Many managers and board members are unaware that 95% of all legal transactions in Switzerland can be conducted electronically without any problems. Time and time again, we encounter chief financial officers who feel that 19th century techniques must be used to meet regulatory requirements. It is therefore astonishing how many companies still archive their scanned invoices, receipts, etc. in paper form – a completely unnecessary measure and thus a waste of money! Or even worse, electronic invoices are printed and archived in paper form! There is an urgent need for more education here. The KRM makes a significant contribution here by testing and certifying digitization solutions.
Digitization is perceived primarily in connection with changes to business models and the adaptation of companies. The associated discussions are mostly technical in nature and are also implemented in companies as part of technology projects. Many of the digitization developments taking place today were foreseeable for a long time and are also not new. Does the advance of digitization now also include the demand for a fundamental revision of today’s law? How should companies deal with this today?
There are two diametrically different developments here. Namely, our own (Swiss) landscape, still shaped by national laws, and the international world of Internet regulation, shaped by nationalistic interests (which we will not analyze further here). Nationally, an application of today’s legal rules to modern technologies is readily conceivable. Many of the new technologies that have become established in recent years in the context of Internet development are based on traditional contract models that were already regulated in Roman law (sales contract, contract for work, order, etc.). Or, to put it another way, most of the legal transactions that we conduct over the Internet conform to common patterns and can also be managed or controlled using these rules.
In addition to traditional contract law, special laws are applicable which are more closely related to technology. Particular mention should be made here of the Data Protection Act and the provisions on electronic archiving and retention (Business Records Ordinance). The Certification Services Act regulates the handling of electronic identities. The latter is a key function for ensuring trustworthy identities in e-commerce or e-government.
Most companies operate within the legal framework outlined above. But does digitization raise fundamentally new questions and how should management address them?
It is not the legal basis that changes, but the procedures, technologies and processes. Contractual relationships are established more quickly, confirmations are sent electronically, goods are only moved virtually, and the number of contractual partners is increasing. The classic 1:1 relationship is becoming the exception. Digitization thus means an increase in complexity. New technical possibilities (Big Data) also demand more careful handling of the “hot commodity” data. This has a direct impact on the care that the company must take. Example: The proof of the proper execution of a transaction is becoming more and more time-consuming. The same applies to the proof of proper data management. As a company, how can I know how my cloud provider is handling my data, or my customers’ data? How do I ensure that personal data is really deleted? How do I know which data is correct and reflects the will of the parties? How do I check the trustworthiness of the contract partner? How do I know that the archiving solution offered on the network meets the legal requirements?
Most of what we developed in the 1990s in the course of research work on electronic commerce is far from having arrived in practice. For example, automated legal transactions or automated contracts are still an exception. This has nothing to do with technology, but above all with the perception in the companies and in the willingness to adopt and implement new processes. Instead of introducing a modern process, the cumbersome route of outsourcing to a supposedly cheaper third country is often sought. This is a completely misguided approach, firstly because it inhibits innovation and secondly because it leads to much higher costs in the longer term.
So, as in many other areas, it is not the lack of a legal framework that is the problem, but the will of those affected to implement digitization consistently. Undoubtedly, it is important to understand the legal framework in which you are operating and where there are potential hurdles or risks.
There is a great need for assurance on the part of managers and board members: Are the procedures in place really set up correctly and do they comply with the law and contracts?
This is where the KRM makes an active contribution . Since 2016, we have been offering certification and testing for users. You can find more information here.