Most banks in Vietnam provide internet banking services to its customers via a web-based platform (the E-platform) which enables bank customers to create, authorise and dispatch instructions (E-Documents) to the bank electronically. Usually, an E-platform provides users with authentication tools including customer ID, user IDs, passwords and one-time password (the OTP) to get access to the E-platform.
If (1) the customer is a corporate customer, (2) the person actually using the E-platform is a staff of the customer, and (3) the user’s credentials are only authenticated by the bank’s authentication tools then there may be difficulties to determine that the actions taken by the staff through the E-platform are considered as actions of the respective corporate customer. This is because under the Law on E-Transactions 2005, if a document in paper form is required by laws to be sealed and such document is converted into a data message for e-signing then the requirement of being sealed will be satisfied when the e-signature affixed to the data message is certified by a third party licensed service provider. Under Article 25.3(a) of Decree 110/2004, all documents issued by an institution must be affixed with the seal of such institution. Therefore, an E-Document transferred via the E-platform may be considered as an unsealed document of the institutional Client if the E-platform does not involve any certification or confirmation from a licensed third party service provider.
In addition, there may be no clear indication under the E-platform that the individual user is acting on behalf of the relevant corporate customers. To ensure the binding effect of the E-Document, banks should incorporate in the terms and conditions of the E-platform wording which establishes an authorisation relationship between the individual user and the corporate customer.
This post is contributed by Tran Thi Thu Thao, a VILAF associate.