I guess what we're then concerned about is that you say you identify risk, you don't do the follow-up to identify whether that risk has been mitigated or not, and you don't necessarily disclose whether the risk has been breached. So how are we to assess whether or not the due diligence is being done if you don't give us the due diligence as a report?
