The Italian press have recently reported on the first case of fraud in Italy through the unlawful use of a digital signature.
According to reports, a Rome businessman discovered through a check carried out at the Chamber of Commerce in 2011 that all his company’s shares had been registered without his knowledge to a man by name of David Henry Antinucci, who in this way had become the sole member of the company and had also appointed himself sole director, with the authority to transfer the company’s headquarters.
With the appointment of the new sole director, the deeds of conveyance had been transmitted to the Chamber of Commerce via the Internet by an accountant’s office by means of the activation of an electronic smart card with a digital signature, which is obligatory for company communications with the Italian Register of companies. In this case the smart card had been registered in the Rome businessman’s name but had not been requested by him.
The probe conducted by the IT investigation section of the Special Telematic Fraud Unit of the Italian Financial and Tax Police has led to the identification of three suspects, including Antinucci, who now face prosecution for personation, false statements or proof given to the electronic signature authenticator regarding their own and other people’s identities and capacities in addition to forgery of public documents, private documents and electronic documents.
According to the investigation, Antinucci was aided and abetted in the fraud by the owner of a business consultancy firm who appears to have been a total tax evader for 16 years. The two men are alleged to have used a photocopy of the businessman’s ID card to activate two smart cards at a certification services agency after filling out the appropriate form.
The owner of the agency declared that he had had direct contact with the two men to issue the smart cards and that they had informed him that the businessman would not be present to sign the smart cards in person as he was abroad on business. The accountant who forwarded the requests to the Chamber of Commerce said he had worked in good faith on the documentation he had been sent by the owner of the agency and had not checked it further.
From what we read in the press, the judges are convinced that neither the agency owner nor the accountant are criminally involved in the scam, although they are guilty of carelessness when initiating the procedure.
However, the accountant has been reported for violation of the rules of discipline to his professional association for failing to verify the authenticity of the signatures which were not added in his presence when transferring the shares.
In the light of this reconstruction, we can say with some certainty that this case arouses a certain level of interest not only because of the novelty of the method apparently used for the fraud but also for the different positions of responsibility which emerge in relation to the various individuals involved in the case.
Yet another ruling correctly states the principle that a valid banking and financial contract requires a written procedure and consequently, if the contract is computerized, a digital signature.
As seen in the news reported by the Italian press, with ruling No 1503/2011, the Court of Reggio Emilia has declared a contract for the purchase of covered warrants null and void.
It seems that the investors had submitted purchase orders online, entering the web portal of the authorized intermediary using their authentication credentials and had then given their consent with a simple “click”.
The ruling stating that a digital signature is required for the validity of an online contract requiring the written form under penalty of nullity, can be supported, especially keeping in mind that Presidential Decree No 513 of November 10, 1997 was in force at the time.
In other words, this ruling should be contextualized in the light of the law in force at that time in order not to provoke hasty interpretations. In fact, if the same case was before the court today, we would need to keep in mind that the law has changed and that the regulatory provision applicable would now be that of art. 21 of the Digital Administration Code. Consequently, as we have stated in this blog on numerous occasions, an advanced electronic signature would be sufficient. In this respect, we would hope that a correct ruling confirming a provision which is constant regarding the acquisition of derivative financial instruments would not give rise to misleading interpretations.