Cybersecurity and Online Formation of Companies in the Netherlands, Belgium, and Germany
WP 2024-7
Within the European Member States, it should now be possible to establish a limited liability company fully online. This study compares how the Directive which mandates online formation, has been implemented in the Netherlands, Belgium, and Germany. In particular, it examines whether and, if so, how these countries approach the various cybersecurity risks involved in online formation.
The Directive considers these cybersecurity risks, however, the focus is mainly on the requirements regarding the availability of online formation and to a lesser extent the requirements pertaining to the authentication of the founders, as well as the authenticity and integrity of electronic documents. The primary emphasis of the Directive is strongly placed on achieving the objective of facilitating easier, quicker, and more time- and cost-effective company formation.
The approach taken by the Netherlands, Belgium, and Germany in implementing the Directive and enabling online formation demonstrates a notable level of similarity. All have made sure to safeguard the traditional role of notaries in company formation in these countries. Despite the Directive's emphasis on availability, the primary concern for these Member States lies in ensuring the security of online formation. All impose strict requirements regarding cybersecurity and opted for the highest standards regarding authentication (assurance level 'high') and authenticity (qualified electronic signatures).