CBEC Instruction F. No. 224/44/2014-CX.6 dated the 6th July, 2015
Sub: Instructions regarding maintenance of Records in Electronic Form and authentication of records by Digital Signature–manner of verification-reg.
Kind attention is invited to sub-rule (5) of rule 10 of Central Excise Rules, 2002, inserted vide Notification No. 8/2015-CE (N.T.) dated 01.03.2015 and sub-rule (5) of rule 5 of the Service Tax Rules, 1994 inserted vide notification no. 5/2015-Service Tax dated 01.03.2015. As per the provisions of these sub-rules, the assessees may opt to maintain records in electronic form and authenticate the same by digital signatures subject to conditions, safeguards and procedures prescribed by the Board. Attention is also invited to sub-rule (9) of rule 11 of CER, 2002, and sub-rule (2) of rule 4(C) of the Service Tax Rules, 1994 inserted by the same notifications. As per the provisions of these rules, the assessees may exercise the option to issue invoices authenticated by digital signatures. Subsequently, Board vide Notification No. 18/2015-C.E.(N.T.) dated 6th July, 2015 has prescribed conditions, safeguards and procedures for preserving records in electronic form and authentication of records by digital signatures.
2.0 The salient features of the Notification No. 18/2015-C.E. (N.T.) dated 6th July, 2015 are:-
a. Every assessee proposing to use digital signature shall use Class 2 or Class 3 Digital Signature Certificate duly issued by the Certifying Authority in India.
b. Every assessee proposing to use digital signatures shall intimate the details such as name, e-mail id, office address and designation of the person authorized to use the digital signature certificate, name of the Certifying Authority, date of issue of Digital Certificate and validity of the digital signature etc., to the jurisdictional Deputy Commissioner or Assistant Commissioner of Central Excise at least 15 days in advance. In case of any change in the details submitted to the jurisdictional Deputy Commissioner or Assistant Commissioner, complete details shall be submitted afresh within 15 days of such change. Assessees already using digital signature shall intimate the above details within 15 days of issue of the notification.
c. Every assessee opting to maintain records in electronic form, who has more than one factory or service tax registration, shall maintain separate electronic records for each factory or each service tax registration.
d. A Central Excise Officer, during an enquiry, investigation or audit, in accordance with the provisions of section 14 of the Central Excise Act, 1944 and as made applicable to Service Tax as per the provisions contained in section 83 of the Finance Act, 1994, may direct an assessee to furnish printouts of the records in electronic form and invoices and may resume printouts of such records and invoices after verifying the correctness of the same in electronic format; and after the print outs of such records in electronic form have been signed by the assessee or any other person authorised by the assessee in this regard, if so requested by such Central Excise Officer.
3.0 Following procedures are hereby prescribed for verification of digitally signed invoices and documents:
3.1 The process for verifying digitally signed documents or invoices requires a computer system with internet connection. Digitally signed invoices or documents either in PDF format or the hard copy of invoices and documents may contain a web link where the documents or invoices are stored by the assessee, which can be accessed using this web link for verification. Assessee shall either provide access to the weblink of the company for verification or forward the digitally signed invoice or document by e-mail on requisition by the Central Excise Officer for verification.
3.2 The contents of a digitally signed document or invoice can be verified as follows:
a. Automatic pop-up of message once a digitally signed invoice is opened for the first time
i. Whenever a document/ invoice containing a valid digital signature is opened in a pdf format, a pop up will automatically appear on the computer screen indicating the manner in which the digital signature of the person, who has signed the document, can be validated.
ii. This pop-up would generally contain the messages “At least one signature has problems” and “Signature Panel”.
iii. Digital signature can be validated by clicking on the signature box, which has message “validity unknown” with a “?” stamp, generally appearing on the bottom right corner of the invoice.
iv. This pop up will not appear where the sender creates only an image of the digital signature instead of digitally signing the invoice or document. Such an invoice or document will not be a valid digitally signed invoice or document.
b. Document modification history
i. Once the signature box on digitally signed invoice or document is clicked, a window bearing title ‘signature validation status’ will appear to provide document modification history. This window will provide the information as to whether the document has been modified or not post signing of the document.
ii. A tab bearing the title “Signature Properties” shall also appear on the same window and this tab once clicked, a window bearing the title “Signature Properties” will appear.
c. Access to key information from the signature panel and acceptance of signer post verification of necessary particulars
i. The next step is to click “show signers’ certificate” option which appears on the “Signature Properties” window. By doing so, various tabs will provide key information about the signer, validity and authenticity of the digital signature certificate, details about the agency that has issued the digital certificate, details about the certificate granted to such issuing agency etc.
ii. After verifying various particulars (the name of the holder of the digital signature, the validity of the signature and details of issuance of the document) and being satisfied with the authenticity of the document, the Central Excise Officer may add the certificate in question to its list of trusted certificates by clicking the “trust” tab on the menu. By clicking ‘Add to trusted identities’ the signer gets added as a trusted source and the process of verification is thus complete.
4.0 Difficulty, if any, in implementation of the procedure may please be brought to the notice of the Board. Hindi version would follow.