Amid ongoing efforts to harness blockchain technology to strengthen transparency and accountability in the government, the Securities and Exchange Commission (SEC) is poised to roll out its own blockchain-based platform that allows for a more secure digital authentication of reports and other documents filed by corporations.
The Commission on October 22 issued for public comment the draft memorandum circular on Blockchain-Based Digital Signing and Authentication of SEC Documents using the SEC Verification of Electronic Records and Information Trust and Authentication System (VERITAS).
VERITAS is a digital signature platform that will enable the transacting public to securely sign and authenticate SEC-related documents with the use of publickey cryptography.
The system is designed to record digital signing events on a decentralized ledger, ensuring immutability, timestamping, and cryptographic verification.
Once the guidelines are finalized, the SEC is prepared to immediately deploy VERITAS for public use, allowing other government agencies to assess the benefits and advantages of blockchain technology and see how it can be applied within their own operations.
“By integrating blockchain-based digital signing and authentication into our processes, we aim to strengthen the integrity and reliability of reports and documents submitted by corporations to the Commission by making them immutable, permanent and indestructible,” SEC Chairperson Francis Lim said.
“VERITAS also reaffirms our commitment to digital transformation not only by making transactions more secure and efficient, but also by reducing paperwork and cutting processing time to further improve how we do
business,” he added.
Integrated authentication system
The draft rules seek to integrate VERITAS into the existing digital identity and credentialing system of the SEC under the Electronic SEC Universal Registration Environment (eSECURE), as well as the digital authentication platform under the Electronic Submission Authentication Portal (eSAP).
The current authentication systems allow the public to register their corporations with the SEC through a fully online process, without the need for wet signatures and notarized documents. With VERITAS, the SEC will shift from the use of one-time passwords currently needed to authenticate documents under eSAP, to end-to-end encryption, multi-factor authentication, and cryptographic signing mechanisms using the user’s private key.
“The use of end-to-end encryption, multi-factor authentication, and cryptographic signing mechanisms through VERITAS will ensure that only authorized individuals can sign documents, thereby preventing unauthorized
access, tampering, or forgery,” Chair Lim explained.
Under the draft circular, one must first create an eSECURE account before gaining access to VERITAS. Registration under eSECURE involves a mandatory credentialing process, which serves as an eKYC, or electronic Know Your
Customer, procedure, to ensure that the person using the account is the one in charge of authenticating documents himself.
The credentialing process requires the submission of verified governmentissued identification documents and a liveness detection protocol, establishing a reliable and verifiable link between the digital signature and the legal identity of the signatory.
VERITAS will be made available on mobile devices through the SEC Check App, the official mobile application of the Commission.
Coverage Under the proposed guidelines, VERITAS will be available to all individuals
including incorporators, directors, officers, authorized representatives, and other persons submitting documents to the Commission.
VERITAS will also cover all corporations, partnerships, and other juridical entities registered with the SEC, as well as departments, extension offices, and personnel involved in the processing, verification, and archiving of electronically submitted documents.
Documents eligible for signing and authentication through VERITAS include the
articles of incorporation, certificates of authentication, general information sheets, board resolutions, director’s certificates or letters, petitions, financial statements, and any other document requiring digital authentication under SEC rules.
The SEC seeks to make VERITAS an optional requirement during the initial implementation phase to ease the transition to and adoption of the new system.
However, the Commission may require the mandatory use of the system for specific types of filings or entities in the future.
Same legal effect and enforceability
Documents digitally signed and authenticated through VERITAS will be accepted as duly signed and authenticated paper documents for purposes of SEC transactions.
Pursuant to Republic Act No. 8792, or the Electronic Commerce Act, such documents shall have the same legal effect and enforceability as a signed and notarized written document, unless the law explicitly requires physical notarization or another form of authentication.
The digital version of the document will also be considered the official and primary record.
Accordingly, the submission of the hard copies of VERITASsigned documents will not be required.
The SEC Information and Communications
Technology Department is accepting comments on the draft memorandum circular until October 31.
Comments may be sent via email at ictdod@sec.gov.ph.
