CAcert Organisation Assurance Program sub-policy for Australia
Author(s): Robert Cruikshank, Sam Johnston
Creation date: WIP 2008-03-18 V0.3
Status: WIP DRAFT 2008-03-XXX
Date next status: changes expected in April 2008.
0. Preliminaries
This CAcert sub-policy extends the Organisation Assurance Policy ("OAP") by specifying how the CAcert Organisation Assurance Program ("COAP") is to be conducted by the assigned Organisation Assurer ("OA") under the supervision of the Assurance Officer ("AO") for entities within the defined scope.
1. Scope
This sub-policy is applicable to:
- Australian legal entities:
- Sole Traders
- Partnerships
- Companies
- Trusts
2. Requirements
This section describes any scope specific requirements that are not otherwise defined in the OAP.
2.1 Organisation
- For sole traders operating under their own name business name registration is OPTIONAL.
- Applicants MUST be a valid legal entity but MAY have an arbitrary number of registered trading names.
2.2 Records
- Digital Signatures MAY be accepted in Australia under the Electronic Transactions Act(s).
- Applicant claiming to be acting on another's behalf MUST submit a copy of the relevant authorisation (eg power of attorney).
- Statutory Declarations MAY be accepted along with other documentary evidence.
2.3 Application Form
- The jurisdiction MUST be specified as 'Australia' (for companies and trusts) or an Australian State or Territory (for sole traders and partnerships).
- Any applicable organisation identifiers (ACN/ABN/ARBN) MUST be specified where applicable (not required for sole traders operating under their own name).
3. Registration
3.1 Registries
- Australian Securities and Investments Commission ("ASIC") [http://www.asic.gov.au/]
- National Names Index [http://www.search.asic.gov.au/gns001.html]
- Australian Taxation Office ("ATO") [http://www.ato.gov.au/]
- Australian Business Register ("ABR") [http://www.abr.business.gov.au/]
- AusRegistry [http://www.ausregistry.com.au/]
- .au ccTLD WHOIS [http://whois.ausregistry.net.au/]
3.2 Agents
- ASIC
- ASIC Information Brokers [http://www.asic.gov.au/asic/asic.nsf/byheadline/Information+brokers?openDocument]
- ASIC Service Centers [http://www.asic.gov.au/asic/asic.nsf/byheadline/ASIC+Service+Centre+Addresses?openDocument]
3.3 Identifiers
- Australian Company Number ("ACN") is a unique 9 digit identifying number assigned by ASIC when a body becomes registered as a company under corporations law.
- Australian Registered Body Number ("ARBN") is a unique 9 digit identifying number assigned by ASIC when a body is registered with them other than as a company, for example, foreign companies and registrable Australian bodies.
- Australian Business Number ("ABN") is a unique 11 digit identifying number issued to all entities registered in the Australian Business Register (ABR).
3.4 Documents
- ASIC Company Extract
4. Processes
4.1 Assurance
- Each person listed in an application MUST be individually assured and referenced by a confirmed email.
- Sole traders operating under their own name MAY be automatically approved without further checks.
- All other trading names (including companies) MUST be verified against the National Names Index and/or Australian Business Register, where the status MUST be 'Registered' or 'Active' respectively.
- Partnership applicants MUST additionally be verified in the register as a current individual member and SHOULD be a managing partner.
- Company applications MUST be made by an individual who is duly authorised to sign on behalf of the company:
- Officeholder applicants (directors or preferably secretary) MUST be verified in an "ASIC Company Extract" which is to be obtained for a fee (reclaimable from the applicant) by the OA from an ASIC Service Center or ASIC Information Broker.
- Any other applicant MUST prove that they are duly authorised to sign on behalf of the entity (for example via delegation and/or under replacible rules) to the satisfaction of the OA, for approval by the AO.
- Trust applications MUST be made by the trustee.
- Government Body & Intrumentality applications MUST be made by a duly authorised person and the relevant authorisation must accompany the application.
- Club & Association applications MUST be made by the secretary of the club or association.
4.2 Domain Names
- .au ccTLD WHOIS contains organisation information (including identifiers where applicable) which MUST exactly match the organisation's details.
- Any other domain names MUST exactly match the organisation's details for the registrant (or equivalent) or be subject to technical verification measures.