Updated at 29/09/2022 - 01:54 pm
Where issued: | Goverment | Effective date: | 10/02/2019 |
Date issued: | 24/12/2018 | Status: | Still validated |
GOVERMENT | SOCIAL REPUBLIC OF VIETNAM Independence - Freedom - Happiness |
Number: 165 / 2018 / ND-CP | Hanoi, date 24 month 12 year 2018 |
DECREE
ON ELECTRONIC TRANSACTIONS IN FINANCIAL ACTIVITIES
Pursuant to the Law on Organization of the Government dated April 30, 2013, 19 year of 6;
Pursuant to the Electronic Transaction Law dated 29 month 11 year 2005;
At the proposal of the Minister of Finance;
The Government issued a Decree on electronic transactions in financial activities.
Chapter I
GENERAL RULES
Article 1. Scope
This Decree provides for electronic transactions in financial activities.
Article 2. Subject of application
1. Agencies, organizations and individuals are the owners of the information system serving electronic transactions in financial activities.
2. Agencies, organizations and individuals participating in electronic transactions in financial activities.
3. Agencies, organizations and individuals wishing to look up and verify information about electronic transactions in financial activities of other agencies, organizations and individuals within the scope permitted by law.
Article 3. Explain words
In this Decree, the terms below are construed as follows:
1. “Electronic transaction in financial activities” means an electronic transaction between agencies, organizations and individuals in various types of professional activities: state budget, state budget, taxes, fees and charges. fees and other revenues of the state budget, state reserves, public assets, state financial funds, financial investment, corporate finance, cooperative finance, customs, accounting, management prices, securities, financial services, accounting services, auditing services, insurance business and other financial services under the state management of the Ministry of Finance. The performance of these professional activities in accordance with specialized laws.
2. “Specialist law” means the law on the state budget; tax; fees and charges; manage and use state capital invested in production and business in enterprises; public debt management; custom; state reserves; public property; accountant; price; stock; independent audit; insurance business and other financial law.
3. “Electronic documents in financial activities” (referred to as “electronic documents”) means information created, sent, received and stored by electronic means when performing an electronic transaction. in financial activities; including documents, reports, contracts, agreements, transaction information, information on the implementation of administrative procedures and other types of information and data as prescribed by specialized laws.
4. “Authorizing an electronic document by agency, organization or individual” means an agency, organization or individual that creates or sends an electronic document before such electronic document is kept but does not include a person. electronic document transfer intermediary. The identification of the agency, organization or individual that initiates the electronic document shall comply with the provisions of Clause 2, Article 16 of the Law on Electronic Transactions.
5. “Manager of information systems serving electronic transactions in financial activities” (hereinafter referred to as “information system owners”) means an agency, organization or individual with management competence. directly to the information system serving electronic transactions in financial activities.
6. “Financial agency” means one of the following agencies:
a) The Ministry of Finance and its agencies, units and units have the function of State management in the branches and domains under the Ministry of Finance's management;
b) Specialized agencies advising state management in the financial domain belong to People's Committees at all levels (local financial agencies).
7. "Intermediary service in electronic transactions in financial activities" means a service to represent (in whole or in part) for other agencies, organizations and individuals to send; take; storage; support to create and process electronic documents; confirm the implementation of electronic transactions by the parties to the electronic transaction.
8. "Deactivation of electronic documents" is a measure to make electronic documents no longer valid for use on the information system.
9. "Destruction of electronic documents" is a measure to make electronic documents no longer exist on the information system, inaccessible and refer to information already contained in electronic documents.
10. “Sealing electronic documents” is a measure to ensure the integrity of information contained on electronic documents, which cannot be modified, copied, illegally moved, invalidated or destroyed from the time of initiation. beginning to the end of the sealing process.
11. “Information system serving electronic transactions in financial activities” (referred to as “information system”) means an information system specified in Clause 8 Article 4 of the Law on Electronic Transactions provided provided and used to conduct electronic transactions in financial activities.
12. “Authentication” means the verification on the information system to ensure that the person performing an electronic transaction is the person who is authorized to perform this transaction or to check the digital signature on the electronic document according to regulations. regulations on digital signature authentication.
13. “Authentication code” means a string of characters (digits, letters, accents, special characters) generated or recorded by the information system to attach to the person performing an electronic transaction at each execution. transaction for authentication.
14. “Biometric authentication” means authentication performed using human biological characteristics with a very low overlap (according to the recognition of science and technology at the time of application). use this measure).
15. “Identifier of an electronic document” means a barcode or string of numbers and letters associated with an electronic document to uniquely identify an electronic document on the information system, serving information retrieval. about electronic documents.
Article 4. Principles of electronic transactions in financial activities
1. Agencies, organizations and individuals participating in electronic transactions in financial activities must comply with the principles specified in Article 5 of the Law on Electronic Transactions; regulations of specialized laws and relevant legal regulations.
2. Electronic transactions in financial activities under administrative procedures must comply with the law on administrative procedures and online public services.
3. The use of digital certificates and digital signatures in electronic transactions in financial activities must comply with the law on digital signatures and digital signature certification services.
Chapter II
SPECIFIED
Article 5. Legal validity of electronic vouchers
1. Electronic vouchers must fully satisfy the requirements of state management, in accordance with the provisions of specialized laws. The form of presentation, the creation, sending and receipt of e-documents and the legal validity of e-documents shall comply with the Law on Electronic Transactions.
2. An electronic document is valid as an original when one of the following measures is taken:
a) Electronic vouchers are signed by agencies, organizations or individuals from creating electronic vouchers and agencies, organizations or individuals with related responsibilities in accordance with specialized laws.
b) The information system has measures to ensure the integrity of electronic vouchers during the process of transmission, receipt and storage on the system; note that agencies, organizations or individuals have initiated electronic vouchers and the relevant responsible agencies, organizations or individuals have participated in processing electronic documents and applying one of the following measures to authenticate agencies, organizations or individuals that initiate electronic vouchers and related agencies, organizations or individuals involved in handling electronic vouchers: authenticate by digital certificates, authenticate by birth Validation, authentication of two or more elements, including elements of one-time authentication code or random authentication code.
c) Other measures agreed upon by the parties to the transaction, ensuring the integrity of the data, the authenticity, the denial, and in accordance with the provisions of the Electronic Transaction Law.
Article 6. Transfer from paper vouchers to electronic vouchers
1. Method of converting from paper vouchers to electronic documents:
a) Paper vouchers are converted into electronics in the form of copying and converting into files on the information system, or
b) The contents of paper vouchers are converted into data for storage into the information system.
2. Electronic vouchers converted from paper vouchers must meet the following conditions:
a) Fully reflect the content of paper vouchers;
b) Individuals or agencies, organizations that implement (or are responsible for) the conversion of paper vouchers into electronic vouchers signed on electronic vouchers after being converted from paper vouchers or authenticated by one of the authentication measures prescribed at Point b, Clause XNXX of Article 2 of this Decree.
3. Electronic vouchers converted from paper vouchers are valid as paper vouchers unless otherwise provided for by specialized laws.
Article 7. Convert from electronic voucher to paper voucher
1. Agencies, organizations and individuals may print electronic vouchers created by such agency, organization or individual, and the owner of the information system may print electronic vouchers of such agency, organization or individual. individuals under their management from the information system to store and compare information or present it to a competent agency to check information about documents or provide agencies and organizations with search needs. , verify information within the scope prescribed by law.
2. Agencies, organizations and individuals may request the owner of the information system to confirm the performance of electronic transactions in paper form to present it to the competent authority to check information on documents or provide granted to other agencies, organizations and individuals that wish to look up and verify information within the scope prescribed by law. This request and confirmation, when made at a state agency, must comply with regulations, order and procedures on information provision in accordance with the law on access to information.
3. Paper vouchers converted from electronic vouchers must satisfy the following conditions:
a) Fully and accurately reflect the content of the electronic voucher;
b) There is information showing the documents that have been processed on the information system and the name of the information system or the name of the information system administrator;
c) There is an identifier of the electronic voucher to serve the search, verification of information or full name and signature of the person conducting the conversion;
d) Having the seal of the agency or organization performing the transformation in case it must comply with the provisions of law or the agreement between the transaction parties.
d) Lookup at any time during the information system's normal operation.
4. Paper vouchers converted from electronic vouchers have the same validity as electronic vouchers, unless otherwise provided for by specialized laws.
Article 8. Modify electronic documents
1. The modification of an electronic document when it has not been officially approved or transmitted to perform an electronic transaction must comply with the management process of the agency, organization or individual that initiates the document or the owner. information system management.
2. The modification of an e-document after it has been officially approved or after it has been transmitted to perform an e-transaction needs to be re-done from the initialization stage and ensure compliance with the law. specialized.
3. The information system must record the performer, the time of implementation, and other information related to the modification of electronic documents.
Article 9. Store electronic vouchers
1. Electronic vouchers shall be archived in accordance with specialized laws, in accordance with the environment, electronic storage conditions and relevant provisions of the law on archiving.
2. Agencies and units that store electronic documents must satisfy the conditions specified in Clause 1, Article 15 of the Law on Electronic Transactions.
Article 10. Cancellation of electronic documents
1. An electronic voucher is invalidated under one of the following conditions:
a) Documents are destroyed according to the process and regulations of the unit that creates and processes electronic documents on the basis of compliance with regulations of specialized laws.
b) Documents are destroyed on the basis of agreement and confirmation of the parties to the transaction. This confirmation is expressed in one of the following ways: A document signed by the parties to the transaction or the authorized representatives of the parties to the transaction (if it is an electronic document, the provisions of this Agreement shall apply). on legal validity according to Article 5 of this Decree); request to cancel documents of one party to the transaction and accept the request to destroy documents of the other party(s) in the form of email or data message created on the same information system created or stored store electronic documents, authenticated by one of the accepted measures applicable to electronic documents specified in Article 5 of this Decree.
2. The invalidated electronic voucher must be marked, recorded at the time, the person who invalidates the information on the information system and notifies the concerned parties.
3. The invalidated e-documents must be archived for the search of competent state agencies according to the archival time limits prescribed by specialized laws.
4. When the electronic voucher is invalidated, at the same time, the paper voucher converted from this electronic voucher (if any) will be invalidated and no longer valid.
Article 11. Destroy electronic documents
1. E-documents, paper vouchers converted from electronic documents whose archiving period has expired as prescribed, are allowed to be destroyed unless otherwise decided by a competent state agency.
2. The destruction of electronic documents must not affect the integrity of the electronic documents that have not been destroyed and must ensure the normal operation of the information system.
3. The information system must record the destruction of electronic documents in the form of a list with information on when and who destroys electronic documents, store this list on the system, ready for use. look up when needed.
Article 12. Sealing electronic documents
1. The authority to seal electronic documents complies with the law on sealing documents and evidences serving the process of examination, inspection, audit and investigation.
2. The sealing of electronic documents must ensure:
a) Not affecting the normal operation of information and production and business systems of organizations and individuals;
b) It is possible to fully recover sealed electronic vouchers at information systems of organizations and individuals after the sealing time limit;
c) Determining the access, changing the contents of sealed electronic vouchers.
d) The information system must mark the sealed electronic voucher and record the time, the person who executes the electronic voucher.
3. After the competent State Agency decides and carries out sealing measures, organizations and individuals are not allowed to access, exploit, copy, modify or use this electronic voucher in the system. Your information for trading or other uses.
Article 13. Regulations for information systems
1. The information system must be accurate in terms of time and synchronized according to the Vietnamese time zone (ISO 8601 standard). The use of timestamp issuance service of the organization providing this service is encouraged in accordance with the law on digital signatures and digital signature certification services for documents whose initialization or processing time is not recommended. The handling of documents is bound by specialized legal documents or may cause disputes on interests and legality between the parties to the transaction.
2. The information system serving the creation and processing of electronic documents must have the function of converting electronic documents into paper documents to serve the purposes specified in Clauses 1 and 2, Article 7 of this Decree. .
3. The information system must be able to store electronic documents or provide access to electronic documents stored in an archive system separate from the information system. In case the information system is upgraded or changed in technology, the owner of the information system is responsible for providing access to electronic documents created or stored on the information system before the date of registration. upgrade or change technology.
4. Information systems of financial authorities and related state agencies must be able to connect and exchange electronic documents according to the Government's regulations on e-Government implementation. Information systems of other agencies and organizations must be able to connect and exchange electronic documents with the information system of financial institutions in accordance with specialized management laws.
5. The legal representative of the agency or organization that uses the information system to automatically digitally sign electronic documents is responsible before law for automatically digitally signed electronic documents.
Article 14. Ensuring safety in electronic transactions in financial activities
1. If the information system owner collects personal information of transaction participants, he/she must comply with the Law on Cyberinformation Security, the Law on Cybersecurity and relevant legal provisions on information protection. personal message.
2. Information system owners must ensure safety and security for information systems and transactions of participants in transactions in accordance with the law on cyberinformation security, and at least apply measures. after:
a) Determine the level and implement corresponding plans to ensure information system security in accordance with the provisions of the Law on Cyberinformation Security and Decree No. 85/2016/ND-CP dated July 01, 7 of the Government. Government on assurance of information system security by level. In case the owners of information systems are non-State organizations, only the security level of the system shall be determined and protection measures must be provided for the system to at least meet the requirements for the same level. In accordance with the regulations of the Ministry of Information and Communications, it is not required to carry out the procedures for appraisal and approval of the level file.
b) The connection from agencies, organizations and individuals to the information system must be encrypted. The website or electronic portal for electronic transactions in financial operations must use digital certificates to secure information on the transmission line and not be tampered with.
Article 15. Using intermediary services in electronic transactions
1. Enterprises providing information technology services on mobile telecommunications networks and the Internet; Enterprises providing digital signature certification services may provide intermediary services in electronic transactions in financial activities.
2. Agencies, organizations and individuals may select an intermediary service provider suitable to their needs in conducting electronic transactions in financial activities.
3. Agencies, organizations and individuals using intermediary services and enterprises providing intermediary services must sign an agreement or contract specifying the responsibilities and powers of each party (within the legal framework) allow).
Article 16. Verify information about electronic transactions in financial activities
1. Competent agencies, when examining, inspecting and investigating according to specialized laws, agencies are responsible for handling relevant administrative procedures if there is a need to verify information about their electronic transactions. The agency, organization or individual shall carry out this verification in one of the following ways:
a) Use the electronic confirmation of the results of electronic transactions performed by the information system manager to agencies, organizations and individuals in the form of files or e-mails.
b) On-site observation on the information system of query results performed by agencies, organizations and individuals.
c) Using the feature of querying electronic voucher information by electronic means provided by the information system manager.
d) Connecting, transmitting data, exchanging information with financial agencies for information on electronic transactions of subjects implementing administrative procedures. The provisions of this point shall apply to agencies responsible for handling relevant administrative procedures.
2. Examination, inspection, investigation and administrative procedure-settling agencies may only request agencies, organizations and individuals to present paper documents converted from electronic documents in case they do not verify information by one of the methods specified in Clause 1 of this Article.
Chapter III
TERMS ENFORCEMENT
Article 17. Responsibility of the owner of the information system for electronic transactions in financial activities
1. Comply with the provisions of this Decree.
2. The organization supports the execution of transactions on the information system through one or a combination of support in some of the following ways: directly, by phone, via email, website or portal electronic information and other technologies.
3. Provide information on electronic transactions in financial activities within the scope of the information system owner's information system for competent management agencies to inspect, inspect and investigate activities. financial institutions and agencies, organizations and individuals that wish to search and verify information within the scope of the provisions of law as prescribed in Article 16 of this Decree and other relevant laws.
4. Directly or authorize a member unit, branch to certify paper documents converted from electronic documents at the request of agencies, organizations and individuals participating in transactions on the information system under the management of the information system owner as prescribed by law.
5. Keep confidential personal information, information of enterprises and agencies and organizations on the information system under the management of the information system owner as prescribed by law.
6. Ensure the safety of the information system, participate in incident response activities, handle and remedy incidents according to the provisions of the law on assurance of network information safety and security and the provisions of the Decree this determination.
7. Agencies, organizations and individuals that hire information technology technical infrastructure services from other enterprises to provide electronic transactions in financial activities must ensure coordination with the technology infrastructure leasing enterprise. fully perform the responsibilities specified in Clauses 1 to 6 of this Article.
Article 18. Responsibilities of agencies, organizations and individuals participating in or using the results of electronic transactions in financial activities
1. Agencies, organizations and individuals participating in electronic transactions in financial activities are responsible for managing and keeping secret the means and information in service of digital signature or authentication; immediately notify the owner of the information system when this means or information is lost or revealed.
2. Agencies, organizations and individuals participating in electronic transactions with financial agencies are responsible for notifying the financial authorities of their contact addresses by electronic method and maintaining stability for exchange. information in the process of participating in electronic transactions with financial authorities; in case the address must be changed, the organization or individual shall notify the financial authority of the changed address.
3. Agencies, organizations and individuals using the results of electronic transactions in financial activities are responsible for recognizing and using electronic documents according to the legal value of electronic documents.
4. Comply with other relevant regulations of this Decree.
Article 19. Responsibilities of the Ministry of Finance
1. Develop and implement a roadmap for applying electronic transactions between agencies, organizations and individuals and financial agencies under the Ministry of Finance; establish connection and exchange of information on electronic transactions in financial activities between financial agencies under the Ministry of Finance and other ministries, agencies and organizations in accordance with the Government's objectives and programs on the Government. e-government, in accordance with the actual conditions and provisions of the law.
2. Direct and organize the propagation, dissemination and education of the law on electronic transactions in financial activities.
3. Guide, examine and inspect the observance of the law on electronic transactions in financial activities.
4. Settle complaints, denunciations and recommendations of agencies, organizations and individuals about electronic transactions in financial activities.
Article 20. Responsibilities of local financial agencies
1. Develop and implement a roadmap to apply electronic transactions between agencies, organizations and individuals and local financial agencies (online public financial services in the locality).
2. Implement and coordinate with the Ministry of Finance in propagating, disseminating and educating the provisions of the law on electronic transactions in financial activities in the locality managed by the local financial authority .
Article 21. Handling forwarding
1. Enterprises that have provided intermediary services in electronic transactions in financial activities before the effective date of this Decree may continue to provide intermediary services in electronic transactions in their operations. financial activities as prescribed in this Decree.
2. While the government has not yet been granted a digital certificate by a specialized digital signature certification service provider, a state budget-funding unit may use a public digital certificate to conduct electronic transactions. with financial authorities for transactions applying digital signatures. After being issued with a digital certificate by a government-specific digital signature certification service provider, the state budget user is responsible for using this digital certificate instead of the public digital certificate and informing the public. Notify the relevant financial authority of the change of the digital certificate.
Article 22. Terms enforcement
1. This Decree takes effect from March 10, 02.
2. Decree No. 27/2007/ND-CP dated February 23, 02 on electronic transactions in financial activities and Decree No. 2007/156/ND-CP dated November 2016, 21 amending and supplementing A number of articles of Decree No. 11/2016/ND-CP dated February 27, 2007 on electronic transactions in financial activities cease to be effective from the effective date of this Decree.
3. The ministers, the heads of the ministerial-level agencies, the heads of the agencies attached to the Government, the presidents of the People's Committees of the provinces and centrally-run cities are responsible for the implementation of this Decree.
Recipients: | TM. GOVERMENT |