- New MOR & MPR come into effect 12 April 2021
- Cybersecurity training now mandatory for all ELN users
- Updates around digital VOI and interoperability notably absent from new versions
The Australian Registrars’ National Electronic Conveyancing Council (ARNECC) has published Version 6 of both their Model Operating Requirements (MOR) and Model Participation Rules (MPR), with an announcement that they will come into effect from 12 April 2021.
ARNECC, the body established to oversee and manage the regulatory framework for electronic conveyancing in Australia, had been consulting industry on Version 6 of the MOR & MPR since December 2019. Public consultation was temporarily halted in 2020, with a new draft version 6.1 released for public review in October 2020.
The MOR and MPR provide the basis for each state and territory’s operating and participation rules and determine the standards to which Electronic Lodgment Network Operators (ELNOs) and their subscribers must comply when operating within the eConveyancing landscape.
In Version 6 of the MPR, ELNO subscribers will now:
- Be required to ensure that all users have completed cybersecurity awareness training covering, as a minimum, secure use of the Electronic Lodgement Network (ELN), and for both users and employees, secure use of the Subscriber’s Systems and email and other electronic communication;
- No longer be required to re-verify the identity of a client every two years where they are acting under a current Client Authorisation and complied with the Verification of Identity (VOI) requirements in the MPR at the time the Client Authorisation was signed;
- Unless a signer is otherwise exempt, be required, before the initial allocation of a digital certificate to a signer, ensure a police clearance is obtained to ensure the signer has not been subject to a conviction of fraud or any other offence for dishonesty in connection with business, professional or commercial activities;
- Be able to use their business name as their system name, for other users to search and find them.
Notably, the VOI standard set out in the MPR has not been updated to facilitate digital VOI. Whilst not prohibited, it does not yet form part of the standard.
ARNECC’s current position on digital VOI is that “a Subscriber may make its own assessment as to whether digital VOI constitutes the taking of its own reasonable steps.”
Changes of note in the MOR include:
- ELNOs will be required to update their security policy to outline the cybersecurity awareness training requirements for subscriber users and employees and make available training resources with the intention that subscribers and users may understand their cybersecurity obligations;
- ELNOs will be required to accept the use of open digital certificates, which will become increasingly important as we move towards interoperability between ELNOs.
Despite this, interoperability is not otherwise dealt with in the new MOR, with ARNECC stating that Interoperability will be considered in future versions.
It is important to mention the new versions of the MOR & MPR take effect prospectively, and as such practitioners are not required to implement the required changes on transactions already in-flight, where valid signed Client Authorisations are held.