physical letter. It is its own XBRL file, electronically signed, cryptographically linked to the FS. The shift is not cosmetic.

Which entities must file through SBR and when

The SBR filing mandate expanded in stages based on entity size.

Micro and small entities have been required to file through SBR since 2016. Medium-sized entities joined in 2017. These filings use XBRL format and are transmitted either through accounting software connected to Digipoort or through the KvK’s online portal (Zelf Deponeren) for entities that do not use SBR-enabled software.

From financial year 2025, large entities must also file electronically through SBR. This is the expansion that affects audit firms most directly, because large entities are the ones most likely to have statutory audits. Previously, large companies could still file paper or PDF annual accounts with the KvK under Dutch GAAP reporting requirements. That option is gone.

Companies can choose between two electronic formats: “classic” XBRL or Inline XBRL (iXBRL). Classic XBRL is a pure data file that cannot be read without rendering software. Inline XBRL embeds the XBRL tags into an HTML document, producing a file that is both human-readable and machine-processable. For entities with a statutory audit requirement, iXBRL is the more practical choice because it produces a document that auditors and management can review visually while still meeting the structured data requirements.

Entities with a 408-exemption (consolidation exemption where a parent company files a consolidated report in place of the subsidiary’s individual report) received a one-year postponement. For financial year 2025, these entities may still file the group annual report as a PDF by email. From financial year 2026, that exception expires.

A phase-in applies to tagging requirements. For financial years starting on or after 1 January 2025, small and medium-sized entities using iXBRL are temporarily exempt from tagging the notes to the FS. From 1 January 2026, block tagging of the notes and management report becomes mandatory. Block tagging means tagging entire sections rather than individual figures, which requires less granular work than the detailed tagging used in ESEF reporting by listed companies.

The SBR reporting manual follows the ESMA framework for ESEF reporting, adapted for the Dutch Taxonomy. This alignment is deliberate. It means the tagging methodology and the validation rules are consistent across Dutch domestic filings and European listed company filings. For firms that audit both listed and non-listed clients, this consistency reduces the learning curve. For firms that only audit non-PIE clients, the domestic SBR requirements are simpler than the full ESEF regime because the Dutch Taxonomy is more prescriptive and the filing population is more homogeneous.

XBRL versus Inline XBRL: what the auditor needs to understand

Both formats use the same underlying XBRL taxonomy. The difference is in presentation.

Classic XBRL produces a pure data file. Every figure and every taxonomy element is encoded in XML. You cannot open this file in a browser and read it. You need rendering software (or the Consistent Presentation specification developed by SBR-NL) to transform the data into something visually meaningful. The Consistent Presentation is a set of rules that takes the taxonomy’s presentation linkbase and label linkbase and generates a standardised visual output. This is how auditors working with classic XBRL files have reviewed them since medium-sized entity filing became mandatory.

Inline XBRL embeds the taxonomy tags directly into an HTML document. The result is a single file that looks like a normal annual report in a web browser but contains machine-readable data tags invisible to the casual reader. For the auditor, this means you can review the human-readable version and the tagged data in the same file. The risk shifts to whether the visible presentation matches the underlying tags. If a figure appears as €5.2M in the rendered HTML but the XBRL tag points to a different taxonomy element or carries a different value, the file is inconsistent. Standaard 3950N requires the auditor to check for this.

For firms accustomed to reviewing PDF FS, the practical change with iXBRL is modest. The document looks similar. The auditor now has an additional responsibility: verifying that what the document shows matches what the data tags say.

How SBR relates to ESEF for listed companies

If your firm audits listed companies in addition to non-PIE clients, you will encounter two parallel structured reporting regimes. ESEF (European Single Electronic Format) requires EU-listed companies to prepare their annual reports in Inline XBRL, using the ESMA taxonomy for IFRS. SBR requires Dutch companies to file with the KvK in XBRL or iXBRL, using the Dutch Taxonomy for Dutch GAAP or IFRS.

The two systems use different taxonomies but the same underlying technology. The NBA developed the Dutch approach to SBR Assurance before ESEF was introduced, which means the Netherlands has more operational experience with auditing XBRL reports than most European countries. Jacques Urlus, policy advisor at the NBA and vice chair of XBRL NL, described the Dutch model as providing a method for ESEF filing audits that other countries could adopt. The Consistent Presentation approach and the XBRL auditor’s report taxonomy were both developed in the SBR context and later adapted for ESEF use.

For mid-tier firms that do not audit listed companies, ESEF is not directly relevant. The skills and procedures are still transferable. A firm that has mastered Standaard 3950N procedures for SBR filings will find ESEF auditing procedurally similar if it moves into that market.

What Standaard 3950N requires from auditors

Standaard 3950N is a Dutch-only standard with no ISA equivalent. It governs the auditor’s approach when the client’s FS are filed through SBR. The NBA developed it to address the specific risks that arise when FS exist as structured data rather than static documents.

Under Standaard 3950N, the auditor must verify data integrity (that the numbers in the XBRL file match the audited financial records) and tagging accuracy (that the correct Dutch Taxonomy elements have been applied to the correct line items). The auditor must also verify consistency: that totals in the notes reconcile with the primary statements within the XBRL structure. These verification steps come at completion, after the substantive audit work is done. They are not a separate engagement. They are part of the statutory audit.

The standard also requires the auditor to consider how the XBRL instance will be rendered. Under the Consistent Presentation rules, the same XBRL data should produce the same visual output regardless of which software renders it. Edge cases exist: voluntary disclosures that fall outside the taxonomy and custom extensions added by the client, both of which can affect how readers interpret the FS. The auditor’s responsibility is to verify that the rendered output gives a true and fair view, consistent with the audited financials.

In our experience, most audit firms do not perform the XBRL tagging themselves. The client or the client’s software provider (or a specialist XBRL conversion firm) prepares the XBRL file. The auditor’s role is to verify the output, not to produce it. This distinction matters for engagement scoping and fee discussions. If the client expects the audit firm to handle XBRL conversion as part of the statutory audit fee, clarify this at the engagement acceptance stage. XBRL conversion is a separate service, not an audit procedure, and mixing the two creates both a fee misunderstanding and a potential independence question. Watch for SALY: firms that rolled the prior-year tags forward without re-mapping to the current taxonomy. The BFT has started asking about that.

The level of verification Standaard 3950N requires is proportional to complexity. A standard Dutch GAAP annual report for a medium-sized trading company will use taxonomy elements that the rendering software handles reliably. A complex group with consolidation entries and custom extensions will require more detailed checking. The engagement partner (EP) should document the scoping decision for the Standaard 3950N procedures in the planning memorandum.

The SBR Assurance model: three files, one signature

When a statutory audit engagement involves SBR-filed FS, the KvK receives not one document but a package of files.

File one is the annual report in XBRL or iXBRL format. This contains the FS and management report, all tagged according to the Dutch Taxonomy.

File two is the auditor’s report in XBRL format. An XBRL taxonomy developed specifically by the NBA for auditor’s reports supports the different report types in use (unqualified, qualified, disclaimer, adverse). This means the auditor’s report is itself a fully tagged data file, not a scanned PDF. The auditor must select the correct “commitment type” when generating this file (for example, an opinion on the FS, or an opinion with additional reporting on the management report).

File three is the detached digital signature. This XML file links the annual report and the auditor’s report cryptographically and proves that neither has been altered since the moment of signing. Signing uses a qualified electronic certificate issued through the NBA’s PKIoverheid-approved infrastructure. Anyone can verify the signature’s authenticity using open-source tools provided by SBR-NL.

The three-file model replaces the traditional “wet signature on paper” approach entirely for SBR filings. If your firm has not yet obtained the electronic signing certificates or tested the SBR Assurance tooling, this is a prerequisite, not an optional upgrade. The NBA’s Statement Generator tool (verklaringengenerator) can produce the XBRL auditor’s report and supports the digital signing process.

Worked example: Dijkstra Logistics files its first SBR annual report

Scenario

Dijkstra Logistics B.V. is a transport company in Rotterdam with €28M in assets and €31M in revenue. The company employs 62 people. The company has a statutory audit performed by Kuiper & Van Dalen Accountants B.V. For financial year 2025, Dijkstra must file its annual accounts through SBR for the first time. The FS are prepared under Dutch GAAP.

1. Client preparation (Q1 2026)

Dijkstra’s accounting software (Exact Online) can export financial data in SBR format. The export covers only the primary FS. The notes and management report must be tagged separately. Dijkstra’s finance team contacts an XBRL specialist (a third-party conversion firm) to prepare the complete iXBRL report package. The conversion firm receives the draft FS in Word format and the trial balance data from Exact Online.

Documentation note: record the XBRL conversion arrangement in the planning file under Standaard 3950N. Note that the auditor will need access to the completed iXBRL file before signing.

2. Audit completion (March 2026)

Kuiper & Van Dalen completes the substantive audit work. Materiality (mat) was set at €310,000 (1% of revenue). The engagement team issues a clearance memo with no uncorrected misstatements above the clearly trivial threshold of €15,500. The audit opinion will be unqualified.

Before signing, the EP must perform the Standaard 3950N verification. The XBRL specialist delivers the iXBRL file.

Documentation note: obtain the iXBRL file at least one week before the planned signing date. Late delivery of the XBRL file is the single most common cause of SBR-related delays at completion.

3. Standaard 3950N procedures (late March 2026)

The engagement team runs the following checks on the iXBRL file.

Data integrity: the team extracts the tagged financial data from the iXBRL file and reconciles key figures (total assets, revenue, profit before tax (PBT), and equity) against the audited trial balance. All figures match.

Tagging accuracy: the team reviews a sample of taxonomy elements to verify that line items are tagged to the correct Dutch Taxonomy concepts. Revenue is tagged as “Nettoomzet” (net turnover), not “Overige bedrijfsopbrengsten” (other operating income). Fixed assets are tagged at the correct level of disaggregation.

Consistency: the team verifies that subtotals in the notes reconcile to the primary statement figures within the XBRL structure. A discrepancy is found: the fixed asset note shows a €12,000 rounding difference against the balance sheet total. The XBRL specialist corrects the file.

Documentation note: file the Standaard 3950N verification as a separate working paper (WP). Include the reconciliation output and the tagging sample, together with the corrected iXBRL file bearing a clear version number.

4. Signing and filing (April 2026)

The EP generates the XBRL auditor’s report using the NBA’s Statement Generator. She selects “controleverklaring bij de jaarrekening” as the commitment type and enters the key audit data. The system produces the XBRL auditor’s report file.

Using the SBR Assurance signing tool, the partner applies her qualified electronic signature. The tool creates the detached signature XML file, linking the iXBRL annual report and the XBRL auditor’s report.

Dijkstra’s finance team (or their intermediary) submits the three-file package to the KvK through Digipoort. Digipoort validates the structure and returns a confirmation.

Documentation note: retain copies of all three files (iXBRL report, XBRL auditor’s report, detached signature) in the audit file. Record the Digipoort confirmation reference.

Practical checklist for your firm

Confirm whether your firm has the electronic signing certificates required for SBR Assurance. These are PKIoverheid-qualified certificates issued through the NBA’s infrastructure. If not, begin the application process now; certificate issuance can take several weeks.
Test the NBA’s Statement Generator (verklaringengenerator) on a non-live engagement before you need it for a real filing. Familiarise the engagement team with the commitment type selection and the XBRL auditor’s report output.
For every statutory audit client that qualifies as a large entity, confirm the client’s SBR readiness. Does their accounting software export in XBRL or iXBRL? Have they engaged an XBRL specialist for the conversion? Build the Standaard 3950N procedures into the completion timeline.
Establish a policy for when the iXBRL file must be received from the client or conversion firm. One week before planned signing is a reasonable minimum. Late XBRL delivery should trigger a timeline discussion with the client, not a compressed quality review.
Train engagement teams on the Standaard 3950N verification procedures: data integrity reconciliation and tagging accuracy sampling, plus consistency checks between notes and primary statements within the XBRL structure.
Update your firm’s standard completion checklist to include a Standaard 3950N sign-off step for all engagements where the client files through SBR.

Common mistakes

Treating the XBRL file as someone else’s problem. The XBRL specialist prepares the file, but under Standaard 3950N the auditor must verify it. Delegating preparation does not delegate responsibility for data integrity and tagging accuracy.
Leaving the Standaard 3950N procedures to the last day before signing. The verification can surface issues (tagging errors or rounding discrepancies) that require the XBRL specialist to produce a revised file. Build buffer time into the completion schedule.
Using outdated electronic signing certificates or an untested version of the SBR Assurance tooling. The NBA updates the Statement Generator and the signing infrastructure periodically. An expired certificate or an incompatible software version on signing day is a preventable crisis.

Glossary: SBR (Standard Business Reporting). Explains the SBR framework and the Dutch Taxonomy.
Financial Ratio Calculator. Supports ISA 520 analytical procedures on the structured financial data that SBR produces.
COS standards: Dutch auditing standards overview. Covers the NV COS framework including Standaard 3950N’s position within the standard series.

Target word count: 3,000–4,500

Put audit concepts into practice with these free tools:

Frequently asked questions

What is SBR and how does it affect Dutch auditors?

SBR (Standard Business Reporting) is the Dutch government's framework for structured electronic exchange of financial data using XBRL. From financial year 2025, large entities must file through SBR, which means financial statements are structured data files rather than PDFs. For auditors, Standaard 3950N requires verification of data integrity, tagging accuracy, and consistency of the XBRL file, and the auditor's report itself becomes an XBRL file with a detached digital signature.

What is the difference between XBRL and Inline XBRL?

Both formats use the same underlying XBRL taxonomy. Classic XBRL produces a pure data file that requires rendering software to read. Inline XBRL embeds the taxonomy tags directly into an HTML document, producing a file that is both human-readable in a browser and machine-processable. For entities with a statutory audit, iXBRL is more practical because it allows auditors and management to review the document visually.

What does Standaard 3950N require?

Standaard 3950N is a Dutch-only standard with no ISA equivalent. It requires the auditor to verify data integrity (numbers match audited records), tagging accuracy (correct Dutch Taxonomy elements applied), and consistency (totals in notes reconcile with primary statements). These procedures are part of the statutory audit, performed at completion after substantive work is done.

What is the three-file SBR Assurance model?

When a statutory audit involves SBR-filed financial statements, the KVK receives three files: the annual report in XBRL or iXBRL format, the auditor's report as a separate XBRL file, and a detached digital signature XML file that cryptographically links both and proves neither has been altered since signing. This replaces the traditional wet signature on paper approach.