Overview of changes to the Federal law “On electronic signature”

24 August 2020
Polina Vodogreeva
 
Federal law No. 476-FZ of December 27, 2019, introduced several amendments to the Federal law “On electronic signature” (“Law”). Changes to the Law come into force gradually:
 
1. Main changes starting from July 01, 2020
 
1.1. Clarification of the requirements for accreditation of the certification center and the updated list of accredited certification centers
 
Among other things, the minimum amount of own funds (capital) of the certification center (“CC”) is specified, which must be at least 1 billion rubles or 500 million rubles if there is a CC’s branch or representative office in at least 3/4 of the constituent units of Russia; the requirement to obtain a license is established. The period of validity of the CC accreditation is being shortened to 3 years.
 
The list of accredited CCs includes the following types of CCs:
 
  • CCs that have received accreditation;
  • CCs of the federal executive authority authorized to carry out state registration of legal entities (CC of the Federal tax service of Russia);
  • CCs of the federal executive authority authorized to enforce the federal budget, cash services for the execution of budgets of the budgetary system of Russia (CC of the Treasury of Russia);
  • CCs of the Central Bank of Russia.
 
1.2. New procedure of recognition of foreign electronic signatures
 
Recognition of foreign electronic signatures (i.e. electronic signatures (e-signatures) created under the law of a foreign state and international standards) as corresponding to the characteristics of an enhanced e-signature and their application are carried out as stipulated by international treaties of Russia. To recognize the validity of foreign e-signatures, additional confirmation by an authorized person under the relevant international treaty is required (by an accredited trusted third party, an accredited CC, or another person).
 
2. Main changes starting from January 01, 2021
 
2.1. Introduction of a new institution – a trusted third party
 
A trusted third party is a legal entity that performs verification of e-signatures in electronic documents concerning the person who signed the electronic document, to ensure confidence in the exchange of data and electronic documents, as well as provides other services, the list of which is established by the Law.
 
The Law establishes a list of accreditation requirements for a trusted third party, and the Law regulates the procedure for accreditation of a trusted third party. The term of accreditation of a trusted third party is 3 years.
 
2.2. Clarification of the procedure for accreditation of the certification center, new requirements for its accreditation
 
The Law introduces a two-stage accreditation procedure for the CC. At the first stage, the authorized body will audit the compliance of the CC with the requirements of the Law. In case of a positive decision on the results of the audit, the authorized body sends its conclusion to the government commission (the second stage), which makes the final decision on the accreditation of the CC. The regulations on the government commission, its composition and the procedure for its decision-making process will be approved by the Government of Russia.
 
Starting from 2021, additional requirements will be introduced for the business reputation of the head of the CC and persons who own at least 10% of the shares of the authorized capital of the CC. Additional requirements for the CC accreditation for the purposes of storing the e-signature key are also established.
 
3. Main changes starting from January 01, 2022
 
3.1. New procedure for issuing a qualified certificate of a qualified e-signature
 
The authority issuing the qualified certificate of qualified e-signature (“QES”) depends on the category of the QES holder:
 

 

Authority

QES holder

1

CC that have received accreditation

  • Individuals (except for those specified in Sec. 4 below)

2

CC of the Federal tax service of Russia

 

  • Legal entities (except for those specified in Sec. 3 below)
  • Individual entrepreneurs (except for those specified in Sec. 3 below)
  • Notaries

3

CC of the Central Bank of Russia

  • Credit institutions
  • Payment system operators
  • Non-credit financial organizations
  • Individual entrepreneurs engaged in activities specified in part 1 of article 76.1 of the Federal law “On the Central Bank of the Russian Federation (Bank of Russia)”

4

CC of the Treasury of Russia

  • Persons holding state positions of Russia, state positions of the constituent units of Russia
  • Officials of state bodies, local government bodies, their subordinate institutions and organizations
  • State body
  • Local governmentbodies
 
3.2. New procedure for using a qualified electronic signature by a representative of a legal entity
 
The QES certificate of a company (legal entity) indicates the company itself and its General Director (an individual acting on its behalf without a power of attorney) as the certificate holder. If an individual who is not the company’s General Director signs an electronic document on behalf of the company, then the electronic document is to be signed by its QES with the attachment of a power of attorney issued by the company.
 
The Law specifies the requirements for such a power of attorney:
 
  • The power of attorney is drawn up in electronic form;
  • The power of attorney is signed by the company’s QES;
  • The power of attorney is attached by its inclusion in a set of electronic documents, unless otherwise provided for by an agreement between legal entities and individual entrepreneurs when interacting with each other or by regulatory legal acts.