In the digital age, the adoption of electronic signatures in Malawi is gaining significant momentum. Offering a convenient and efficient alternative to traditional handwritten signatures, electronic signatures eliminate the need for physical presence, streamlining document execution across various sectors.
This growing trend is driven by rapid technological advancements and the increasing demand for more agile and cost-effective business processes. As individuals and organisations alike recognise the benefits, ranging from enhanced efficiency to improved legal compliance, the uptake of electronic signatures continues to rise across Malawi.
The widespread use of electronic signatures is reshaping how transactions are conducted, making them faster, more accessible, and secure. As Malawi’s digital infrastructure and regulatory frameworks continue to evolve, electronic signatures are poised to become a foundational element of the country’s commercial and legal practices.
Legal Framework Governing E-signatures in Malawi
In Malawi, electronic signatures’ legal recognition and regulation are primarily governed by the Electronic Transactions and Cyber Security Act (ETCSA) of 2016. This Act provides a comprehensive framework for electronic transactions and the security of electronic communications.
Electronic Signatures
Under Section 8 of the Electronic Transactions and Cyber Security Act, where a law requires a document to be signed, this requirement is satisfied if the document is signed using an electronic signature. For an electronic signature to be considered authentic and legally valid in Malawi, the following conditions must be met:
- The method used to create the electronic signature must be uniquely linked to the signatory and not attributable to any other person.
- At the time of signing, the method used must have been under the sole control of the signatory, used without coercion, duress, or undue influence.
- Any alteration to the electronic signature made after signing must be detectable.
The Act does not exclude or limit the legality of any other method of electronic signature that:
- Meets the above requirements;
- Complies with other applicable statutory provisions; or
- Is mutually agreed upon by parties in a contract.
Digital Signatures
The Act also expressly recognises the use and validity of digital signatures and digital certificates. According to Section 12(1), unless otherwise required by law, individuals are free to choose to use digital signatures, digital signature certificates, or any other mode of authentication.
Additionally, Section 10 provides that a person may sign an electronic record by:
- Affixing a personal digital signature; or
- Using any secure and verifiable mode of signing that is agreed upon by the parties or recognised by an industry as safe, reliable, and acceptable.
Malawi’s legal framework therefore, affirms the validity and enforceability of both electronic and digital signatures in contracts and other electronic records.
However, a person relying on a digital signature assumes the legal consequences of failure to:
- Take reasonable steps to verify the authenticity of the digital signature.
- Verify the validity of any supporting digital certificate; or
- Comply with any limitations attached to the certificate.
Digital Signature Certification Authorities
Under Section 12(2) of the Electronic Transactions and Cyber Security Act, the Malawi Communications Regulatory Authority (MACRA) may, by notice published in the Gazette, approve:
- Specific types of digital signatures,
- Certification authorities that issue digital certificates, and
- The authentication of foreign information security service providers,
for use by the public. MACRA, as the regulatory authority, is tasked with ensuring that all approved digital certificates align with international best practices and standards.
In accordance with Section 49 of the Act, any person who relies on a digital signature is deemed to have relied on a valid certificate containing the public key necessary to verify that digital signature.
Liability of Certification Authorities
The Act imposes strict liability on certification authorities for damages suffered by individuals who reasonably rely on a digital certificate issued by them, where:
- All or part of the information contained in the digital certificate at the time of issuance was incorrect;
- Required data for the certificate to qualify as a valid digital certificate was incomplete;
- The certificate was issued without proper verification that the signatory was entitled to receive it; or
- The certification authority failed to register the revocation of a digital certificate or failed to make revocation information available to third parties.
These provisions underscore the importance of accuracy, due diligence, and transparency by certification authorities, reinforcing trust in digital signatures within Malawi’s legal and technological ecosystem.
Disclaimer
The information on this site is for general information purposes only and is not intended to serve as legal advice. Laws governing the subject matter may change quickly, so Flowmono cannot guarantee that all the information on this site is current or correct. Should you have specific legal questions about any of the information on this site, you should consult with a legal practitioner in your area.
Resources
- https://www.ritzattorneys.com/legal-guides/e-signatures-and-digital-signatures-in-electronic-transactions-under-the-electronic-transactions-and-cyber-security-act-malawi/
- Electronic Signatures in Malawi
