Organisation Assurance - sub-policy for Dutch organisations
Author: Teus Hagen
Creation date: WIP 2007-10-26 V0.1
Status: WIP 2007-10-26
Date next status (draft): changes expected in December 2007.
0. Preliminaries
This sub-policy describes how Organisation Assurers ("OAs") conduct assurances on Dutch organisations.
It fits within the overall web-of-trust or assurance process and the Organisation Assurance Policy (OAP) of CAcert.
1. Purpose
This is a subsidiary policy to the Organisational Assurance Policy (OAP).
a. This sub-policy is applicable for the assurance of organisations in the Netherlands only.
b. This sub-policy is an implementation of the OAP.
c. In the below, where the Assurance Officer (AO) is referred to, this includes his local delegate.
2. Organisation Assurers
2.1 Requirements for the Organisation Assurer
In addition to the requirements defined in the OAP, an OA must meet the following requirements for assuring Dutch organisations:
a. Knowledge on common legal forms of organisations in the Netherlands.
b. Must pass an additional test on local knowledge even if he is already an OA.
c. Should help the AO to define local requirements.
3. Process
3.1 Organisations
Acceptable organisations under this sub-policy must be:
a. Organisations created under the rules of the jurisdiction in the Netherlands.
b. Organisations must not be revoked or pending by a competent authority with direct oversight over the organisation.
3.2 Documents
The organisation has to provide documents to prove the essential standard of Organisation Assurance as defined in the policy:
a. The primary mechanism to prove existence is to get an official extract from the official Trade Office (Kamer van Koophandel) Register (Extract), either via an online interface
or via physical means (the organisation is asked to carry these direct costs)
b. Where not available, an official document will be required from the company, subject to such checks as defined by the AO.
c. If copies of official Extracts from the official register are provided, they must be officially certified
d. The Extract should not be older than 4 weeks. The Extract should state registrated official administrative details of the organisation.
e. The AO maintains a list of which specific documents and tests can be acceptable for the certain types of organisations. At least the following information is required: official name, address, administrative contact(s) and email addresses, domain name(s), legal representative of the organisation and restrictions.
f. The OA can ask for additional documents if needed to validate required information for the assurance action.
Note: from 31st of December 2009 all Dutch organisations (also: ministery and public offices, religious sociaties, liberal professions, partnerships, one-man business, association of house-owners, etc.) will need to be registered with the Trade Office.
3.3 COAP
In addition to the checks defined in the policy, the COAP form for Dutch organisations requires:
a. The OA must keep all provided documentation and will maintain digital readability if documents are provided in digital format for 7 years.
b. Signatures from organisation officials must meet the following requirements
    i.   as legally specified for the type of organisation
    ii.  as specified in the official documents (f.e. the extract from the Register)
    iii. as delegated within the organisation (proof of delegation needed)