Index Figures
CHF 2007 2006
INCOME STATEMENT Revenue 4’847’070 1'190’689
Total Income 6'567’049 2'616’522
Income/loss from operation before depreciation on
plant and equipment and goodwill (EBITDA) 1'853’210 -342’563 Income/loss from operation (EBIT) 845’182 -511’078 Profit / (-) loss for the year 978’502 -987’369
Result per share 0,06 -
BALANCE Balance total 7'600’834 6'297’737
Current Assets 4’822’910 4’420’699
Non-Current Assets 2'777’924 1'877’038
Current liabilities 413’770 194’984
Equity 7’187’064 6'102’753
CASH FLOW
STATEMENT Cash flow from ongoing operating activities -526’177 -1'307’244 Net cash from company activities -738’085 -1'530’435 Cash flow from investment activities -1’908’914 -1’890’423 Cash flow from financing activities 0 6'708’607
Highlights 2007
• OPENLiMiT increases its turnover by 307% to CHF 4,85 million (previous year: CHF 1,19 million) and, based on the operative business activities, for the first time makes a profit of CHF 978'502.
• OPENLiMiT expands its partner network with further important technology and distribution partners, e.g. IBM, Microsoft, Disoft and Logo.
• 2007 sees the acquisition of important reference customers who have a signal effect on the respective vertical markets. The leading new key customers
include Europcar, Eurofighter, NORDWEST Handel (Germany), the Purchasing
Association of German Hardware Dealers (Einkaufsbüro Deutscher Eisenhändler), the Federal Labour Agency (Bundesagentur für Arbeit, Germany), the Federal State of Brandenburg (Germany), and the Swiss Federal Administration Authority (Schweizerische Bundesverwaltung), the first state authority of a European country to decide in favour of OPENLiMiT technologies.
• Fujitsu Siemens Computers invests in the establishment of a support
organisation for OPENLiMiT products, thus making a significant contribution to the marketing of OPENLiMiT technologies.
• At the 1st Berlin Signature Conference on 28th February, 2007, the focus is on OPENLiMiT technologies and partner companies such as IBM and Microsoft for the first time publicly announce their co-operation with OPENLiMiT.
• In 2007, OPENLiMiT registers selected technologies for joint certification with IBM and Microsoft in accordance with the internationally acknowledged IT security standards Common Criteria EAL 4+. Presentation of the certification certificate to OPENLiMiT and Microsoft took place on 5th March, 2008 at the Microsoft booth at the CeBIT trade fair. Successful certification with IBM is expected during 2008. Both certification awards are based on new OPENLiMiT technologies which support the form server products of the respective enterprises.
• OPENLiMiT announces the first e-card API-conformant signature middleware
solution for certification by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI). This development, which represents a key technology for e-card projects (such as the European Citizen Card, electronic personal identity card and health card), is supported by Adobe, the German Federal Association of Company Health Insurance Funds (Bundesverband der Betriebskrankenkassen, BKK), CSC Deutschland Solutions, DGN Services, Fujitsu Siemens Computers, Giesecke und Devrient, PDF/A Competence Center and Sun Microsystems.
• The OPENLiMiT technologies are tested by PricewaterhouseCoopers for
deployment in conjunction with electronic invoices and Adobe technologies.
• The OPENLiMiT technologies are the first signature software in Germany to
receive the ISIS-MTT seal of approval, which certifies that the OPENLiMiT technologies comply with internationally accepted signature standards.
• On 16th April, 2007 OPENLiMiT Holding AG shares are successfully admitted to the regulated market (General Standard).
• René C. Jäggi is voted onto the Board of Directors of OPENLiMiT Holding AG
on 27th August 2007. René C. Jäggi previous positions include president and CEO (world-wide) of Adidas AG, President of FC Basel and president and CEO of 1. FC Kaiserslautern.
• The strategic continuing development with the aim of systematically working the market by vertical markets leads to a more streamlined organisational structure with the segments Product Development, Distribution and Marketing and Finances and Administration.
• OPENLiMiT continues to expand its team of employees with key staff in the
segment Distribution and Marketing to provide the best possible support for the growing network of partner companies.
Table of Contents
Annual Report of the Board of Directors
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK S
Chances and Risk Report
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK NR
Business Activities
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK NV
Corporate Governance
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK PR
Consolidated Financial Statement
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK RR
Consolidated Income Statement 2007KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK RR Consolidated Balance Sheet as of 31st December, 2007KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK RS Statement of changes in equity 31st December 2007KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK RT Consolidated Cash Flow Statement from 1st January to 31st December 2007KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK RU Enclosure to the consolidated financial statementKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK RVReport by the Group Auditor
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK TO
OPENLiMiT Holding AG Financial Statement
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK TP
Income Statement 2007KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK TP Balance at 31st December, 2007KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK TQ Note to the Financial Statement 2007KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK TRAudit Report
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK TU
Contact
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK TV
Company Profile
KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK UM
Annual Report of the Board of Directors
Dear Shareholders:
The 2007 financial year was the most successful year in the corporate history of the OPENLiMiT Group. Revenue rose by 307% to CHF 4,85 million (previous year: CHF 1,19 million) and, based on the operative business activities, enabled the Group to generate a profit for the very first time to the sum of CHF 978'502 (previous year: CHF - 987'369). This development is a clear indication to us that the market for the OPENLiMiT products for legally binding electronic processes is developing positively with a decisive gain in momentum.
Economic environment
The global economy continued to develop well in the past year. Growth in the Eurozone in 2007 achieved a rate of 2,5% (State Economic Office, SECO, Switzerland). The good economy led to an increase in the prime rate. This contrasted with the lowering of the prime rate in the USA due to the subprime mortgage crisis. Economic experts expect that for the time being the European Central Bank will keep interest rates at a constant level, and that they will continue to drop in the USA.
In the coming year, the economic upswing should continue at a slower pace, whereby the economic trend has already been cooling down in the recent months. In the Eurozone, experts forecast a growth rate of 2,25% for 2008, with expected growth rates in OPENLiMiT's core markets of 1,7% in Germany, 2,4% in Austria and 1,9% in Switzerland. Despite the curb in economic development, the economic framework conditions for OPENLiMiT are displaying a positive development.
Most of the turnover generated by OPENLiMiT is realised in euros. According to Thomson Financial Datastream, the prognosis for the CHF/euros exchange rate in 2008 indicates a slight strengthening of the Swiss frank against the euro during the course of the year. The expected average monthly value for December 2008 is 1.6372 (comparison with December 2007: 1.6595). The ramifications for OPENLiMiT will therefore be minimal.
Development of the stock markets in 2008 is expected to remain at an attractive level, although the uncertainties arising from the tense loan market situation and US consumer expenditure will probably make them more volatile. In Europe, restructuring plans and the rise in consumer demand represent a potential for a sustained upward trend for Germany and other markets.
In the continuing development of our business, we are helped by the global economic mega-trends of rapid innovation and the development of information technology and telecommunications, frequently referred to as the "communication revolution", associated with the internationalisation of technology. As a consequence of this, long-distance economic transactions are becoming considerably easier and cheaper. The socio-cultural, global mega-trend of the need for transparency (keyword: digital identity) has given the OPENLiMiT technology a further impetus, supplementing the economic mega-trends.
Customers rely on standardised software because they can no longer afford (expensive) specialist developments. Companies want information and communication technologies that are as cost-effective and easy to use as possible. Compatibility and integration in the existing IT and working environment come first; the focus is on smart applications. Interfaces must function smoothly, and business processes and IT have to be perfectly harmonised with one another. This leads to greater demands on the IT industry.
The awareness of companies and state institutions regarding the utilisation of electronic signatures once more perceptibly increased in 2007. This showed itself not only in the greater number of information events covering the topic of security and electronic signatures, but, above all, in the increase in realised projects focussing on the use of electronic signatures. Despite a sharp increase in interest, a widespread application of electronic signatures is still to materialise. The step forward from established work processes to modern workflows, even where it is evident that they will result in greater efficiency and reduced costs, takes time.
Of particular significance to OPENLiMiT is the growth in the market for software products. According to the European Information Technology Observatory (EITO), in 2007 the market for software products grew world-wide by 6%, achieving a total volume of EUR 225 billion. In 2008, a minimal drop down to 5,8% is to be expected. In Europe, the market for software products grew in 2007 by 5,9% to a total volume of over EUR 80 billion. The growth for 2008 is estimated at 5,7%. The estimated development in OPENLiMiT's present core markets of Germany, Austria and Switzerland (DACH) lies slightly above the growth expectations for the Eurozone in 2008. Accordingly, the general outlook for the industry continues to remain healthy. The market for IT security software is also developing positively at an above-average rate. In 2007, the global IT security software market attained an estimated total value of EUR 12,9 billion. Of this, Europe, the Middle East and Africa (EMEA) accounted for around EUR 2,4 billion. According to Gartner, the annual growth rates in Europe will average 9,6% until 2011. This means that the market for IT security software is one of the fastest growing segments of the IT industry.
Legal frameworks and the regulatory environment
The legal frameworks for electronic signatures on the basis of EU Directive 1999/93/EG (see also p. 26) are in place. Since the introduction of this directive, every year further guidelines have been issued stipulating the mandatory use of the electronic signature. The guidelines are implemented by the EU member states in their national legislation. The main new reforms for 2007 and beyond are described here, taking German legislation as an example:
•
Law on Electronic Commercial Registers and Cooperative Registers as well as the Register of Companies (EHUG), dated 10th November, 2006, in force since 1st January, 2007: Makes the certified electronic signature binding for electronic entries in the commercial register, register inspections, etc.•
Ordinance for the Simplification of Waste Disposal Monitoring dated 20.October 2006, in force since 1st February, 2007: This ordinance applies to the maintenance of documentary proof and registers, in electronic form or through the use of forms, concerning the disposal of hazardous and non-hazardous waste products. It stipulates the mandatory use of the certified electronic signature for electronic declarations, notations on expired deadlines, confirmations and decisions, photocopies, applications and exemptions.
The use of the electronic signature, and consequently the fields of application for OPENLiMiT technologies, is becoming increasingly more widespread. This is a good basis for the continuing growth of OPENLiMiT. In 2007, OPENLiMiT positioned itself for special projects in these markets with selected distribution partners.
Directive 2006/123/EG from the European Parliament and Council dated 12th December, 2006, covering services in the single European market, represents another potential use of OPENLiMiT technologies in the future. The EU member states must have implemented this directive by 28th December, 2009. It is designed to guarantee unimpaired service transactions within the Community with all the associated themes. It is to be assumed that many approval and reporting procedures will, by preference, be made available and processed in electronic form, respectively in conjunction with the electronic signature.
Furthermore, according to a report in the German Frankfurter Allgemeine Zeitung, the State Secretaries of the German Ministry of Employment, Justice and Economy agreed on 19th February, 2008 to introduce the ELENA method under the overall control of the Ministry of Economy. In future, employers will be obliged to electronically transmit income and employment data to a central data centre of the state pension scheme. People who want to receive state benefits must agree to the retrieval of their data by the employment agencies or other official departments using the electronic signature. The ELENA method, formerly known as the Jobcard, is planned to come into mandatory deployment from 2011 and enable potential savings of EUR 100 million p.a. This development represents a considerable potential for the sale of OPENLiMiT technologies in the future.
At the close of 2007, new technical guidelines for signature software and associated components were issued which came into effect at the beginning of 2008. The OPENLiMiT base technologies had to be adapted in line with these guidelines and recertified. This has already taken place, which means that the OPENLiMiT technologies comply with these new security requirements.
Business development
OPENLiMiT gained key reference customers in 2007. On the one hand these trigger a signal effect in the pertinent vertical markets, and on the other, they have a pioneer character for further solutions of a similar kind. The most significant projects in 2007 include the following:
•
Europcar Autovermietung GmbH: Deployment of OPENLiMiT technologies fore-invoicing.
•
Eurofighter Jagdflugzeug GmbH: Deployment of OPENLiMiT technologies fordata management and archiving.
•
Purchasing Association of German Hardware Dealers (Einkaufsbüro Deutscher Eisenhändler GmbH (EDE) and NORDWEST Handel AG: Deployment of OPENLiMiT technologies for e-invoicing as a service performed by EDE and NORDWEST for association members.•
German Federal Employment Agency (Bundesagentur für Arbeit):Deployment of OPENLiMiT technologies at every workplace so that all business transactions can be executed electronically and authenticated (in a legally binding manner if necessary).
•
State of Brandenburg (Germany): Deployment of OPENLiMiT technologies forthe legally binding electronic signing of public authority forms by citizens.
•
Swiss Federal Administration Authority (Schweizerische Bundesverwaltung):General agreement on the purchase of OPENLiMiT technologies by state and (in future) cantonal public authorities.
In 2007, OPENLiMiT profited in particular from the marked rise (compared to previous years) in the need for the electronic signature with regard to the significant cut in administration costs at industry and state level. Companies and public authorities are actively seeking technologies for the implementation of legally binding and/or provable electronic processes to lower their costs. Apart from this, the distribution partnerships set up by OPENLiMiT are well present in the target markets in the German-speaking countries and demand is growing.
Further new distribution and technological partnerships allow the marketing of the OPENLiMiT technologies in conjunction with selected software products from IBM and Microsoft, as well as in other geographical markets such as Brazil, Malaysia, Singapore, Slovakia or Turkey. The newly concluded distribution and technological partnerships did not yet contribute to revenue in 2007. They are currently at the preliminary phase involving the necessary technological adaptations and integration in third-party applications.
end users using our certified support partner worldwide. A well-developed support organisation is essential to the completion of mainstream projects.
The most important marketing activities in 2007 included the 1st Berlin Signature Conference in February and OPENLiMiT's attendance at the CeBIT trade fair in March. The 1st Berlin Signature Conference for the first time demonstrated the positioning of OPENLiMiT technologies with its strategic partners such as Adobe, CSC Solutions, Deutscher Sparkassenverlag, Fujitsu Siemens Computers, HP, IBM, itelligence and Microsoft. OPENLiMiT's presence at the CeBIT served as the platform for the presentation of the prototype OPENLiMiT signature middleware solution. This solution, which will be released at the end of 2008/beginning of 2009, is a universally deployable signature software that can be used in compliance with standards and operating system-independently on PCs and servers, particularly in conjunction with large-scale e-card projects (e.g. the European Citizen Card, electronic health card, electronic personal ID card, etc.). Due to its important standing, this development is officially supported by various strategic partners (Adobe, the German Federal Association of Company Health Insurance Funds (Bundesverband der Betriebskrankenkassen, BKK), CSC Deutschland Solutions, DGN Services, Fujitsu Siemens Computers, Giesecke und Devrient, PDF/A Competence Center and Sun Microsystems).
Another significant milestone was the commencement of the test phase of the OPENLiMiT technologies for its deployment in the online banking system of the Deutsche Sparkassenverlag (publishing house for the Sparkasse savings banks) as an alternative to the conventional PIN/TAN method. Completion of the test phase and its launch in the productive environment are scheduled to take place in 2008. The most recent developments include the co-operation between OPENLiMiT and its new technology partner Oracle Deutschland GmbH, as well as with existing distribution partner Fujitsu Siemens Computers GmbH (FSC). This co-operation is based on the groundwork laid in 2007, and concentrates on the development of a "secure middleware" for electronic administrative processes which in future, due to EU guidelines and national legislation, will have to exhibit a new quality of "secure identity relationship". Within the framework of the IT infrastructure, both a certificate-based authorisation concept for accessing sovereign documents (electronic personal ID card (ePA), ePass, "European title of residence"), as well as the processing of legally secure administration procedures, must be possible. At the centre of attention here are secure e-mail and document signatures and encryption, together with audit-secure archiving. Oracle, FSC and OPENLiMiT will make available jointly developed and mutually compatible products and functions that satisfy the security evaluation and certification directives in compliance with the Common Criteria EAL 4+. Technologically, the three enterprises intend to offer the functional solution as part of the Oracle middleware strategy as server extensions with the OPENLiMiT technologies.
Further development of our products
OPENLiMiT continues to work hard towards implementing its product development plan. The company was able to engage the services of additional software specialists. The main release in 2007 was Version 2.1.6.1 of the OPENLiMiT technologies in June 2007. The product version features additional functions, for example for generating PDF and PDF/A files, creating a validation log, as well as support for more signature
certification projects were also concluded for our partners, the German Federal Association of Company Health Insurance Funds (Bundesverband der Betriebskrankenkassen, BKK) as well as the German Savings Bank Publishers (Deutschen Sparkassenverlag, DSV).
Intensive work continued on the development of the OPENLiMiT signature middleware solution. In addition to the porting of the OPENLiMiT software to operating systems other than Windows®, in particular to the Unix variant Sun Solaris
as well as various other Linux derivatives, the OPENLiMiT signature middleware solution is characterised by a new software architecture and user interface. Corresponding prototypes were presented at CeBIT 2007. The certified version is scheduled for release at the end of 2008/beginning of 2009.
Certification in compliance with the internationally acknowledged IT security standard Common Criteria EAL 4+ endow Versions 2.x of the OPENLiMiT technologies with a unique selling point. In 2007, the OPENLiMiT technologies also became the first signature software to be attested by PricewaterhouseCoopers as being suitable for generating legally-conformant electronic invoices in an Adobe environment, as well as being positively examined for ISIS-MTT standards conformity. These supplementary awards are particularly effective where marketing of the OPENLiMiT technologies in specific application scenarios is concerned.
Standard aspects of product maintenance include the integration of the latest signature cards and card readers in the OPENLiMiT solutions, the observance of national security criteria in the target markets, as well as support for new product versions with Adobe and Microsoft technologies. The OPENLiMiT technologies comply with current legal stipulations in OPENLiMiT's core markets.
Distribution and marketing
OPENLiMiT has optimised its distribution strategy on the basis of current market data and the positive development of its business activities. The main changes can be summarised as follows:
1. Restructuring of the price list and product categories: The product family now comprises three categories of products: OPENLiMiT security technologies, OPENLiMiT document technologies and OPENLiMiT archive technologies. This new breakdown optimises how the products are classified, increases the transparency with regard to the multitude of functions and fields of application of the OPENLiMiT technologies, and enhances their comprehension among the distribution partners.
2. Focus on vertical markets with the best chances of growth: Concerted
orientation to the following vertical markets takes place to enable them to be worked with bundled resources: Life Sciences/Health, Manufacturing, Public Sector, Communications, Financial Services and Retail. The realisation of this strategy requires the expansion of the internal distribution organisation for partner support, specifically targeted marketing events, together with further expansion of the external distribution partnerships, so that the relevant vertical markets can be adequately handled.
3. Development and design of the OPENLiMiT technologies as all-in-one solutions for specific application areas: The OPENLiMiT distribution partners frequently offer the OPENLiMiT technologies as integrated solutions in third-party systems. To support this development, the OPENLiMiT technologies are optimised for partner solutions for the following segments because these solutions are in the greatest demand on the market: Invoicing, forms, e-archiving, e-mobile and e-banking. The implementation of this strategy requires supplementary developer resources and the establishment of a distribution and marketing organisation.
Admission to the Regulated Market
With the listing order of the Admission Authority of the Frankfurt stock exchange dated 16th April 2007, 15'757'412 (CHF 4'727'223.60) ordinary shares in OPENLiMiT Holding AG in the name of the bearer with a nominal value of CHF 0,30 per share (total nominal capital), with full profit share authorisation from 1st January 2006 (indefinitely globally certificated), were admitted to the Regulated Market (General Standard).
This step comprises many legal follow-up obligations, thus enhancing transparency. The reporting duty covers the publication of quarterly reports, the annual report and the duty to issue ad hoc announcements. These publications are distributed upon request through specified distributors. They can also be viewed on the OPENLiMiT Web site at www.openlimit.com in the section Investor Relations.
The OPENLiMiT shares have also been recently admitted to the unofficial market segment at the Düsseldorf and Stuttgart stock exchanges.
New member of the Board of Directors
We are pleased to announce that Mr René C. Jäggi was elected as a new member of the Board of Directors of OPENLiMiT Holding AG at the Extraordinary General Meeting on 27th August, 2007. Mr Jäggi disposes over a widespread international network and can look back upon a successful career. The highlights of his international career include President and CEO (world-wide) of Adidas AG, President of FC Basel and President and CEO of 1. FC Kaiserslautern. Mr Jäggi is a valuable addition to the Board of Directors of OPENLiMiT Holding AG due in particular to his marketing expertise and network of contacts.
Change in the company management and extended management Armin Lunkeit joined the company management of the OPENLiMiT Group on 3rd December, 2007. As Chief Development Officer (CDO), he is responsible for the segment Product Planning, Development and Quality Assurance. Armin Lunkeit remains one of the managing directors of OPENLiMiT SignCubes GmbH. The broadening of Mr Lunkeit's area of responsibility took place on account of the value of his know-how to the OPENLiMiT Group. On the same date, Dr. Thomas Hügi assumed responsibility for the segment Distribution and Marketing as part of the broadening of his area of responsibility as Chief Operating Officer (COO).
Dirk Arendt joined the extended management of the OPENLiMiT Group on 1st July, 2007. Dirk Arendt is co-responsible for the segment Business Development. His focal activities, in addition to the general evaluation of market developments and product trends, include the themes administration modernisation and security. Dirk Arendt previously worked for Fraunhofer Gesellschaft e. V. and set up the e-Government business field of the Fraunhofer Institute FOKUS.
Andra Dattler resigned from the extended management of the OPENLiMiT Group on 30th September, 2007, although she continues to work for the Group in sub-areas. Here we would once again like to express our gratitude for her outstanding commitment in establishing the OPENLiMiT Group.
Organisation of the company management
In order to achieve the strategic goals, in particular implementation of the distribution strategy, the areas of responsibility of the company management under the leadership of Henry Dattler, Chief Executive Officer, were reorganised and clearly assigned. These now look like this:
•
Marc Gurov, Chief Financial Officer: Responsible for Accounting andControlling, Investor Relations, Human Resources, legal affairs, internal IT services and administration.
•
Dr. Thomas Hügi, Chief Operating Officer: Responsible for distribution,services and marketing.
•
Armin Lunkeit, Chief Product Development Officer: Responsible for productplanning, development and quality assurance.
•
Reinhard Stüber, Senior Vice President Business Development: Responsiblefor the evaluation of market developments and product trends, as well as the identification of potential partnerships.
Financial results
Revenue increased last year by 307% from CHF 1'190'689 in 2006 to CHF 4'847'070 in the reporting year. OPENLiMiT thus had the most successful year in its corporate history. The steep rise in revenue is a clear indication that the market for electronic signatures is gaining in momentum. The revenue is to be attributed to a large number of reference customers. The operation expenses rose by 82,9% from CHF 3'127'600 in 2006 to CHF 5'721'867 in 2007. This increase in operation expenses is attributable to the rise in personnel expense, higher marketing costs, costs incurred in conjunction with the move to the Regulated Market, as well to a considerable increase in the amount of depreciation. The OPENLiMiT Group thus achieved an EBITDA of CHF 1'853'210 (previous year: CHF – 342'563) and an EBIT of CHF 845'182 (previous year: CHF -511'078). At CHF 978’502, the Group recorded a positive result for the first time based on the operative business activities.
As of 31st December 2007, the liquid assets amounted to 1'079'911 compared to CHF 3'726'910 on 31st December, 2006. Current assets improved, however, by 9% from CHF 4'420'699 in 2006 to CHF 4'822'910 in the reporting year. The reason for
Based on the current assets and actual business development, OPENLiMiT disposes over sufficient liquid assets for at least the next 12 months.
Outlook
We are convinced that the successful development in 2008 will be continued and that an increased growth in revenue and profit will be achieved. The effective realisation of the online banking strategy of the Deutsche Sparkassenverlag in 2008, as well as the meanwhile sound distribution and technology partnerships, serve to reinforce our opinion.
With the strategic and organisational measures, we are well on the way to achieving our stated goals concerning the expansion of our distribution partnerships and sales of our products. We will concentrate even more on marketing management to achieve, together with our partners, success for our company. We are confident that, thanks to standardised business processes and common values, together with the desire to achieve outstanding performance that is anchored in our corporate culture, we will succeed in meeting the needs of our customers, in generating lasting growth for our shareholders, as well as in offering a motivating and worthwhile environment to our employees.
To assure the liquidity of the company for further business activities, the management is considering the option to raise capital in the form of a private placement.
The best possible operational performance, consistent cost management, as well as solid technology, form the cornerstones of our success. On this basis, we want to continue strengthening the OPENLiMiT brand and to raise awareness of our products even further.
All of these goals are only possible due to the efforts of our 31 employees. We thank them for their enthusiasm and commitment, and our customers and shareholders for their loyalty and support.
Chances and Risk Report
The risks include all developments that could endanger the achievement of the set goals or even the continued existence of the company. The aim is respectively the identification in good time of risks and the in-depth evaluation of information, particularly in conjunction with the associated financial consequences. The planning and controlling processes are adapted on the basis of the risks.
The following risks have been identified by the company management and the Bpard of Directors as being of significance to OPENLiMiT:
Distribution and market demand for the software solutions
The success of OPENLiMiT is dependent to a high degree on successful distribution of its products and the market demand for them.
OPENLiMiT sells the products through selected partners. The company’s resources are used for the care and support of partners in the form of integration and solution partners. At the same time, OPENLiMiT is actively involved in the acquisition of further key player distribution and technology partners and the positioning of OPENLiMiT products in strategic projects. However, no assurances can be given that the present distribution and technology partners will achieve the jointly planned goals. The revenue of OPENLiMiT is hugely dependent upon the successful distribution activities of these independent companies. This represents the greatest risk because the business is dependent upon the conclusion of usually larger-scale projects, which may or may not take place within the financial period. Consequently, the turnover may be delayed or not concluded. The market acceptance risk faced by OPENLiMiT products is not considered at this time to be of significance, particularly in view of the initial larger distribution successes.
Competition environment
At this time, the market for signature software is still a young one and is being developed. It cannot therefore be excluded that in future other providers with comparable products will increasingly make their presence felt on the market and offer signature solutions. Certification of the OPENLiMiT technologies in compliance with the IT security standards Common Criteria EAL 4+ is a unique selling point. Products that are in the certification stage may but must not be published. Based on the published certifications and information, OPENLiMiT remains convinced of the development lead of its own technologies. OPENLiMiT cannot give any assessments of products that may be undergoing certification, but have not yet been published. A certified competitor product with a comparable scope of functions could have a negative impact on expected turnover and results.
Another risk of the competition environment is that the unique selling points of the OPENLiMiT technologies cannot be asserted in specific demand situations, allowing competitors to attain a comparably strong position. In such constellations, OPENLiMiT would be exposed to greater competitive pressure.
Development risks
The innovation cycles of technical developments and products are generally very short. This applies in particular to software products. Suppliers must therefore adapt their products and services to new requirements with foresight, flexibly and quickly. Not only that, but the required technologies and certification requirements are becoming more and more sophisticated, particularly in the segment IT security. OPENLiMiT is dependent upon being able to adapt successfully to the rapidly changing technologies, standards and legislation. This brings with it a great demand for skilled workers, as well as capital. OPENLiMiT is also dependent upon third parties (evaluation and confirmation agencies) for certification of its products. Due to the increase in certification procedures in general, there is a risk a certification process cannot be completed on time, preventing early penetration of the market.
Furthermore, the rapid advances being made in technology also involves the risk that the consequences and ramifications of these technologies cannot be fully assessed. A false appraisal by OPENLiMiT of the further development of the solutions it offers with regard to the technologies and customer requirements could have a significantly adverse impact on turnover and results.
Organisational realisation of the planned growth
The development of the company in the field of software development, strategic partnerships, financing and other fundamental activities has been rapid over the past few years, and has put the employees and company resources under much strain. No assurance can be given that the efforts made by the company to create or expand the requisite personnel and technical structures in order to achieve the targets set will be sufficient. Should OPENLiMiT not succeed in creating or expanding the requisite personnel and technical structures, this could adversely affect the company's turnover and results.
Dependence upon key employees
The success of the company is dependent to a significant extent upon the involvement of the present specialists in the management and of the employees. In the event that key employees leave the company, there can be no assurance that OPENLiMiT will be capable of hiring and familiarising qualified executives within an adequate period of time. If OPENLiMiT does not succeed in doing this, it could have an adverse effect on turnover and the profit/loss situation.
Financial risks
Please refer to Section 3 of the Note to the Financial Statement, p. 65, for an overview of the financial risks.
Opportunities
Opportunities for OPENLiMiT will arise in particular in conjunction with e-invoicing and e-form solutions, the increasing number of companies deploying client licences, e-card projects, the widespread circulation of smart cards in Germany, the long-term archiving of electronically signed documents, the co-operation with new partners for
developing more products, as well as in the international expansion into new geographical markets.
E-invoicing solutions are today in especially high demand by companies. The associated significant cost reductions are of interest to any firm. Equally interesting are the cost savings that can be achieved by utilising signature software for the fully electronic, form-based processing of transactions. Both segments are a major potential source of revenue for OPENLiMiT. At the present time, it is difficult to assess this potential.
Companies and public authorities are increasingly equipping their individual workplaces with signature software to enable all their employees to process transactions electronically. The cost savings are considerable here as well. This is another major potential source of turnover for OPENLiMiT. At this time, it is difficult to assess in what sort of time period signature software will be introduced at company and public authority workplaces. Consequently, this potential cannot as yet be quantified.
E-card projects describe smart card projects such as electronic health cards, electronic personal identity cards, electronic passports, etc. OPENLiMiT has developed a middleware technology that could serve as a connector for many applications in such projects. This development is supported by enterprises such as Adobe, the German Federal Association of Company Health Insurance Funds (Bundesverband der Betriebskrankenkassen, BKK), CSC Deutschland Solutions, DGN Services, Fujitsu Siemens Computers, Giesecke und Devrient, PDF/A Competence Center and Sun Microsystems. The first projects in conjunction with the electronic health card will probably be realised in Germany in 2008. These projects represent a considerable potential source of revenue and profit for OPENLiMiT, although the scope or time periods of potential projects cannot be assessed at this time.
The Sparkasse savings banks have brought into advance circulation over 24 million signature-capable EC cards (of a total target of 45 million) for the online banking system that will be offered in 2008 alternatively on the basis of smart cards and the OPENLiMiT technology, S-TRUST Sign-it. This is an enormous potential source of turnover and profit for OPENLiMiT for 2008 and beyond. However, a concrete appraisal of the acceptance, and in particular the time frame for achieving satisfactory market penetration, is not possible at this time.
The segment for long-term archiving in conjunction with the electronic signature is yet another opportunity for OPENLiMiT. Signed documents have to be periodically re-signed so that the document integrity can be preserved or guaranteed over longer periods of time. For this purpose, OPENLiMiT is developing special technologies to considerably simplify the re-signing of large numbers of documents. These technologies will be marketed in future by selected partners, who are also involved in the development of other products in the overall solution (for example archive solutions). Taking into account the huge number of electronic archives in the private and public sectors, this development represents a major potential for OPENLiMiT. Completion of this work is expected in 2008. The effectiveness of the planned marketing measures, or the acceptance of the products and thus the resulting
should be finalised in 2008, thereby opening up even more markets for the OPENLiMiT technologies, each of which holds a significant potential for existing and new customers. When exactly this interoperability will be completed, the effectiveness of the planned marketing measures, or the acceptance of the products and thus the resulting turnover and profits, cannot be ultimately evaluated at this time.
The main emphasis of OPENLiMiT's distribution and marketing activities is currently focused on the German-speaking countries. OPENLiMiT did, however, succeed in entering into specific distribution partnerships in other markets in 2007. Additionally, distribution partnerships with several global players enable the European and world-wide marketing of selected OPENLiMiT technologies. This increases OPENLiMiT turnover potential considerably. Due to the necessary adaptation of the OPENLiMiT technologies, the speed of the realisation, and consequently the ensuing revenue and profits, cannot be definitively assessed.
No risks that could endanger the continuing existence of the company can be seen at the present time.
Business Activities
1. Introduction
The OPENLiMiT Group is a leading IT company for security, document and archive technologies in conjunction with electronic signatures. Its head office is in Baar, Switzerland, and it has a subsidiary in Berlin, Germany. The OPENLiMiT signature software helps consumers, companies and state institutions to enhance the security, verifiability and efficiency of their electronic business transactions, to reach the greatest possible security for its data, as well as to optimise workflow and communication processes.
OPENLiMiT markets its products under the names “OPENLiMiT®” and “OPENLiMiT® SignCubes”. The OPENLiMiT signature software is the first signature software to be certified by the German Federal Office for Information Security (BSI) in compliance with the international IT security standard, Common Criteria EAL 4+. In addition, the OPENLiMiT SignCubes Base Components have been awarded the ISIS-MTT seal of approval for the “Document Signing Client” and “SigG-Profile Compliant Document-Signing Client” product classes by the ISIS-MTT Board. Furthermore, the OPENLiMiT SignCubes Base Components have been confirmed, if required by national regulations, compliant in accordance with the respective signature laws of the target markets. Moreover, PricewaterhouseCoopers has attested that the joint Adobe and OPENLiMiT solutions fulfil all auditing requirements regarding audit-secure invoicing and archiving. The OPENLiMiT software products are supplied as standard solutions in various different configurations. Due to the modular development of the software products, the modules can be repeatedly recombined and adapted to specific customer needs.
OPENLiMiT products are extremely versatile. For example, OPENLiMiT products are already being deployed in B2C, B2B, C2C, G2B, G2C and G2G applications.
The market development of signature application components is being primarily encouraged by a legally supported environment, increased pressure in the private and public sectors to save costs and increase efficiency through the use of media-consistent workflows, as well as by greater awareness of the hazards of data manipulations by third parties, phishing and identity theft.
OPENLiMiT’s international activities and subsidiaries are directed by the head office in Switzerland. The OPENLiMiT products are marketed by our marketing and co-operation partners to the entire market spectrum of consumers, small and medium-sized enterprises (SMEs), major corporations and multinational groups, as well as state institutions. An overview of the distribution and co-operation partnerships is available in the section 'About OPENLiMiT/Partners' on the OPENLiMiT Web site: www.openlimit.com.
2. Products and services
2.1 General
The OPENLiMiT signature software allows on the one hand the unequivocal identification of the author of an (electronic) message, in that the author’s electronic signature can be verified by a trust centre or in general a Public Key Infrastructure or PKI (authenticity), and on the other hand the detection of deliberate and/or unintentional manipulation of documents or data (integrity). In addition to this, the sense of responsibility of those participating in electronic workflow processes is enhanced by the actual act of signing.
Of particular significance is that they allow legally binding processes to be concluded electronically using advanced or qualified electronic signatures, whereby (as a rule only) the qualified electronic signature is accorded the same status as hand-signed signatures on the basis of the corresponding legal regulations.
OPENLiMiT products have the following features and functions:
• The OPENLiMiT SignCubes Base components have been certified by the
German Federal Office for Information Security (BSI) in compliance with the so-called Common Criteria. The certification of the OPENLiMiT SignCubes Base Components covers the technical security-related functions for generation and verification of qualified electronic signatures, whereby the OPENLiMiT software incorporates technical components for generating and verifying qualified electronic signatures using a unique quality mark. Moreover, the OPENLiMiT software was the first signature software to be awarded the ISIS-MTT seal of approval for the "Document Signing Client" and "SigG Profile Compliant Document-Signing Client" product classes, as well as the supplementary "Processing of attribute certificates", by the ISIS-MTT Board. PricewaterhouseCoopers has also attested that the joint Adobe and OPENLiMiT solutions fulfil all auditing requirements regarding audit-secure invoicing and archiving.
• The OPENLiMiT technology can be integrated in existing software
environments (e.g. an existing Enterprise Resource Planning (ERP) software, Document Management System (DMS), archive system or Enterprise Content Management (ECM) system of a company or authority) via a Common Criteria-certified interface. This allows electronic signature functions (e.g. generation, authentication, test protocol, time stamp, etc.) to be integrated in electronic processes where an electronic signature is necessary or desirable.
The OPENLiMiT technologies have meanwhile been integrated in over 30 systems from third parties such as Adobe, CSC, itelligence, Microsoft and SER.
• The OPENLiMiT software supports the globally widespread PDF format
(Portable Document Format) and even allows embedded PDF signatures (i.e. signatures that are embedded in the PDF document). This means that PDF documents can be displayed as legally required showing any hidden data, and then signed or authenticated. The signature functions can also be executed within the Adobe® products Adobe® Reader®, Adobe® Acrobat® and Adobe®
LiveCycleTM using the certified OPENLiMiT® plug-in for Adobe®
(www.adobe.de/signatur).
• Plug-in for Adobe® Reader® and Adobe Acrobat® version v7.X/v8.X for
generating and verifying embedded PDF signatures;
• Secure and legally compliant display of PDF, TIFF and TXT files in the
OPENLiMiT® Secure Viewer;
• PDF and PDF/A generation;
• Independent of trust centres;
• Support for most confirmed signature cards that work with an RSA algorithm. Cards that are addressed via the PKCS#15 interface are also supported;
• Support for a large number of different card readers as well as PC/SC-capable card readers;
• Support for all approved Hash algorithms (SHA-1 to SHA-512, RIPEMD-160)
as well as the RSA algorithm up to 2048 bits;
• Various other features such as time stamp querying, OCSP queries, support
for attribute certificates, etc.
2.2 Software products
OPENLiMiT offers different software products that are designed as modules (OPENLiMiT software family, version 2.X). This is a system of various components for generating and verifying qualified and advanced signatures as well as for encrypting and decrypting data. The different products from the 2.X product family originate from the combination of various software modules developed by OPENLiMiT.
The OPENLiMiT software is designed for use under Microsoft® operating systems
(Windows® 2000 and later). V3.X, which was presented at CeBIT 2008, will add support for the operating systems Linux, Unix and Sun Solaris, soon to be followed by Mac OS.
With the licensing system, users can easily update or upgrade from one product to the next at any time simply by entering an appropriate licence key. OPENLiMiT® has three product categories on offer: Security Technologies, Document Technologies and Archive Technologies. The following overview provides details of the sub-divisions of these product categories:
2.2.1 OPENLiMiT Security Technologies Product
Licence Client Products Server Products Form Products
Single licence OPENLiMiT® Reader
• Generation of signatures in activated forms • Signature verification • Unequivocal representation of signable data • PDF/A verification logs • PDF Plug-In for Adobe® OPENLiMiT® Reader Light • Signature verification • Unequivocal representation of signable data • PDF/A verification logs • PDF Plug-In for Adobe® OPENLiMiT® CC-Sign • Full version: • Generation of signatures • Signature verification • Encryption and decryption • Unequivocal representation of signable data • TIFF/ PDF (and also PDF/A) Producer • PDF/A verification logs • PKCS#11 Driver • CSP • Shell Extension • PDF Plug-In for Adobe® • Workflow • SSL • SmartCard logon OPENLiMiT® Integration Suites Additional purchase of respective runtime licences required.
• Standard (simple client integration)
• Hash value calculation using files.
• Generation of signatures for single documents.
• Signature verification for single documents.
• Splitting and merging of original data and signature data.
• Encryption and decryption of files. • Professional (extended
client integration)
• All functions in the standard version plus
• Retrieval of OCSP responses. • Retrieval of time stamps. • Processing of Batch 25 signature jobs. • Enterprise (integration in server environments) • Performs "silent" verification of electronic signatures. • Processing of batch jobs for an unlimited number of
documents.
The OPENLiMiT Form products extend the functionality of the cost-free OPENLiMiT® Reader for generating signatures (qualified signature) in licensed forms. The function for generating signatures with
OPENLiMiT® Reader is only available for previously activated Adobe® forms. Support is available for other form technologies (e.g. from IBM and Microsoft).
OPENLiMiT® Authorization Suite—Standard
• OPENLiMiT® CC-Sign
• Form code for activating Adobe® Acrobat®
activated forms for either:
• an unlimited number of users, but for a
maximum of 500 signed forms that are returned, or
• 500 users, whereby the number of signed forms is unlimited. OPENLiMiT® Authorization Suite—Enterprise • OPENLiMiT® Authorization Suite— Enterprise meets segment needs with regard to forms that are to be evaluated.
OPENLiMiT Security Technologies Product
Licence Client Products Server Products Form Products
• Plus optionally OPENLiMiT® Batch 25
OPENLiMiT® Batch The OPENLiMiT® Batch products are based on the OPENLiMiT® Integration Suite— Enterprise and can only be used for batch signatures. • OPENLiMiT® Batch Fixed Use • OPENLiMiT® Batch 120’000: Component with no time restrictions, but limited to a total of 120'000 signatures over the lifetime of the licence.
• OPENLiMiT® Batch Recurring Use
• Can only be used for batch signatures in line with scaled numbers of signatures. Volume licence Corporate licence
Client licences for the number of employees/users at the company. OPENLiMiT® Integration Suite including OPENLiMiT® Batch function in line with scaled numbers of signatures.
Form licences measured against the number of customers/potential form users.
State licence Client licences for the number of
employees/users at the public authority.
OPENLiMiT® Integration Suite including
OPENLiMiT® Batch function in line with scaled numbers of signatures.
Form licences measured against the number of inhabitants/potential form users in the catchment area of the public authority.
Campus licence Client licences for the number of
employees/students/us ers at the educational institution.
OPENLiMiT® Integration Suite including
OPENLiMiT® Batch function in line with scaled numbers of signatures.
Form licences measured against the number of students/potential form users.
2.2.2 Document Technologies Product
Licence Integration Products
Single licence Technologies for generating and converting PDF and PDF/A documents either singly or in batches (e.g. conversion of any printable formats into PDF/A documents), validation (verification of PDF/A conformity), optimisation (optimisation and repair of corrupt documents), extraction (extraction of document contents),
analysis and processing (searches for specified contents, further processing for automated processes).
Generating (conversion of any printable formats into TIFF documents) and analysis (analysis for inconsistent data, etc.) technologies are available for ASCII & TIFF formats.
Volume licence
Corporate licence Client licences for the number of employees/users at the company, or server licence.
State licence Client licences for the number of employees/users at the public authority, or server licence.
Campus licence Client licences for the number of employees/students/users at the institute of education, or server licence.
2.2.3 Archive Technologies Product
Licence Project Products
Single licence OPENLiMiT® Archisoft
The OPENLiMiT middleware for archiving solutions, as well as incorporating the actual archiving functionality, sustainably assures the authenticity, integrity, trustworthiness, completeness and availability of the electronic data, which means at least for the duration of legally stipulated retention periods. The value of the electronic signatures is retained through punctual renewal by means of a time stamp service. The procedure is optimised in that documents are not processed individually; instead, a large number of documents are initially collated into a hash tree. A time stamp is only retrieved for these documents, which renews the signatures of all the documents. The time stamp is a signed date and therefore also subject to an aging process. For this reason, it is integrated in the archiving process and continually renewed. This is a mainstream, efficient and cost-effective solution and satisfies legal requirements.
Volume licence
Corporate licence Server licences for companies.
State licence Server licences for public authorities.
The following products are available: OPENLiMiT Security Technologies
• Single workstation solutions
o OPENLiMiT CC-Sign
o OPENLiMiT CC-Sign plus Batch 25
• Server solutions
o OPENLiMiT Integration Suite (Standard, Professional, Enterprise)
o OPENLiMiT Integration Suite with batch signatures
• Form solutions
o OPENLiMiT Authorization Suite (Standard, Enterprise)
• Verification solutions
o OPENLiMiT Reader
o OPENLiMiT Reader Light
OPENLiMiT Document Technologies OPENLiMiT Archive Technologies
• OPENLiMiT Archisoft
The free OPENLiMiT® Reader allows electronic signatures to be authenticated by recipients who do not have access to a smart card or card reader. In addition, the user can also use the free OPENLiMiT® Reader to generate signatures in specially licensed documents with his smart card and card reader. This gives companies and authorities the capability to conclude electronic workflow processes with external users without the user being compelled to purchase the software. The company’s remaining software products are sold.
2.3 Services
OPENLiMiT offers its customers various services incorporating security, document and archiving technologies. As well as taking care of our regular activities, such as product version care and changes, our highly qualified and certified advisors and developers support customers in the overall realization of their projects. Our service portfolio ranges from the drafting of specifications, over technology consulting, through to the implementation of custom-designed solutions.
fãéäÉãÉåí~íáçå=
pÉêîáÅÉë= `çåëìäíáåÖ=pÉêîáÅÉë= pìééçêípÉêîáÅÉë= qê~áåáåÖ=pÉêîáÅÉë=
• Implementation Services: Services associated with the realisation of projects for specific customer requirements.
• Consulting Services: Consulting services for ascertaining and documenting
solution approaches for customer-specific requirements and project specifications.
• Support Services: Software support services. These are available in three different forms: 0900 hotline, software support package and software maintenance agreements. Support services in connection with the 0900 hotline and software support package are generally provided by Fujitsu Siemens Computers GmbH, whereby OPENLiMiT provides third level support. In the case of software maintenance agreements, OPENLiMiT fundamentally provides third level support; dependent upon arrangements with the customer, first and second level support is provided by either Fujitsu Siemens Computers, the respective OPENLiMiT distribution partner or OPENLiMiT itself.
• Training Services: Comprises training services for distribution organisations, support structures, customers or developers.
3. Regulatory environment
For the main part practice-orientated laws, particularly in Europe, have resulted internationally in numerous legal standards regulating electronic signatures that are characterised by a high "similarity factor". In most cases, the (qualified) electronic signature is accorded the same status as the hand-signed signature. This means that the legal frameworks for the usage of electronic signatures now exist.
The adherence to international standards allows the signature solutions available on the market to be easily integrated in existing applications, simplifying the technical implementation of the electronic signature considerably. Many projects in the fields of e-government, e-invoicing, e-archiving, e-banking or e-forms are proof of the accelerated development of the electronic signature.
There now follows an overview of the principal legislation, together with an overview of the main applicable legislation in the respective target markets of OPENLiMiT.
Global overview
At global level, national regulations are supported by the UNCITRAL Model Law on Electronic Signatures. Countries including China (2004), Mexico (2003), Thailand (2001), Vietnam (2005) and the United Arab Emirates (2006) have adopted signature legislation on the basis of this law.
Most of the world’s industrial countries have passed laws that accord (qualified) electronic signatures the same status as hand-signed signatures. This includes the following countries:
Argentina, Australia, Austria, Bahamas, Barbados, Belgium, Bermuda, Brazil, Bulgaria, Byelorussia, Canada, Chile, China, Colombia, Croatia, Czech Republic, Denmark, Dominican Republic, Ecuador, Estonia, Finland, France, Germany, Greece, Great Britain, Hong Kong, Hungary, India, Indonesia, Ireland, Israel, Italy, Japan, Latvia, Lichtenstein, Luxembourg, Malaysia, Malta, Mexico, New Zealand, Netherlands, Nicaragua, Norway, Panama, Peru, Philippines, Poland, Portugal, Puerto Rico, Romania, Russian Federation, Sweden, Switzerland, Singapore, Slovakian Republic, Slovenia, Spain, South Africa, South Korea, Taiwan, Thailand, Trinidad, Tunisia, Turkey, Uruguay, USA, Venezuela and Vietnam (source: http://dsls.law.uvt.nl/).
Europe
Directive 1993/93/EC from the European Parliament and Council dated 13th December, 1999, regulating the common basic principles of electronic signatures ("EU Signature Directive") lays down criteria that serve as the foundation for the legal recognition of electronic signatures. The emphasis here is on certification services. This concerns in detail:
•
Common obligations for certification service providers to assure the cross-border recognition of the signatures and certificates in the European Union;•
Common codes of practice to create a trustworthy basis among both theconsumers who rely on the certificates and the service providers;
•
Procedures for cooperation to facilitate the cross-border recognition of the signatures and certificates in third countries.Two new terms are defined in the directive:
•
advanced electronic signature: An electronic signature that meets thefollowing requirements:
o It is uniquely linked to the signatory; o it is capable of identifying the signatory;
o it is created using means that the signatory can maintain under his sole
control;
o it is linked to the data to which it relates in such a way that any
subsequent change of the data is detectable.
•
the qualified certificate must in include in particular:o An indication that the certificate is issued as a qualified certificate; o the identification of the certification service provider;
o the name of the signatory;
o provision for a specific attribute of the signatory to be included if relevant,
depending on the purpose for which the certificate is intended;
o signature verification data which corresponds to signature creation data
under the control of the signatory;
o an indication of the beginning and end of the period of validity of the
certificate;
o the identity code of the certificate;
o the advanced electronic signature of the certification service provider
issuing it.
The certificate must also be issued by a certification service provider that fulfils certain requirements of the directive.
All member states of the European Union have implemented the EU Signature Directive in national legislation, thereby according the qualified electronic signature the same status as a hand-written signature. This means that the legal frameworks for the usage of electronic signatures in the business domain now exist.
Germany
The EU Signature Directive has been implemented in Germany with the law on framework conditions for electronic signatures from 16th May, 2001 (SigG, BGBl I 2001, 876), supplemented by the First Act on the Amendment to the Signature Act from 4th January, 2005 (1. SigÄndG, BGBl I 2005, 2), as well as the Electronic Signature Ordinance from 16th November, 2001 (SigV, BGBl I 2001, 3074).
In the German Signature Act, different electronic signatures are governed by differing requirements: Simple, advanced and qualified signatures.
Activities as laid down in the Signature Act are performed by the Federal Network Agency ("Bundesnetzagentur" or BNetzA). The BNetzA supervises the certification service providers. In addition to its supervisory function, the BNetzA is also an accreditation authority, recognises verification and confirmation agencies such as the Federal Office for Information Security ("Bundesamt für Sicherheit in der Informationstechnik" or BSI), and is the root directory for accredited service providers.
The legal ramifications of electronic signatures are governed in civil law in the Law on the adaptation of the formalities of civil law and other regulations to modern legal business activities from 13th July, 2001 (BGBl I 2001, 1542) and, based on this, in particular in §§126 ff. of the German Civil Code (BGB), in which the certified electronic signature is accorded the same status as the hand-written signature.
With regard to orderly and proper accounting, the Principles of data access and the verifiability of digital documentation ("Grundsätze zum Datenzugriff und zur Prüfbarkeit digitaler Unterlagen" or GDPdU), in a letter from the Federal Ministry of Finance dated 16th July, 2001 (GDPdU, BGBl I 2001, 1542), contains rulings on the retention of digital documentation and the obligations of cooperation of taxpayers for company audits. The GDPdU stipulations concerning the retention of invoices in the sense of the German Turnover Tax Act from 21st February, 2005 (UStG, BGBl I 2005, 386) include the following:
• The invoice must bear a qualfied electronic signature (facsimile signatures are not sufficient);
• The recipient must verify the signature with regard to the integrity of the data and the signature authorisation and document the result;
• The recipient must save the invoice on a data carrier that does not allow any modification of the data;
• The recipient must record the receipt of the invoice, its conversion and the further processing and archiving;
• The recipient must ensure that the transfer, archiving and conversion systems comply with the principles of orderly and proper computer-supported accounting systems as laid down in the letter from the Federal Ministry of Finance dated 7th November, 1995 (GoBS, BStBl 1995 I, 738).
The GoBS represent an explanation of the German Commercial Code, last amended on 10th December, 2007 (HGB, BGBl I 2007, 2833), and the German Fiscal Code, last amended on 10th October, 2007 (AO, BGBl I 2007, 2332), with regard to the proper handling of electronic documents. The GoBS regulate the handling of data and documentation subject to retention in electronic accounting systems, as well as in data-secure document management systems and audit-secure archiving systems. It also contains stipulations governing the internal control system (ICS) and procedural documentation.
Austria
The Austrian Federal Act on Electronic Signatures from 19th August, 1999, in effect since 1st January, 2000 (SigG, Principal Version BGBl. I No. 190/1999, SigG), was one of the first acts of legislation to implement the EU Signature Directive. The Signature Act is elaborated in the Signature Ordinance from 2nd February, 2000 (SigV, Principal Version BGBl II No. 20/2000, SigV), replaced by the Signature Ordinance from 7th January, 2008 (SigV 2008).
The Signature Act differentiates between the (simple) electronic signature and the qualified electronic signature. In §886 of the Austrian Civil Code (ABGB), the qualified electronic signature based on a qualified certificate is regarded as a mechanical reproduction of the signature if it is common practice in business affairs. This means that the qualified electronic signature enjoys more or less the same status as the hand-written signature in Austria as well.
The Federal law on rulings for simplifying electronic dealings with public authorities from 27th February, 2004 (E-Government Act, BGBl I No. 10/2004) allows the use of a citizen card with a secure electronic signature for participating in electronic administrative processes.
The Telekom Control Commission, as the regulatory authority for the Austrian telecommunications market, is also responsible for the tasks of the supervisory body in accordance with the Signature Act. The suitability of the association "Centre for Secure Information Technology – Austria" ("Zentrum für sichere Informationstechnologie – Austria/A-SIT") to act as a confirmation agency was determined by decree. Certification service providers must notify the supervisory body when they commence their activities. On 24th September 2002, the supervisory body began live operation of the public key infrastructure (PKI). This is used by the supervisory body to issue certificates to certification service providers, which are then stored in directories that satisfy the most stringent security requirements.
Switzerland
In Switzerland, the "Federal law on certification services within the scope of the electronic signature" (ZertES, SR 943,03) came into force on 1st January, 2005. This defines the conditions under which providers of certification services can be recognised on a voluntary basis, and regulates their activities in the field of
Accreditation Authority ("Schweizerische Akkreditierungsstelle" or SAS) monitors the approving bodies for certification service providers.
A new article has been introduced into obligation law with this federal law (Art. 14 Para. 2bis OR). This makes the provision that even those contracts which by law must be made in writing can now be concluded electronically. For this purpose, they must be supplemented with an electronic signature belonging to the obligor that is based on a qualified certificate. The law also regulates the requirements that must be satisfied by the certification service provider in the field of electronic signatures who is seeking approval. In conclusion, the new Article 59a OR declares that the owner of the signature key is liable for any abuse of the key.
The "Ordinance on certification services within the scope of the electronic signature" (VZertES, SR 943,032) came into effect at the same time as the ZertES. In particular, it specifically stipulates the obligations under which acknowledged certification service provider are placed. The Federal Department of Communication ("Bundesamt für Kommunikation" or BAKOM) must enact the requisite technical and administrative regulations on the basis of this legislation.
The "Ordinance on electronic transmission in administration processes" (SR 182,021,2) came into force on 1st January, 2008. It regulates the conditions for electronic data input at the confederation's administrative authorities and for the electronic opening of dispositions issued by these authorities.
Finally, the new "Ordinance on electronically transmitted data and information" (ElDI-V) relating to value-added tax has been in effect since 1st November, 2007. A crucial prerequisite for the paperless exchange of data relevant to value-added tax is that the data must be signed electronically. Advanced electronic signatures are sufficient for this purpose.
The latest legal provisions are compatible with the legal regulations of the European Union.
Refer also to the section "Legal frameworks and regulatory environment" on page 8 for an overview of the most recent new legislation,