SEC 10-K — MD&A and Financial Statement Notes Drafter
Overview
Draft and validate the Management Discussion & Analysis (MD&A) section and key financial statement footnotes of the SEC Form 10-K annual report. Built for US domestic registrants filing under US GAAP, this skill covers the full 11-step workflow from executive overview through final validation.
What It Covers
- MD&A sections — Executive overview, results of operations with quantified YoY variance, liquidity and capital resources (narrative format per 2021 amendments), critical accounting estimates with sensitivity and period-over-period methodology comparison
- Item 305 — Quantitative and qualitative market risk disclosures (interest rate, FX, commodity, equity price)
- Item 106 — Cybersecurity risk management and governance disclosures (mandatory for all registrants, including SRCs, for fiscal years ending on or after December 15, 2024)
- Item 105 — Risk factor drafting and prioritization (Part I, Item 1A) with Item 106 cross-consistency checks
- Non-GAAP measures — Reg G / Item 10(e) reconciliation compliance, equal-or-greater GAAP prominence, CDI 102.10(e) item-by-item tax effects
- Forward-looking safe harbor — PSLRA cautionary language with specific risk factor identification
- Financial statement footnotes — All required ASC topics (606, 260, 842, 740, 450, 280, 855, 850) plus situational topics (326/CECL, 350, 805, 820, 470, 718, 715)
- ASU 2023-09 — Income tax disaggregation requirements for FY2025 10-Ks (rate reconciliation with dollar amounts by jurisdiction, disaggregated taxes paid schedule)
- PCAOB AS 2501 — Revised critical estimate audit expectations (effective for fiscal years beginning on or after December 15, 2025)
Example Conversation
You: We need to draft the MD&A and key footnotes for our FY2025 10-K. Our fiscal year ended December 31, 2025. We have the prior-year 10-K, current trial balance, and consolidated financials uploaded. We use two non-GAAP measures (Adjusted EBITDA and non-GAAP operating income).
Agent: I’ll work through the full 11-step workflow. Starting with the executive overview and results of operations using your financials to compute year-over-year variances. Since you have non-GAAP measures, I’ll include the Reg G / Item 10(e) reconciliation step with GAAP-first presentation.
You: For critical accounting estimates, our main ones are goodwill impairment (we have three reporting units) and the allowance for credit losses under CECL.
Agent: I’ll draft the critical estimates section for both. For goodwill, I’ll include the single-step quantitative impairment test per ASU 2017-04, fair value methodology, and sensitivity analysis for each reporting unit. For CECL, I’ll cover the methodology, key assumptions, portfolio segments, and period-over-period comparison of how our loss rate assumptions changed. Item 303(b)(3) requires this comparison even when dollar amounts haven’t changed.
Agent: I’ve drafted the full MD&A and footnotes in
mda-draft.md. Runningmda_completeness_checkerwithfiscal_year_end: "2025-12-31"andhas_non_gaap: true…
Agent: The checker returned FAIL on one item: the Item 106 cybersecurity section is missing third-party service provider oversight language. I’ll add a paragraph describing your vendor cybersecurity assessment process and re-run.
Agent: Re-ran the checker — PASS across all 10 validation categories. The draft is ready for review by your financial reporting team and securities counsel before filing.
Sample Output Excerpt
Excerpt from a generated MD&A draft showing key sections.
Executive Overview
For the fiscal year ended December 31, 2025, Acme Corp delivered total revenue of $4.2 billion, an increase of 14% compared to $3.7 billion in fiscal 2024. The increase was primarily driven by $340 million in growth from our Cloud Services segment and $180 million from expanded enterprise licensing. Operating income improved to $890 million from $720 million, reflecting operating leverage and disciplined cost management despite continued investment in AI infrastructure.
Results of Operations
Revenue
Total revenue for the year ended December 31, 2025 was $4,210 million, an increase of $530 million, or 14%, compared to $3,680 million in fiscal 2024. The increase was primarily attributable to:
- Cloud Services — revenue increased $340 million, or 22%, to $1,890 million, driven by net new customer additions (approximately 2,400 enterprise accounts) and average contract value expansion of 9% among existing customers.
- Enterprise Licensing — revenue increased $180 million, or 11%, to $1,810 million, reflecting multi-year renewal cycles and price increases effective July 1, 2025.
- Professional Services — revenue increased $10 million, or 2%, to $510 million, as higher utilization rates were partially offset by a shift toward fixed-fee engagements with lower average billing rates.
Cost of revenue was $2,190 million, an increase of $230 million, or 12%, compared to $1,960 million in fiscal 2024. Gross margin expanded to 48.0% from 46.7%, as cloud infrastructure efficiencies and licensing scale more than offset $65 million in incremental data center depreciation.
Known Trends and Uncertainties
We anticipate continued growth in Cloud Services revenue driven by enterprise migration to hybrid cloud architectures; however, macroeconomic conditions, including elevated interest rates, are expected to impact customer purchasing timelines in the first half of fiscal 2026. We are also monitoring the impact of recent tariff changes on our hardware procurement costs, which could increase capital expenditures by an estimated 8-12% in fiscal 2026 if current rates remain in effect.
Critical Accounting Estimates
Goodwill — Reporting Unit Fair Value
We test goodwill for impairment annually as of October 1, or more frequently if triggering events occur, using a quantitative single-step impairment test comparing each reporting unit’s estimated fair value to its carrying amount. We estimate fair value using a combination of the income approach (discounted cash flow) and the market approach (guideline public company multiples), weighted 60%/40%.
Change from prior period: In fiscal 2024, we applied a 50%/50% weighting. The shift to 60%/40% reflects improved comparability of our discounted cash flow projections following the completion of our strategic restructuring.
Sensitivity: For our Enterprise Solutions reporting unit (carrying value: $1.2 billion; estimated fair value: $1.5 billion; excess: 25%), a 100 basis point increase in the discount rate would reduce estimated fair value by approximately $140 million, narrowing the excess to approximately 5%. A simultaneous 100 basis point increase in the discount rate and 200 basis point reduction in the terminal growth rate would result in an estimated fair value approximately equal to carrying value.
Item 106 — Cybersecurity Risk Management and Governance
Risk Management and Strategy
We maintain a cybersecurity risk management program integrated into our enterprise risk management framework. The program includes regular vulnerability assessments, penetration testing by both internal and external teams, and continuous monitoring through our Security Operations Center. We engage third-party cybersecurity assessment firms annually to evaluate the effectiveness of our controls and benchmark our posture against industry standards (NIST CSF). Our third-party vendor management program requires cybersecurity due diligence assessments for all vendors with access to sensitive data or critical systems.
No cybersecurity incidents have materially affected or are reasonably likely to materially affect the Company’s business strategy, results of operations, or financial condition during fiscal 2025.
Governance
Our Board’s Audit Committee oversees cybersecurity risk as part of its broader risk oversight responsibilities and receives quarterly briefings from the Chief Information Security Officer (CISO). Our CISO, who has over 15 years of experience in information security and holds CISSP and CISM certifications, leads day-to-day cybersecurity risk management and reports directly to the Chief Technology Officer.
Extension Tools
mda_completeness_checker validates your draft against 10 categories of SEC disclosure requirements. It accepts the document path, an optional fiscal year end date (to determine whether Item 106 is required), and an optional non-GAAP flag.
What It Checks
| Category | What It Validates |
|---|---|
| Item 303 topics | Results of operations, liquidity and capital resources, off-balance-sheet arrangements, material cash requirements, critical accounting estimates (2021 amended structure) |
| YoY variance | Quantified year-over-year comparisons (dollar/percentage) scoped to the results of operations section |
| Known trends | Forward-looking trend and uncertainty language per Item 303(b)(1) and (b)(2) — a top SEC staff comment area |
| Critical estimates | Methodology, sensitivity analysis, and period-over-period comparison of assumptions (all three required by Item 303(b)(3)) |
| Item 305 | Market risk disclosures (interest rate, FX, commodity, equity price) |
| Item 106 | Five cybersecurity sub-elements: risk management process, board oversight, management expertise, third-party oversight, material impact assessment — requires 4 of 5 for PASS |
| Non-GAAP | Reconciliation to GAAP, equal-or-greater GAAP prominence, usefulness explanation (only enforced when has_non_gaap: true or non-GAAP language detected) |
| Safe harbor | PSLRA forward-looking statement cautionary language with identified risk factors |
| Item 105 | Risk factor section references (informational — risk factors appear in Part I, Item 1A, not inside MD&A) |
| ASC footnotes | References to core ASC topics (606, 260, 842, 740 required; plus 450, 280, 855, 850, 326) |
Parameters
path(required) — Path to the MD&A or 10-K section documentfiscal_year_end(optional) — Date inYYYY-MM-DDformat. Determines whether Item 106 is required (mandatory for fiscal years ending on or after 2023-12-15). If omitted, Item 106 issues are reported as warningshas_non_gaap(optional) — Set totrueif the filing includes non-GAAP measures to enforce Reg G / Item 10(e) compliance checks
How to Read Results
The checker outputs PASS or FAIL with a line-by-line breakdown of each category. FAIL means at least one required element is missing — fix the flagged gaps and re-run until the check passes. The checker validates structural completeness and key-phrase presence only; qualitative review by a financial reporting professional remains required.
Getting Started
Upload your source materials to the project workspace:
- Prior-year 10-K — for comparative period data and disclosure language baseline
- Current-year consolidated financials — income statement, balance sheet, cash flow statement, and trial balance
- Risk factor drafts — existing Item 1A risk factors for update and prioritization
- Non-GAAP schedules (if applicable) — current non-GAAP measures and reconciliation tables
- Cybersecurity program documentation — risk management framework, governance structure, incident history
Then activate the SEC 10-K — MD&A and Financial Statement Notes Drafter skill. The agent walks through each of the 11 workflow steps — from executive overview through footnotes — and runs mda_completeness_checker to validate the draft before you hand it off for professional review.