Act 7
Electronic Signatures Act
2011
(2) The audit shall be carried out by an internationally
recognised computer security professional or a certified public
accountant having expertise in the relevant field.
(3) The qualifications of the auditors and the procedure for an
audit shall be as may be prescribed by regulations made under this
Act.
(4) The Controller shall maintain and publish, the date and result
of the audit in the certification service provider disclosure record he
or she maintains for the certification service provider concerned.
39. Activities of certification service providers.
(1) A certification service provider shall only carry on such
activities as may be specified in its license.
(2) A certification service provider shall carry on its activities in
accordance with this Act and any regulations made under this Act.
40. Requirement to display license.
A certification service provider shall at all times display its license in
a conspicuous place at its place of business and on its website.
41. Requirement to submit information on business operations.
(1) A licensed certification service provider shall submit to the
Controller such information and particulars including financial
statements, audited balance sheets and profit and loss accounts
relating to its entire business operations as may be required by the
Controller within the time he or she may determine.
(2) A person who contravenes subsection (1) commits an offence
and is liable, on conviction, to a fine not exceeding twenty four currency
points or imprisonment not exceedingone year or both and in the case of
a continuing offence shall in addition be liable to a daily fine not
exceeding two currency points for each day the offence continues.
32