October 31, 2023

The FSC issues guidelines for Digital Signature

One of the action points emanating from the Budget 2023/2024, was the implementation and adoption of e-signatures by regulators.  To that end, the Financial Services Commission (FSC) issued the guidelines for Digital Signature on 23 October 2023 (the “Guidelines”). 


The objective of the Guidelines are to:


  • Specify the criteria and standards to be observed by licensees for the FSC to accept digital signatures as substitutes for wet-ink signatures; and
  • Establish high degree of assurance in the usage of digital signatures and ensuring that such signatures are not denied legal effect, validity or enforceability under the Electronic Transactions Act (ETA)


Digital signatures can now be used by licensees in the following instances:


a) application for a licence through the FSC One platform, involving the electronic submission of PDF document(s) by an applicant, which are digitally signed;


(b) post-licensing requests through the FSC One platform, involving the electronic submission of PDF document(s) by a licensee, which are digitally signed;


(c) inspections organised by the FSC whereby licensees are required to provide documentary demonstrations of PDF documents that include digital signatures; and


(d) submissions of other digitally signed PDF documents as may be determined by the FSC.


The criteria to be observed by the licensees are as follows:


  • Criteria 1: Signatory should be a natural person


  • Criteria 2: The digitally signed document shall be in the PDF format and the digital certificate used to sign the document shall have been issued by a Certificate Authority listed on the Adobe Approved Trust List (AATL)


  • Criteria 3: The digital signature shall meet the PAdES LTV (PDF Advanced Electronic Signatures with Long-Term Validation)


  • Criteria 4: The validity of the digital signature shall be automatically verifiable within Adobe Reader/ Adobe Acrobat through the “Signature Panel”, “Certificate Details” and “Signature Validation” capabilities


  • Criteria 5: The security level of the digital signature must meet or exceed the security level required by the eIDAS regulation for Advanced Electronic Signatures (AES)


  • Criteria 6: For record-keeping and auditing purposes, a Certificate of Completion (CoC) shall be generated and retained by the digital signature software for every digitally signed document


  • Criteria 7: The signed document shall include an embedded timestamp


To access the full guidelines, please click Here


The FSC also produced 2 videos on the execution and verification of digital signatures and same are available on the FSC website: click Here