Remote Identification Procedures, Electronic Trust Services Regulations, 2020

A QTSP before making use of a remote identification procedure, is required to submit to the MCA a conformity assessment report (‘CAR’) issued by a CAB, which report must confirm that the QTSP provides equivalent assurance in terms of physical presence and meets all the requirements as stated in the draft regulations. The draft regulations require a QTSP to undertake various measures before adopting a remote identification procedure, including carrying out a risk analysis, tests of the effectiveness and safety and an internal assessment of the adequacy of the method to be used to mitigate any risks identified in the risk analysis. The draft regulations also provide for a number of technical and organisational requirements that the QTSP must abide with, norms to be complied with during the actual remote identification session, and norms requiring the recording and retention of such a session. The draft regulations provide the necessary enforcement tools to enable the MCA to inspect and require any information about any remote identification procedures carried out in compliance with the draft regulations. The MCA is furthermore empowered to require any person to desist from the continued use of any remote identification procedure if there is non-compliance with the applicable norms. The draft regulations empower the MCA to impose administrative fines if there is a breach with the provisions of the proposed regulations.

 

Regulatory Type: 
Electronic Communications

MCA Reference: 
MCA/C/20-4007
Closing Date: 
Friday, November 20, 2020