Electronic and certificate-based digital signatures are common in Malaysia and are well accepted in the business community, especially for e-commerce. Malaysian law makes a distinction between electronic and digital signatures backed by certificates from trusted service providers but regards both as being just as admissible and enforceable as a “wet signature”, provided they meet the legal requirements for validity.
Electronic signatures are governed by the Electronic Commerce Act 2006. The ECA defines an electronic signature as “any letter, character, number, sound or any other symbol or any combination thereof created in an electronic form adopted by a person as a signature”.
In order to be recognized under the ECA, an electronic signature must:
Digital signatures are regulated by the Digital Signature Act (DSA) 1997. The DSA defines digital signatures as “a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer’s public key can accurately determine whether the transformation was created using the private key that corresponds to the signer’s public key, and whether the message had been altered since the transformation was made.”
A digital signature will be recognized under the DSA where:
All licensed certification authorities must hold a valid license issued under the DSA and can be found on the Malaysian List of Certification Authorities and Recognition.
Transacting with public sector entities
The Electronic Government Activities Act 2007 (EGAA), which complements the ECA, applies similar rules to the public sector. It provides for legal recognition of electronic messages in dealings between the Government and the public, and the use of electronic messages to fulfill legal requirements.
The EGAA provides that it is not mandatory for a person to use, provide or accept any electronic message in dealings with the Government unless the person consents to the using, providing or accepting of the electronic message. The requirements for electronic signatures under the EGAA mirror the requirements under the ECA.
Under the Prescription of Electronic Signature Order 2010 issued pursuant to the EGAA, the use of a pin number as an electronic signature fulfills the requirement of affixing a seal in an electronic message.
There are certain requirements to use digital signatures under the Government procurement regime. All individuals, companies or corporate bodies intending to participate in Government procurement are required to undergo a registration process. Registration is carried out through the ePerolehan (“eProcurement” in English) system, which requires the use of digital signatures, as highlighted on the excerpts from the circulars and guidelines issued by the Treasury:
Use cases that generally require a traditional signature
Although electronic and digital signatures are governed by Malaysian federal law, in some cases, state laws or industry-specific rules and guidelines may govern.
Under the ECA, the following documents cannot be signed or executed electronically:
Additionally, documents that require notarization or the affixing of a seal, may not be able to be signed electronically. However, where law requires a seal to be affixed to a document and the document is in the form of an electronic message, the document may be signed using a digital signature as defined under the DSA.
Disclaimer: Information on this page is intended to help businesses understand the legal framework of electronic signatures. However, Adobe cannot provide legal advice. You should consult an attorney regarding your specific legal questions. Laws and regulations change frequently, and this information may not be current or accurate. To the maximum extent permitted by law, Adobe provides this material on an "as-is" basis. Adobe disclaims and makes no representation or warranty of any kind with respect to this material, express, implied or statutory, including representations, guarantees or warranties of merchantability, fitness for a particular purpose, or accuracy.