In 2023, the 5th session of the 15th National Assembly ratified the Law on Electronic Transactions (amended), which will take effect from July 1, 2024 (Law on E-Transactions 2023), replacing the Law on Electronic Transactions 2005 (Law on E-Transactions 2005). Changes in the Law on E-Transactions 2023 will have particular impacts on the operations of commercial banks in the current “digitalization” context. Therefore, having specific assessments and adjustments is essential to ensure compliance in credit institutions (CIs). In the scope of this article, the writer would only mention two new points of the Law on E-Transactions 2023 that, in point of view, might have a crucial impact on the banking industry.

Electronic signature

Generally, in addition to supplementing the definition of electronic signatures and affirming the legal value of electronic signatures, the Law on E-Transactions 2023 has classified electronic signatures into: (i) special-use e-signatures, and (ii) digital signatures (including public digital signatures, civil service digital signatures).[1] The new law also has stricter requirements when specialized electronic signatures used to ensure safety need to be certified by the Ministry of Information and Communications.[2] In contrast, previously, the security only needed to be verified according to the process is agreed upon and proven by the parties, and meets the minimum requirements of the law.[3]

The changes regarding electronic signatures may significantly impact the operations of CIs when there are many related regulations that require signatures from both CIs and customers. For instance, the signature of the legal representative of the credit institution is required in the guarantee agreement and guarantee commitment.[4] Or, when entering into an agreement to open and use a payment account with an institutional customer, the law requires banks to verify the signature, seal (if any), and digital certificate (if any) of the legal representative of clients.[5]

Consequently, while waiting for the Law on E-Transactions 2023 to take effect, as well as the Government’s decrees and/or guidance from the State Bank of Vietnam (SBV) related to this issue, CIs can consider implementing the following measures to ensure compliance in their operations and avoid delays in transactions with customers:

  • Review processes related to signing and/or verifying through electronic means to require customers to implement appropriate transitions, such as using digital signatures for transactions or registering specialized electronic signatures with the Ministry of Information and Communications to be recognized as safe signatures.[6]
  • Review internal regulations (processes, systems, forms, products) related to electronic signatures or activities requiring customers to sign and/or verify for amendments, updates and supplemented (if necessary) to be compatible with the Law on E-Transactions 2023. During the update process, CIs should also pay attention to recent SBV guidelines related to this issue, such as Decision No. 2345/QD-NHNN on implementing security measures in online payment and card payment by the Governor of the State Bank of Vietnam (this is an important document replacing Decision 630/QD-NHNN in 2017 related to authentication methods).
  • According to transition provisions, e-transactions established before 1 July 2024 but not yet implemented by 1 July 2024 would continue to comply with the regulations of the Law on E-Transactions 2005, unless the parties agree to apply the regulations of the Law on E-Transactions 2023.[7] Therefore, CIs might need to pay attention to review current transactions, then classify and determine the time to complete the transaction to suitable notice for customers.

In addition, the Law on E-Transactions 2023 allows the use of other authentication forms excluding e-signatures by electronic means to show signatories’ approval for data messages shall comply with other regulations of relevant laws.[8] However, as detailed guidance on which “other regulations” is not yet available for now, CIs should monitor further guidelines to make appropriate adjustments to the operations.

Information system serving electronic transactions and electronic transaction accounts

These regulations are all new to the Law on E-Transactions 2023 compared to the Law on E-Transactions 2005. In accordance with information systems serving e-transactions, CIs are required to classify information systems serving electronic transactions according to the following criteria such as: administrator, functions, and features of the information system serving e-transactions; size, number of users in Vietnam or monthly access numbers from users in Vietnam.[9] Additionally, a new draft decree on information systems serving e-transactions was also discussed at the 4th session of the 15th National Assembly. Therefore, CIs should note these criteria when classifying information systems. At the same time, it is necessary to follow additional detailed instructions and regulatory documents from the relevant Government to ensure compliance.

For electronic transaction accounts, the Law on E-Transactions 2023 allows the transaction history of an e-transaction account to be used to prove the transaction history of participating parties when meeting the following conditions:[10]

  • The information system serving the e-transaction must ensure its safety in accordance with the law on information security;
  • Uniquely linked to an agency, organization, or individual as the owner of the e-transaction account; and
  • Ensure accurate transaction time from the time source as regulated by the national standard time law.

Therefore, relevant departments of CIs need to coordinate implementation on the basis of other relevant legal regulations such as the Law on Cyber Information Security 2015 and the  Cybersecurity Law 2018 to review the systems that create electronic trading accounts to synchronize and standardize transaction history in order to: (i) minimize the risk customer personal information loss, and (ii) ensure the integrity and security of data in the electronic trading environment. Having a suitable and standardized transaction history can also help CIs reduce costs and the burden of proof in the event of actual disputes. This, in turn, enhances transparency as well as efficiency in resolving disputes and debt recovery at CIs.

It is clear that the Law on E-Transactions 2023 with many comprehensive changes would be an important legal basis in implementing the transformation of activities from the conventional environment to the digital environment, and including banking activities. Therefore, proactively updating, reviewing and adjusting internal processes and related systems not only helps CIs quickly meet legal conditions but is also an opportunity to increase the competitiveness of its products in the market via a digital transformation model.

[1] Article 22 Law on Electronic Transactions 2023

[2] Article 25.2 Law on Electronic Transactions 2023

[3] Article 22.1 Law on Electronic Transactions 2005

[4] Article 17.1 Circular 11/2022/TT-NHNN

[5] Article 14.3 Circular 16/2020/TT-NHNN

[6] Article 25 Law on Electronic Transactions 2023

[7]Article 53.1 of the Law on Electronic Transactions 2023

[8]Article 22.4 of the Law on Electronic Transactions 2023

[9]Article 45.1 of the Law on Electronic Transactions 2023

[10]Article 46.4 of the Law on Electronic Transactions 2023