CAcert Organisation Assurance Program sub-policy for Europe

CAcert Policy Status
Editor: Teus Hagen
Creation date: 2008-05-01
Status: WiP 2008-05-02
Next status: DRAFT 2008

0. Preliminaries

This CAcert sub-policy extends the Organisation Assurance Policy ("OAP") by specifying how the CAcert Organisation Assurance Program ("COAP") is to be conducted by the assigned Organisation Assurer ("OA") under the supervision of the Assurance Officer ("AO") for entities within the defined scope.

1. Scope

This sub-policy is applicable to:

  1. organisations registered in Europe with an official Trade Office Registry ("Approved Registry").

Approved Registries are tabled in Appendix 1 of this sub-policy.

2. Requirements

This section describes any scope-specific requirements that are not otherwise defined in the Organisation Assurance Policy (OAP).

2.1 Organisations

  1. The organisation must be registered with an Approved Registry.
  2. The Approved Registry must have a mandate to register certain types of organisations (e.g. private companies, clubs Societies & Associations, partnerships, cooperatives, mutual societies, foundations, etc.)

2.2 Unincorporated Organisations

  1. Registered Names may be used for Organisation Assurance where an Approved Registry allows them to be registered without formal incorporation (e.g. Sole Traders, Doing-Business-As (DBAs), Partnerships, Church and Religious groups, etc.)
    Such entities have varying legal status and liabilities and may not be capable of legally becoming a Member of CAcert independently of the individuals within. The Organisation Assurer (OA) must then take care to identify the legal entity(s) seeking Organisation Assurance).
  2. Foreign Entities may be able or required to register with an Approved Registry but they must apply for Organisation Assurance where they are based; foreign registrations are not valid for Organisation Assurance.
    For example: companies are frequently incorporated in the United Kingdom, but operated primarily in another European country. These foreign entities may require to register locally and submit financial and/or yearly reports, extracts of home documents, reports from professionals such as accountants, etc, to authorities in the operating country but must apply for Organisation Assurance in the United Kingdom.

2.3 Records

Records supplied by the Registry must be one of the following forms:

  1. Formal originals on paper, where they are extracted from the Registry in an independent manner by the OA
  2. Digital statements from an online service provided by the Registry, acquired by the OA in an independent manner
  3. Digital statements from an online service provided by the Registry, acquired by the OA in a secure manner (e.g. digitally signed)
  4. Historical supplemental documents may be accepted where it can be shown that material changes have not been made (e.g., via absence of subsequent submissions in official document listings).

The records supplied by the Registry is called the Extract, defined below.

3. Registration

Approved Registries follow the European style of Chambers of Commerce (e.g Chambers of Commerce in (continental) European, Companies House in the United Kingdom and Ministry of Justice, Finance, or Commerce in Eastern Europe).

3.1 Criteria for Approved Registries

An Organisation can be accepted for Assurance under this policy if registered with an Approved Registry. The criteria for Approved Registries is:

  1. The Registry follows the general model of Trade Offices and thus is a formal authority for dealing with local trade matters affecting organisations
  2. The Registry is formally empowered to register corporate entities (organisations) under national law
  3. The Registry has a reliable search facility service that provides reliable documentary evidence of the registration entry of an organisation. The service may carry costs which are reimbursed from the organisation applicant.
  4. The Registry (or, its search facility) can provide an Extract of the registration of the entity, below.
  5. The Registry must be listed in Appendix I following the routine Policy on Policy process, controlled by the policy group.

3.1 Extracts

The Extract is the records provided by the Approved Registry, which must include (at least) the following information:

  1. Unique Identifier for the organisation within the Approved Registry.
  2. Full Name of the legal entity(s)
  3. Location (which must be within the area the Approved Registry is responsible for),
  4. Type of organisation (e.g. Company, Partnership, Sole Trader)
  5. Representatives of the legal entity(s) with signing power and their signature structure (e.g. Directors, Partners)

Organisation Assurance is available to any active entity which can provide the above Extract.

4. Process

4.1 General

The Organisation Assurer should take note of the following.

  1. Applicant(s) must be Assured Member(s) or Assurer(s)
  2. Each Organisation Assurance is for one legal entity only, but may include multiple names (e.g. trading names)
  3. The Organisation Administrator (O-Admin) must be an Assurer and must be delegated by the Applicant
  4. All organisations must be verified by Extract from an Approved Registry

4.2 Companies

For Companies requesting Organisation Assurance under this sub-policy:

  1. The Applicant must be duly authorised to sign on behalf of the organisation, and may be:
    1. The Secretary as verified in the Extract. This is the preferred and best option.
    2. A full Director of the managing or executive board, as verified in the Extract.
    3. Anyone who can prove that they are duly authorised to sign on behalf of the entity (e.g. via explicit written delegation or under company rules).
      This will require due diligence to be conducted by the Organisation Assurer, to the standard and/or for approval by the Organisation Assurance Officer.

4.2 Individuals

For Individuals requesting Organisation Assurance under this sub-policy:

  1. The individual Member may act as their own Organisation Administrator.

4.3 Partnerships

For Partnerships requesting Organisation Assurance under this sub-policy:

  1. The Partners must be verified via the Extract
  2. Where the Applicant is not the Managing Partner further due diligence must be conducted (e.g. verification that the role and title of the Applicant is suitable)
    If in doubt approval should be obtained from each of the Partners who should be individually Assured

4.4 Application Form

  1. Licensing Authority must be specified as the Approved Registry which issued the Extract
  2. Unique Identifier must be provided where issued (a Registry may not issue a unique Identifier for sole traders and partnerships)
  3. Type of entity that is registered (e.g. Company, Partnership, Sole Trader)
  4. Status of the Organisation (which must be active, except where the issuance of the Extract is implicit proof of active status)

The essential purpose of the information is to permit the Organisation Assurer and others to clearly and accurately identify the Organisation as actively registered within the Approved Registry, as well as its Representatives.

5. Roles and Responsibilities

5.1 Organisation Assurance Officer

The Organisation Assurance Officer is to maintain an accessible file or frequently asked questions (FAQ) for each Registry showing:

  1. The type or form of each entity that is registerable;
  2. The location and conditions of access to the Registry's search facility;
  3. The Extract form or manner;
  4. The unique registration Identifier or number form or manner, as allocated to each registered organisation;
  5. A list of Organisation Assurers currently authorised to conduct organisation assurances against the Registry;
  6. The nature or regime of any supplemental / historical documents that may be acceptable;
  7. The form of due diligence for verifying signatories that are not identified in the Extract;
  8. Any restrictions applicable to the Registry, as decided by Policy Group, the Arbitrator, or as advised by the Organisation Assurer.

The Organisation Assurance Officer is also to maintain training and testing material applicable. Elements of the challenge may be confidential, but only for the purposes of maintaining the efficacy of the challenge.

Appendix I

Table of Accepted Registries for European countries

Registries that have been identified but not approved have been hidden from view and may be awaiting feedback from OAs in that country.

Country Registry ID Web Address Search Address Entity Type Unique Identifier Extract Cost
European Union Countries
Austria: Bundesministerium für Justiz BMJ www.bmj.gv.at
HF Data GmbH FB www.firmenbuch.at FB search
Finland: Yritys-Ja Yhteisötietojärjestelmä BIS www.ytj.fi BIS search
France: Chambre de Commerce et d'Industrie CCI www.cci.fr CCI search
Registre National du Commerce et de Sociétés INPI www.euridile.inpi.fr Euridile search
InfoGreffe IG www.infogreffe.fr InfoGreffe search
Ireland: Companies Registration Office CRO www.cro.ie Company Search Company Company Number Company Printout €3.50
Netherlands: Kamer van Koophandel KvK www.kvk.nl KvK search
Sweden: Skatteverket SKAT www.skatteverket.se SE search
Bolagsverket BOL www.bolagsverket.se SE search
United Kingdom: Companies House CH www.companieshouse.gov.uk CH search
Other Countries
Norway: Brønnøysund Register Centre BRC www.brreg.no
Nøkkelopplysninger
fra Enhetsregisteret
BRREQ w2.brreg.no

Valid XHTML 1.1