Notifications to FICORA – Electronic identification and trust services

Service providers that are based in Finland and provide strong electronic identification or qualified certificates have to submit a written notification to FICORA before commencing their activities. Based on the notification, FICORA assesses whether the service meets the requirements laid down by law and decides whether it will allow the operations of the identification service provider or certification authority.

The contents of the notification are specified in a regulation and the related explanatory notes issued by FICORA.

Regulation On obligation of identification service providers and certification authorities providing qualified certificates to the public to submit notifications to FICORA

Explanatory notes to the regulation

An identification service provider must pay FICORA a registration fee of EUR 5,000 and an annual supervision fee of EUR 12,000. A certification service provider offering qualified certificates must pay FICORA an annual supervision fee of EUR 40,000.

Notifications of changes and disturbances

Identification service providers and certification authorities providing qualified certificates must:

  • notify FICORA of any changes to the information included in the notification of commencing operations;
  • provide FICORA with an annual report detailing the extent of their operations;
  • notify FICORA of any significant threats or disturbances concerning the information security of their services and of the measures taken in response.

If necessary, FICORA may request a service provider to give further details on the changes and disturbances. FICORA can also order a service provider to fix the detected defects.

FICORA has issued further provisions on the contents and submission of notifications of operational changes, annual reports and disturbance notifications by a regulation and the related explanatory notes.

Regulation On obligation of identification service providers and certification authorities providing qualified certificates to the public to submit notifications to FICORA

Explanatory notes to the regulation

Key words: Information security , Data protection

Updated 29.08.2016

LinkedIn Print

logo

The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

Itämerenkatu 3 A

P.O. Box 313

FI-00180 HELSINKI


Media contacts by telephone +358 295 390 248