Quyết định 543/2002/QĐ-NHNN về xây dựng, cấp phát, quản lý và sử dụng chữ ký điện tử trên chứng từ điện tử trong thanh toán điện tử liên ngân hàng do Thống đốc Ngân hàng Nhà nước ban hành

DECISION

PROMULGATING THE REGULATION ON FORMULATION, ALLOCATION, MANAGEMENT AND USE OF ELECTRONIC SIGNATURES ON ELECTRONIC VOUCHERS IN INTER-BANK ELECTRONIC PAYMENT

THE STATE BANK GOVERNOR

Pursuant to State Bank Law No.01/1997/QH10 of December 12, 1997;Pursuant to Credit Institutions Law No.02/1997/QH10 of December 12, 1997;Pursuant to the Government’s Decree No.15/CP of March 2, 1993 on the tasks, powers and State management responsibilities of the ministries and ministerial-level agencies;Pursuant to the Prime Minister’s Decision No.64/2001/ND-CP of September 20, 2001 on payment activities through payment service-providing organizations;Pursuant to the Prime Minister’s Decision No.135/1999/QD-TTg of June 2, 1999 on the list of State secrets in the banking sector;Pursuant to the Prime Minister’s Decision No.44/2002/QD-TTg of March 21, 2002 on the use of electronic vouchers as accounting documents for capital accounting and settlement by payment service-providing organizations;At the proposal of the director of the Accountancy and Finance Department,

DECIDES:

Article 1.- To promulgate together with this Decision the Regulation on formulation, allocation, management and use of electronic signatures on electronic vouchers in inter-bank electronic payment.

Article 2.- This Decision takes effect 15 days after its signing. All previous stipulations on formulation, allocation, use and management of electronic signatures of the State Bank, which are contrary to this Decision, shall hereby cease to be effective.

Article 3.- The director of the State Bank’s Office, the director of the Accountancy and Finance Department, the director of the Banking Information Technology Department, the heads of the units under the State Bank of Vietnam, the director of the Transaction Bureau, the directors of the State Bank’s branches in the provinces and centrally-run cities, the general directors (directors) of the payment service-providing organizations shall have to implement this Decision.

REGULATION

ON FORMULATION, ALLOCATION, USE AND MANAGEMENT OF ELECTRONIC SIGNATURES ON ELECTRONIC VOUCHERS IN INTER-BANK ELECTRONIC PAYMENT(Promulgated together with the State Bank Governor’s Decision No.543/2002/QD-NHNN of May 29, 2002)

I. GENERAL PROVISIONS

Article 1.- Electronic signatures on electronic vouchers in inter-bank electronic payment constitute an element of electronic vouchers, are encrypted and always associated with electronic vouchers data for determining the truthfulness and accuracy of elements of such electronic vouchers when they are transmitted and received via computer networks among payment service-providing organizations.

The electronic signature shall be created exclusively for each individual to define and certify powers and responsibilities for the use of money on deposit accounts of the account holders or persons authorized by the account holders (payment order mandators) and chief accountants, heads of accountancy sections or authorized persons (controllers), thus ensuring the legality in the use of money, accounting and settlement of capital. Electronic signatures on electronic vouchers shall be valid as hand-written signatures in paper vouchers.

Article 2.- Electronic signatures shall be on the list of State secrets in the banking sector and of the "top secret" grade.

Persons who create and install software programs in computers as well as persons who allocate electronic signatures shall have to make written commitments to protect the State secrets according to the provisions of the legislation on protection of State secrets in banking activities.

Persons who are allocated and use electronic signatures shall have to make written commitments to protect the State secrets according to the provisions of the legislation on protection of State secrets in banking activities.

Article 3.- Competence to formulate, allocate and manage electronic signatures

The director of the State Bank’s Transaction Bureau, the directors of the State Bank’s branches in the provinces and centrally-run cities (hereinafter referred to as the State Bank’s units for short) shall have to formulate, allocate and manage electronic signatures for payment service-providing organizations, which open accounts at the State Bank’s units and conduct transactions of electronic payment via the State Bank.

Article 4.- Units and individuals are strictly prohibited to seek to illegally decode, misappropriate, buy, sell, disclose, duplicate or invalidate electronic signatures; or take advantage of the protection of electronic signatures to conceal their law-breaking acts.

II. FORMULATION OF ELECTRONIC SIGNATURES

Article 5.- Directors of the State Banks units shall have to coordinate with the Banking Information Technology Department in selecting and deciding on schemes and procedural processes of formulating electronic signatures for the inter-bank electronic payment systems in their respective localities. When necessary, the directors of the State Banks units may designate qualified persons to assist them in determining and allocating electronic signatures.

Article 6.- The formulation of electronic signatures must strictly comply with the following regulations:

1. It must be organized at safe places; computers, printers and other technical equipment and facilities in service of the formulation of electronic signatures must be tightly managed and exclusively used, in order to ensure good technical state and safety;

2. It must absolutely adhere to the already determined formulation processes;

3. The number of formulated and duplicated electronic signatures must not exceed the prescribed number;

4. After the formulation is completed, electronic signatures must be registered in the book for monitoring already formulated electronic signatures. The book for monitoring already formulated electronic signatures and newly formulated ones (not yet allocated) shall be directly kept and preserved by the directors of the State Banks units as top-secret documents. Recording papers and manuscripts in service of the formulation of electronic signatures as well as experimentally created electronic signatures and defective ones must be immediately destroyed, while the possibility of restoring electronic signatures in any form in computers and other information carriers must be precluded, in order to ensure accuracy, safety and confidentiality.

III. ALLOCATION AND MANAGEMENT OF THE ALLOCATION OF ELECTRONIC SIGNATURES

Article 7.- Subjects eligible for allocation of electronic signatures include:

1. Account holders or persons who are authorized by account holders of payment service-providing organizations that participate in inter-bank electronic payment (hereinafter referred to as units participating in inter-bank electronic payment for short).

2. Chief accountants, heads of accountancy sections or authorized persons of the units participating in inter-bank electronic payment.

Article 8.- Procedures for allocating electronic signatures

1. To be allocated electronic signatures, account holders of the units participating in inter-bank electronic payment shall have to send to the State Bank’s units written requests for electronic signature allocation together with lists of their staff members who are eligible for electronic signature allocation.

2. The directors of the State Bank’s units shall have to consider and approve the lists of persons to be allocated electronic signatures at the requests of the units participating in inter-bank electronic payment. The consideration and approval must be based on the eligible subjects, the procedures of application for allocation, and the use demand for electronic signatures in each unit participating in inter-bank electronic payment. For the right subjects and application procedures, the directors of the State Bank’s units or persons designated to assist the former shall carry out procedures for allocating electronic signatures to each individual at account holders requests.

Article 9.- The State Bank’s units and units participating in the inter-bank electronic payment shall have to open books to monitor the lists of electronic signature allocatees under their respective management. Such books and documents of the units, enclosed with the lists of persons requested to be allocated electronic signatures, shall be kept by the heads of the accountancy and payment sections (the State Bank’s units) and chief accountants or the heads of accountancy sections of the units participating in inter-bank electronic payment.

Article 10.- The re-allocation of electronic signatures shall be made only in the following cases:

+ Electronic signatures malfunction due to objective reasons such as damage of information carriers containing electronic signatures in the transportation process, technical errors, etc.

+ Electronic signatures are lost, misplaced, disclosed or suspected of being disclosed.

+ Electronic signature allocatees are transferred to other jobs or suspended from work.

Upon detecting that electronic signatures malfunction, are lost, misplaced, disclosed or suspected of being disclosed, the electronic signature allocatees shall have to promptly report such to the account holders so that the latter make written requests to the State Bank’s units for re-allocation of electronic signatures. Account holders of the units participating in the inter-bank electronic payment shall have to immediately recover electronic signatures, which malfunction, are disclosed or suspected of being disclosed, for handling according to regulations.

IV. USE AND MANAGEMENT OF THE USE OF ELECTRONIC SIGNATURES

Article 11.- Electronic signatures shall be used to encrypt and decode-control data of electronic vouchers upon effecting the transmission and reception thereof via computer networks among the units participating in inter-bank electronic payment according to the current regulations of the State Bank.

Article 12.- Only those who are allocated electronic signatures shall be allowed to use them in performing or authorizing others to perform their functions and tasks in the money use or capital accounting and settlement. Electronic signature allocatees are strictly prohibited to disclose or hand over their electronic signatures to others for use in any circumstances.

When using electronic signatures, the users must not disclose codes and methods of using their electronic signatures. Computers, equipment and facilities for use of electronic signatures must be placed out of others sight so that when electronic signatures are used, other persons cannot watch their codes and operating manipulations.

Article 13.- Electronic signature users must absolutely abide by the electronic signature-using regulations and procedures already instructed in order to ensure accuracy, safety and confidentiality.

V. USE SUSPENSION, RECOVERY AND ALTERATION OF ELECTRONIC SIGNATURES

Article 14.- Electronic signatures shall be suspended from use, recovered or altered in the following cases:

1. There are notices that electronic signatures are lost, misplaced, disclosed or suspected of being disclosed.

2. The electronic signature allocatees are transferred to other jobs or suspended from work.

3. The use duration of electronic signatures has expired (periodical alteration).

Article 15.- Account holders of the units participating in inter-bank electronic payment shall be responsible for suspending the use of electronic signatures by administrative measures, and immediately recovering electronic signatures already allocated to their staff members when:

1. Electronic signatures are detected being lost, misplaced, disclosed or suspected of being disclosed, the account holders of the units participating in inter-bank electronic payment shall have to promptly telegraph such to the State Bank�s units which have allocated such electronic signatures, and make written records identifying the reasons therefor or responsible persons (those responsible persons shall have to sign on written records), then report such in writing to the State Bank’s units.

2. The electronic signature allocatees are transferred to other jobs or suspended from work. In these cases, the electronic signature allocatees shall have to promptly return electronic signatures they have preserved and used to the account holders. The account holders shall have to recover electronic signatures, telegraph and report such in writing to the State Bank�s units which have allocated such signatures for appropriate handling measures.

3. They receive notices of the State Bank’s units on the use suspension and alteration of electronic signatures.

Article 16.- Directors of the State Bank’s units shall have to:

1. Suspend the use of electronic signatures - by technical measures, upon receiving written reports from the units participating in inter-bank electronic payment on the loss, displacement, disclosure or suspicious disclosure of electronic signatures or on the job transfer or work suspension of the electronic signature allocatees.

2. Alter electronic signatures. After a certain use duration, electronic signatures must be altered (periodical alteration). Upon altering electronic signatures, the State Bank’s units shall have to notify such to the concerned units and individuals for recovery of old electric signatures and allocation of new ones. Account holders of the units participating in inter-bank electronic payment shall have to supervise the alteration of electronic signatures at their respective units.

Article 17.- Units where electronic signatures are recovered shall have to preserve them for subsequent handling according to regulations. For electronic signatures subject to recovery but irrecoverable, the units shall have to make written records identifying the reasons for irrecoverability and persons responsible therefor (if any), then promptly report such in writing to the State Bank’s units, which have allocated such electronic signatures for appropriate handling measures.

VI. HANDOVER, RECEPTION, TRANSPORTATION, PRESERVATION AND DESTRUCTION OF ELECTRONIC SIGNATURES

Article 18.- The handover, reception and transportation of electronic signatures between the stages of formulating, allocating and recovering electronic signatures shall be effected according to the following regulations:

1. Modes of handover, reception and transportation of electronic signatures:

- Direct handover and reception;

- Delivery and reception via registered secret mails.

2. All cases of direct handover and reception of electronic signatures between the formulator, clericalist, allocatee, recoverer, etc., must be book-entered with signatures of the two involved parties, and handed over right at working offices according to regulations of units heads.

3. When sending electronic signatures via registered secret mails, the State Bank’s units and the units participating in inter-bank electronic payment must make entry in their books "electronic signatures sent out" for monitoring and comparing purposes and proceeding with the following procedures:

* Making sending slips: The sent-out electronic signatures must be accompanied with sending slips, and put in the same envelope. Such sending slips must be stamped with seals showing their confidentiality and urgency in strict compliance with the regulations on top-secret documents.

* Enveloping: The sent-out electronic signatures must be put in separate envelopes, not in the same envelopes with ordinary documents. Envelopes must be made of tough, hard-to-strip, water-proof and non-translucent paper, diagonally folded and stuck by a highly adhesive glue. Each electronic signature to be sent out must be put in two envelopes:

- Inner envelope: This envelope must be clearly inscribed with the serial number and sign of the electronic signature, name of recipient, affixed with "top-secret" stamp and with the inscription of "to be opened by the named person only". Subsequently, it shall be stitched with thread, sealed up with wax or stuck with a hard-to-strip super-thin paper tape on the envelope’s back diagonal overlaps, with seal-up stamp affixed on corners of such paper tape, half on the tape and half on the envelope. Seal-up ink must be in bright red;

- Outer envelope: This envelope must be inscribed as ordinary documents envelopes, and affixed with "B" (capital letter) stamp (without "top secret" seal).

The State Bank’s units and the units participating in inter-bank electronic payment shall have to monitor, inspect and make comparison with units or individuals that receive electronic signatures in order to avoid missing and errors.

4. For electronic signatures received via registered secret mails: electronic signatures sent in must be entered as secret documents in the book of "secret documents sent in" for monitoring and promptly reported to the account holders of the units participating in inter-bank electronic payment before being handed over to the allocatees (recipients). Electronic signature recipients must immediately return sending slips to the sending places right on the date of receipt.

Article 19.- The storing and preservation of electronic signatures shall be effected according to the following regulations:

1. Newly formulated electronic signatures, electronic signatures already allocated but left unused or currently in use, and those already recovered and awaiting handling must all be book-monitored, stored and preserved by the concerned units and individuals according to the regime applicable to top-secret documents.

2. Electronic signatures, when being left unused or awaiting use, must be carefully stored and preserved in trunks or chests, which are firmly locked, kept safe and placed at working offices.

Article 20.- Electronic signatures shall be destroyed after being suspended from use

1. The directors of the State Bank’s units shall have to guide the units participating in inter-bank electronic payment and concerned individuals to carry out the necessary procedures to destroy electronic signatures.

2. The destruction of electronic signatures shall be decided by the directors of the State Bank�s units.

- The destruction of electronic signatures must ensure that the possibility to reuse (destroyed) electronic signatures is precluded.

- For all cases of destruction of electronic signatures, destruction councils must be set up.

3. The State Bank�s units must open books for monitoring destroyed electronic signatures.

VII. HANDLING OF VIOLATIONS

Article 21.- Units and individuals that violate one of the contents prescribed in Article 4 of this Regulation, lose their electronic signatures, use electronic signatures in contravention of the regulations or abuse electronic signatures to embezzle the State’s property and violate other provisions of this Regulation shall, depending on the nature and seriousness of their violations, be disciplined, administratively handled or examined for penal liability and have to make material compensations for damage caused by their violations according to the provisions of law.

VIII. IMPLEMENTATION VIOLATIONS

Article 22.- The director of the Accountancy and Finance Department shall have to:

1. Base on the provisions of this Regulation to coordinate with the Banking Information Technology Department in selecting and deciding on plans and procedures for formulating, allocating and managing electronic signatures for use in the Vietnam State Bank’s electronic money transfer system.

2. Guide and inspect the implementation of the Regulation on formulation, allocation, use and management of electronic signatures in the State Bank’s electronic money payment and transfer system.

Article 23.- The director of the Transaction Bureau and the directors of the State Bank’s branches in the provinces and centrally-run cities shall have to:

1. Manage the formulation, allocation, alteration and use instruction of electronic signatures in the inter-bank electronic payment organized by them.

2. Guide and inspect the implementation of the Regulation on formulation, allocation, use and management of electronic signatures in inter-bank electronic payment.

Article 24.- The director of the Banking Information Technology Department shall have to coordinate with the State Bank’s concerned units in selecting or developing software programs for allocation and management of electronic signatures in the inter-bank electronic payment and the electronic money transfer of the State Bank of Vietnam.

Article 25.- General directors (directors) of payment service-providing organizations shall have to:

1. Base on the provisions of this Regulation to select and decide on plans and procedures for formulating, allocating and managing electronic signatures in their respective internal electronic payment systems.

General directors (directors) of payment service-providing organizations may reach agreements with their customers (who have opened accounts at and conduct payment transactions via payment service-providing organizations) on the use of electronic signatures in electronic payment between such payment service-providing organizations and their customers.

2. General directors (directors) of the units participating in electronic payment shall have to manage and supervise the use of electronic signatures at their respective units in strict compliance with this Regulation.

Article 26.- Any amendments and supplements to this Regulation shall be decided by the State Bank Governor.

APPENDIX NO. 1

NAME OF THE UNIT:

 ..........................

THE LIST OF PEOPLE REQUIRED TO ISSUE THE ELECTRONIC SIGNATURE(in conjunction with the official dispatch No.    date      of      )

Account holder of the unit participating in the inter-bank electronic payment

---------------

This document is handled by Dữ Liệu Pháp Luật . Document reference purposes only. Any comments, please send to email: [email protected]