CAcert Organisation Assurance Program sub-policy
for countries
with a national (official) Trade Office Registry

CAcert Policy Status
Author: Teus Hagen
Creation date: 2008-05-01
Status: WiP 2008-05-02
Next status: DRAFT 2008

0. Preliminaries

This CAcert subsidary policy (sub-policy) specifies how Organisation Assurance is conducted on Organisations registered by official Trade Office Registries, following the European style of Chambers of Commerce.

This sub-policy extends the Organisation Assurance Policy ("OAP"). It specifies how Registries are determined, what steps to take in adding them, and roles and responsibilities.

1. Scope

This sub-policy is applicable to organisations registered with an official Trade Office Registry ("Registry"). Approved Registries are tabled in paragraph Appendix 1 of this sub-policy.

2. Requirements

This section describes any scope-specific requirements that are not otherwise defined in the Organisation Assurance Policy (OAP).

2.1 Organisation

This sub-policy is applicable to organisations that are, and are intended to be, registered with the official Trade Office Registry. The Registry itself defines what forms of organisation may be registered. They may include, amongst others: private companies, clubs Societies & Associations, partnerships, cooperatives, mutual societies, foundations, etc.

2.2 Unincorporated Organisations

Registered Names. Where an approved Registry specifically maintains a register for local entities that trade without formal incorporation, the Registry entry will present independent evidence of the name, as demanded by OAP#5.d. This may apply to organisations such as Sole Traders, Doing-Business-As traders (DBAs), Partnerships, Church and Religious groups, etc.

Such entities have differing legal statuses with different liabilities. The named entity may not be capable of legally becoming a Member of CAcert, independently and separately from the individuals within. The Organisation Assurer (OA) must then take care to identify which individuals are Members, and which are therefore the natural legal entities behind the names.

The general standard for assurance of an unincorporated entity with a Registered Name is that the result is equivalent to assurance of an individual Member, or Members, with the addition of the Registered Name.

There is no limit to the number of Registered Names that a Member may have.

Foreign Entities.
Where a local Registry requires foreign entities to register, this registration MAY NOT MAY be used for Organisation Assurance. See USA debate, foreign entites must Organisation Assurer in home state.
Example: companies are frequently incorporated in the United Kingdom, but operated primarily in another European country. These foreign entities may require to register locally and submit financial and/or yearly reports, extracts of home documents, reports from professionals such as accountants, etc, to authorities in the operating country.

2.2 Records

Records supplied by the Registry must be one of the following forms:

  1. Formal originals on paper, where they are extracted from the Registry in an independent manner;
  2. Digital statements from an online service provided by the Registry, acquired by the Organisation Assurer in a secure and independent manner;
  3. Historical supplemental documents may be accepted where it can be shown that material changes have not been made (e.g., via absence of subsequent submissions in official document listings). Such acceptance should be applicable to the particular jurisdiction, as documented by the Organisation Assurer, and under any process he determines.

The set of records supplied by the Registry is called the Extract, defined below.

3. The Trade Office Registry

Examples of Registries are: Chambers of Commerce in (continental) European, Companies House in the United Kingdom, Ministry of Justice, Finance, or Commerce in east Europe, and the Secretary of State in each of the United States of America.

3.1 Criteria for a Registry

An Organisation can be accepted for Assurance under this policy if registered with a formal Trade Office Registry. The criteria for a Trade Office Registry is:

  1. The Registry follows the general model of Trade Offices, in that, it is a formal authority for dealing with local trade matters effecting organisations (not individuals);
  2. The Registry is formally empowered to register corporate entities (organisations) under national law;
  3. The Registry has a reliable search facility service that provides reliable documentary evidence of the registration entry of an organisation. The service may carry costs which are reimbursed from the organisation applicant;
  4. The Registry (or, its search facility) can provide an Extract of the registration of the entity, below.

Approved Registries are defined in Appendix I. Addition of new Registries is by means of the routine Policy on Policy process, and is controlled by the policy group, on submission by Organisation Assurer.

3.1 Extracts

The Extract is the set of records provided by the Registry. The Extract is to include the following information about the entity:

  1. location (at least within Registry's area),
  2. type of organisation,
  3. full name of the organisation,
  4. director(s) with signing power and their signature structure,
  5. unique registration Identifier or number within Registry.

Organisation Assurance is available to any entity which can provide the above Extract.

4. Assurance Process

4.1 General Requirements

The Organisation Assurer should take note of the following.

  1. Each Organisation Assurance is for one organisation only, but may include multiple names;
  2. The Organisation Administrator (O-Admin) must be an Assurer;
  3. All organisations must be verified by a Registry search by the Organisation Assurer.

4.2 Requirements for Companies

For Companies requesting Organisation Assurance under this subsidiary policy:

4.2 Requirements for Individuals

For Individuals requesting Organisation Assurance under this subsidiary policy:

  1. The individual Member must be an Assurer;
  2. The individual Member acts as her own Organisation Administrator.

4.3 Requirements for Partnerships

For Partnerships requesting Organisation Assurance under this subsidiary policy:

  1. The Partners must be verified via the Extract;
  2. The applying Partner (signatory) must be a Member and Assurer;
  3. Where the Assurer-Partner is not the managing Partner, further due diligence should be conducted. For small partnerships, the Organisation Assurer should be satisfied that the managing partner is aware-in-writing of the activity. For large partnerships, the verified role and title of the Assurer-Partner is sufficient and applicable to the activity.
  4. The Assurer-Partner may delegate the role of Organisation Administrator to another Assurer within the Organisation.

4.4 CAcert Organisation Assurance (COAP) Form

On the CAcert Organisation Assurance Programme Form (COAP Form), the following must be specified:

  1. The licensing authority (Trade Office Registry);
  2. The unique registration Identifier or number (where issued; a Registry may not issue a unique Identifier for sole traders and partnerships);
  3. The type of entity that is registered, according to the classification created by the Registry.

The essential purpose of the information is to permit the Organisation Assurer and others to clearly and accurately identify the entry held by the Registry.

5. Roles and Responsibilities

5.1 Organisation Assurance Officer

It is an open question as to whether there is a separate Org AO as opposed to just one Assurance Officer.
If not, then s/Organisation Assurance Officer/Assurance Officer/g .

The Organisation Assurance Officer is to maintain an accessible file or frequently asked questions (FAQ) for each Registry showing:

  1. The type or form of each entity that is registerable;
  2. The location and conditions of access to the Registry's search facility;
  3. The Extract form or manner;
  4. The unique registration Identifier or number form or manner, as allocated to each registered organisation;
  5. A list of Organisation Assurers currently authorised to conduct organisation assurances against the Registry;
  6. The nature or regime of any supplemental / historical documents that may be acceptable;
  7. The form of due diligence for verifying signatories that are not identified in the Extract;
  8. Any restrictions applicable to the Registry, as decided by Policy Group, the Arbitrator, or as advised by the Organisation Assurer.

The Organisation Assurance Officer is also to maintain training and testing material applicable. Elements of the challenge may be confidential, but only for the purposes of maintaining the efficacy of the challenge.

5.2 Senior Organisation Assurers

The Organisation Assurance Officer may delegate local senior Organisation Assurers to lead activities within the areas of each Registry, or within countries in general. The powers of such a delegate are undefined, and the responsibility remains with the Organisation Assurer Officer.

5.3 Organisation Assurer (AO)

The Organisation Assurer (OA) is to be tested according to Organisation Assurance Policy. Such testing is to include above documents kept by Organisation Assurance Officer.





Appendix I

Table of accepted Trade Office Registries for EU countries

The green dot denotes an accepted Registry. The orange dot denotes a Registry being accepted. The red dot denotes a Registry awaiting feedback from that country to be accepted for organisation registration Extracts.

Registry ID web address search address
EU countries
Austria: Bundesministerium
für Justiz
BMJ www.bmj.gv.at
HF Data GmbH FB www.firmenbuch.at FB search
Belgium: International
Chambre de Commerce
CCI www.iccwbo.be
Coface CCI www.eurodb.be Coface search
Bulgaria: Ministry of Justice NGO www.mjeli.government.bg BG search
Cyprus: Dept of Registrar
of companies
DRC www.mcit.gov.cy CY search
Czech Republic: Ministry of Finance ARES wwwinfo.mfcr.cz CZ search
Denmark: Central Business Register VIRK virk.dk DK search
Estonia: E-Äriregister RIK ariregister.rik.ee EE search
Finland: Yritys-Ja
Yhteisötietojärjestelmä
BIS www.ytj.fi BIS search
France: Chambre de Commerce
et d'Industrie
CCI www.cci.fr CCI search
Registre National du
Commerce et de Sociétés
INPI www.euridile.inpi.fr Euridile search
InfoGreffe IG www.infogreffe.fr InfoGreffe search
Germany: Handelsregister Portal HR www.handelsregister.de DE search
Greece: Athens Chamber of
Commerce and Industry
ACCI www.acci.gr ACCI search
Hungary: Ministry of Justice IM www.im.hu
Ireland: Companies Registration Office CRO www.cro.ie CRO search
Italy: InfoCamere IC webtelemaco.infocamere.it IT search
Latvia: Lursoft LS www.lursoft.lv Lursoft search
Lithuania: Juridiniu Asmenu Registras JAR www.registrucentras.lt LT search
Luxembourg: Registre de
Commerce et des Sociétés
RCSL www.rcsl.lu LU search
Malta: Registry of Companies RNFS registry.mfsa.com.mt MT search
Netherlands: Kamer van Koophandel KvK www.kvk.nl KvK search
Poland: Ministry of Justice CORS opp.ms.gov.pl
Portugal: Conservatórias do
Registo Comercial
RC www.dgrn.mj.pt
Romania: ReCom
Min. of Justice
ReCom recom.onrc.ro HU search
Slovakia: Obchodný register ORSR www.orsr.sk SK search
Slovenia: Register Podjetij GZS www.gzs.si SI search
Spain: Registro Mercantil Central RMC www.nnc.es
Sweden: Skatteverket SKAT www.skatteverket.se SE search
Bolagsverket BOL www.bolagsverket.se SE search
United Kingdom: Companies House CH www.companieshouse.gov.uk CH search

Table of accepted Trade Office Registries for other European countries

The green dot denotes an accepted Registry. The orange denotes a Registry being accepted. The red dot denotes a Registry awaiting feedback from that country to be accepted for company registration Extracts.

Registry ID web address search address
other countries
Andorra: Oficina de Marques OMPA www.ompa.ad AD search
Bosinia &
Herzegovina
:
Gosodarska komora Federacije
Bosne i Hercegovine
KFBiH www.kfbih.com BH search
Croatia: Registar Poslovnih Subjekata BIZNET www1.biznet.hr CR search
Gibraltar: Companies House CH www.companieshouse.gi non free service
Norway: Brønnøysund Register Centre BRC www.brreg.no
Nøkkelopplysninger
fra Enhetsregisteret
BRREQ w2.brreg.no
Serbia: Serbian Commercial Register
Агенција за
привредне регистре
SCR www.apr.sr.gov.yu YU search
Switzerland: Central Business
Names Index portal
Zefix www.zefix.admin.ch CH search portal




Accompanied information -- Not part of this Policy


Not part of CAcert Organisation Assurance Program sub-policy definition. The provided information in this part is for reference information only.

National acts on digital signatures

Comment:
The legal requirement is that there is sufficient evidense and trust. This is the case for a digital certificate that can be checked.

Digital Signatures may be accepted under implementation of EU European Directive 99/93/EG and EU national act:

Austria: Signature Law 2000
Belgium: Signature Law 9-7-2001 F.2001-2699
Bulgaria:
Cyprus:
Czech Republic: Act on Electronic Signatures, 227/2000
Denmark: Lov om elektroniske signaturer
Estonia: Digital Signature Law, 2000 (in Estonian).
Digital Signatures Act (consolidated text Dec 2003)
Finland: Laki sähköisistä allekirjoituksista, 2003 (in Finnish)
France: Digital signatures act nr 2000-230 13th of March 2000
Germany: German Signature Law of 2001, changed in 2005
Greece: Presidential Decree 150/2001 (in Greek)
Hungary:
Ireland: Irish Electronic Commerce Act, 2000
Italy: Decreto legislativo 7/3/2005, n. 82 (Codice dell'Amministrazione Digitale)
Latvia:
Lithuania: Law on electronic signature, 2002
Luxembourg: Loi du 14 août 2000 relative au commerce électronique, 2000 (in French)
Malta: Maltese Electronic Commerce Act 2001, last amended 2005
Netherlands: Wet Elektronische Handtekeningen (WET) of 21st of May 2003 (in Dutch)
Norway: Electronic Signature Act, 2001 (in Norwegian).
Poland:
Portugal:
Romania: Legea semnăturii electronice, 455/2001
Law on the Electronic Signature, 455/2001 (unofficial translation)
Slovakia:
Slovenia: Electronic Business and Electronic Signature Act (in Slovene)
Spain: Ley 59/2003 , de 19 de diciembre, de firma electrónica (in Spanish)
Sweden: Qualified Electronic Signatures Act (SFS 2000:832)) (in Swedish)
SFS 2000:832 in English translation
Switzerland: Federal Law on Certification Services Concerning the Electronic Signature, 2003
United Kingdom: Electronic Communications Act, 2000
The Electronic Signatures Regulations 2002 (SI 2002 No. 2013)

Table with country top level domain registries

Every European country has a Domain Registrar for the ccTLD country code under which a company domain may have an internet domain registration. Domain registration of a organisation domain is checked with national Domain Registry via whois and other means.

?domain registrarweb addressccTLDwhois
Austria: NIC AT www.nic.at.at search
Belgium: .be
Bulgaria: .bg
Cyprus: NIC CY www.nic.cy.cy
Czech Republic: CZ.NIC .cz
Denmark: .dk
Estonia: .ee
Finland: FICORA domain.ficora.fi.fi
France: AFNIC www.afnic.fr.fr search
Germany: DENIC www.denic.de.de search
Greece: .gr
Hungary: .hu
Ireland: IE Domain Registry Ltd www.domainregistry.ie.ie search
Italy: .it
Latvia: .lv
Lithuania: .lt
Luxembourg: .lu
Malta: .ml
Netherlands Stichting Internet Domain
Registratie ("SIDN")
www.sidn.nl.nl search
Norway: Brønnøysund Register Centre www.norid.no.no search
Poland: NASK .pl
Portugal: .pt
Romania: Nat. Inst. for R&D and Informatics www.nic.ro.ro
Slovakia: .sk
Slovenia: .si
Spain: Network Inf. Center .es
Sweden: .SE www.se.se search
United Kingdom: Nominet UK www.nominet.org.uk.uk search

Valid XHTML 1.1