This CAcert sub-policy extends the Organisation Assurance Policy ("OAP") by specifying how the CAcert Organisation Assurance Program ("COAP") is to be conducted by the assigned Organisation Assurer ("OA") under the supervision of the Assurance Officer ("AO") for entities within the defined scope.
</p>
<h2>
1. Scope
</h2>
<p>
This sub-policy is applicable to European organisations registered with an official Trade Office Registry ("Registry"), following the European style of Chambers of Commerce.
</p>
<p>
Approved Registries are tabled in paragraph Appendix 1 of this sub-policy.
This sub-policy is applicable to organisations that are, and are intended to be, registered with the official Trade Office Registry. The Registry itself defines what forms of organisation may be registered. They may include, amongst others: private companies, clubs Societies & Associations, partnerships, cooperatives, mutual societies, foundations, etc.
</p>
<h3>
2.2 Unincorporated Organisations
</h3>
<p>
<b>Registered Names.</b> Where an approved Registry specifically maintains a register for local entities that trade without formal incorporation, the Registry entry will present independent evidence of the name, as demanded by <ahref="http://www.cacert.org/policy/OrganisationAssurancePolicy.php#5">OAP#5.d</a>. This may apply to organisations such as Sole Traders, Doing-Business-As traders (DBAs), Partnerships, Church and Religious groups, etc.
</p>
<p>
Such entities have differing legal statuses with different liabilities. The named entity may not be capable of legally becoming a Member of CAcert, <i>independently and separately from the individuals within</i>. The Organisation Assurer (OA) must then take care to identify which individuals are Members, and which are therefore the natural legal entities behind the names.
</p>
<p>
The general standard for assurance of an unincorporated entity with a Registered Name is that the result is equivalent to assurance of an individual Member, or Members, with the addition of the Registered Name.
</p>
<p>
There is no limit to the number of Registered Names that a Member may have.
Example: companies are frequently incorporated in the United Kingdom, but operated primarily in another European country. These foreign entities may require to register locally and submit financial and/or yearly reports, extracts of home documents, reports from professionals such as accountants, etc, to authorities in the operating country.
</p>
<h3>
2.2 Records
</h3>
<p>
Records supplied by the Registry must be one of the following forms:
</p>
<ol>
<li>Formal originals on paper, where they are extracted from the Registry in an independent manner;
</li>
<li>Digital statements from an online service provided by the Registry, acquired by the Organisation Assurer in a secure and independent manner;
</li>
<li>Historical supplemental documents may be accepted where it can be shown that material changes have not been made (e.g., via absence of subsequent submissions in official document listings). Such acceptance should be applicable to the particular jurisdiction, as documented by the Organisation Assurer, and under any process he determines.
</li>
</ol>
<p>
The set of records supplied by the Registry is called the Extract, defined below.
</p>
<h2>
3. The Trade Office Registry
</h2>
<p>
Examples of Registries are: <i>Chambers of Commerce</i> in (continental) European, <i>Companies House</i> in the United Kingdom, <i>Ministry of Justice, Finance, or Commerce</i> in east Europe, and the <i>Secretary of State</i> in each of the United States of America.
An Organisation can be accepted for Assurance under this policy if registered with a formal Trade Office Registry. The criteria for a Trade Office Registry is:
</p>
<ol>
<li>The Registry follows the general model of <i>Trade Offices</i>, in that, it is a formal authority for dealing with local trade matters effecting organisations (not individuals);
</li>
<li>The Registry is formally empowered to register corporate entities (organisations) under national law;
</li>
<li>The Registry has a reliable search facility service that provides reliable documentary evidence of the registration entry of an organisation. The service may carry costs which are reimbursed from the organisation applicant;
</li>
<li>The Registry (or, its search facility) can provide an Extract of the registration of the entity, below.
</li>
</ol>
<p>
Approved Registries are defined in Appendix I. Addition of new Registries is by means of the routine Policy on Policy process, and is controlled by the policy group, on submission by Organisation Assurer.
<li>Each Organisation Assurance is for one organisation only, but may include multiple names;
</li>
<li>The Organisation Administrator (O-Admin) must be an Assurer;
</li>
<li>All organisations must be verified by a Registry search by the Organisation Assurer.
</li>
</ol>
<h3>
4.2 Requirements for Companies
</h3>
<p>
For Companies requesting Organisation Assurance under this subsidiary policy:
</p>
<ul>
<li>The application must be made by an individual who is duly authorised to sign on behalf of the organisation:
<olstyle="list-style-type: lower-roman;">
<li>The Secretary as verified in the Extract. This is the preferred and best option;
</li>
<li>A full Director of the managing or Executive board, as verified in the Extract;
</li>
<li>Any other Applicant must prove that they are duly authorised to sign on behalf of the entity. For example, via explicit written delegation or under company rules. This will require due diligence to be conducted by the Organisation Assurer, to the standard and/or for approval by the Organisation Assurer.
</li>
</ol>
</li>
</ul>
<h3>
4.2 Requirements for Individuals
</h3>
<p>
For Individuals requesting Organisation Assurance under this subsidiary policy:
</p>
<olstyle="list-style-type: lower-alpha;">
<li>The individual Member must be an Assurer;
</li>
<li>The individual Member acts as her own Organisation Administrator.
</li>
</ol>
<h3>
4.3 Requirements for Partnerships
</h3>
<p>
For Partnerships requesting Organisation Assurance under this subsidiary policy:
</p>
<olstyle="list-style-type: lower-alpha;">
<li>The Partners must be verified via the Extract;
</li>
<li>The applying Partner (signatory) must be a Member and Assurer;
</li>
<li>Where the Assurer-Partner is not the managing Partner, further due diligence should be conducted. For small partnerships, the Organisation Assurer should be satisfied that the managing partner is aware-in-writing of the activity. For large partnerships, the verified role and title of the Assurer-Partner is sufficient and applicable to the activity.
</li>
<li>The Assurer-Partner may delegate the role of Organisation Administrator to another Assurer within the Organisation.
</li>
</ol>
<h3>
4.4 CAcert Organisation Assurance (COAP) Form
</h3>
<p>
On the CAcert Organisation Assurance Programme Form (COAP Form), the following must be specified:
The essential purpose of the information is to permit the Organisation Assurer and others to clearly and accurately identify the entry held by the Registry.
</p>
<h2>
5. Roles and Responsibilities
</h2>
<h3>
5.1 Organisation Assurance Officer
</h3>
<p>
The Organisation Assurance Officer is to maintain an accessible file or frequently asked questions (FAQ) for each Registry showing:
</p>
<ol>
<li>The <i>type</i> or form of each entity that is registerable;
</li>
<li>The <i>location</i> and conditions of access to the Registry's search facility;
</li>
<li>The Extract <i>form</i> or manner;
</li>
<li>The unique registration <i>Identifier</i> or number <i>form</i> or manner, as allocated to each registered organisation;
</li>
<li>A <i>list of Organisation Assurers</i> currently authorised to conduct organisation assurances against the Registry;
</li>
<li>The nature or <i>regime of any supplemental / historical documents</i> that may be acceptable;
</li>
<li>The form of <i>due diligence for verifying signatories</i> that are not identified in the Extract;
</li>
<li>
<i>Any restrictions applicable</i> to the Registry, as decided by Policy Group, the Arbitrator, or as advised by the Organisation Assurer.
</li>
</ol>
<p>
The Organisation Assurance Officer is also to maintain training and testing material applicable. Elements of the challenge may be confidential, but only for the purposes of maintaining the efficacy of the challenge.
</p>
<h3>
5.2 Senior Organisation Assurers
</h3>
<p>
The Organisation Assurance Officer may delegate local senior Organisation Assurers to lead activities within the areas of each Registry, or within countries in general. The powers of such a delegate are undefined, and the responsibility remains with the Organisation Assurer Officer.
</p>
<h3>
5.3 Organisation Assurer (AO)
</h3>
<p>
The Organisation Assurer (OA) is to be tested according to Organisation Assurance Policy. Such testing is to include above documents kept by Organisation Assurance Officer.
Table of accepted Trade Office Registries for EU countries
</h2>
<p>
The green dot <fontcolor="green"size="+2">•</font> denotes an accepted Registry. The orange dot <fontcolor="orange"size="+2">•</font> denotes a Registry being accepted. The red dot <fontcolor="red"size="+2">•</font> denotes a Registry awaiting feedback from that country to be accepted for organisation registration Extracts.
<atitle="Department of Registrar of Companies and Official Receiver"href="http://www.mcit.gov.cy/mcit/drcor/drcor.nsf/aboutus_en/aboutus_en?OpenDocument">www.mcit.gov.cy</a>
Table of accepted Trade Office Registries for other European countries
</h2>
<p>
The green dot <fontcolor="green"size="+2">•</font> denotes an accepted Registry. The orange <fontcolor="orange"size="+2">•</font> denotes a Registry being accepted. The red dot <fontsie="+2"color="red">•</font> denotes a Registry awaiting feedback from that country to be accepted for company registration Extracts.
</p>
<table>
<thead>
<trvalign="top">
<td></td>
<tdvalign="top"></td>
<thalign="left">
Registry
</th>
<th>
ID
</th>
<thalign="left">
web address
</th>
<thalign="left">
search address
</th>
</tr>
</thead>
<tbody>
<trvalign="top">
<th>
other countries
</th>
<td></td>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
</tbody>
<tbody>
<trvalign="top">
<td>
<i>Andorra</i>:
</td>
<tdvalign="top">
<fontcolor="red"size="+2">•</font>
</td>
<td>
Oficina de Marques
</td>
<td>
OMPA
</td>
<td>
<atitle="General Registry for Trade and Commerce"href="http://www.ompa.ad/indexang.html">www.ompa.ad</a>
</td>
<td>
<atitle="Trade Name search"href="http://www.ompa.ad/angles/comerc/cerca.htm">AD search</a>
</td>
</tr>
<trvalign="top">
<td>
<i>Bosinia &<br/>
Herzegovina</i>:
</td>
<tdvalign="top">
<fontcolor="red"size="+2">•</font>
</td>
<td>
Gosodarska komora Federacije<br/>
Bosne i Hercegovine
</td>
<td>
KFBiH
</td>
<td>
<atitle="Sate and private corporations and cooperatives"href="http://www.kfbih.com/eng/">www.kfbih.com</a>
<td><ahref="http://www.legaltext.ee/et/andmebaas/paraframe.asp?loc=text&lk=et&sk=en&dok=X30081K4.htm&query=digitaalallkirja&tyyp=X&ptyyp=RT&pg=1&fr=no">Digital Signatures Act (consolidated text Dec 2003)</a></td>
<td><atitle="French law on digital signature"href="http://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000000399095">Digital signatures act nr 2000-230 13th of March 2000</a></td>
<td><ahref="http://www.legilux.public.lu/leg/textescoordonnes/recueils/COMMERCE_ELECTRONIQUE/SIGNATURE_ELECTRONIQUE.pdf">Loi du 14 août 2000 relative au commerce électronique, 2000</a> (in French)</td>
<td><ahref="http://www.e-overheid.nl/thema/juridisch/handtekeningen/handtekeningen.html">Wet Elektronische Handtekeningen (WET) of 21st of May 2003</a> (in Dutch)</td>
<td><ahref="http://www2.gov.si/zak/Zak_vel.nsf/4c1d8c547755fffac1256616002dd5e1/c12563a400338836c12568fd00505349?OpenDocument">Electronic Business and Electronic Signature Act</a> (in Slovene)</td>
<td><ahref="http://www.google.com/url?sa=t&ct=res&cd=1&url=http%3A//www.aeat.es/descarga/ley59_2003.pdf">Ley 59/2003 , de 19 de diciembre, de firma electrónica</a> (in Spanish)</td>
<td><ahref="http://www.pts.se/Archive/Documents/SE/engelsk%20oversattning%20av%20lag%20elektroniska%20signaturer.pdf">SFS 2000:832 in English translation</a></td>
