- 1 Decree No.15-CP of Government, relating to duties, powers and responsibilities for State Mangement of Ministries, ministerial Agencies.
- 2 Decision No. 44/2002/QD-TTg, on the use of electronic vouchers as accounting documents for capital accounting and settlement by payment service-providing organizations, promulgated by the Prime Minister of Government
- 3 Ordinance No. 30/2000/PL-UBTVQH10 of December 28, 2000 on state secrets protection
- 4 Law No. 06/1997/QH10 of December 12, 1997 on The State Bank of Vietnam
THE STATE BANK | Socialist republic of Vietnam |
No.349/2002/QD-NHNN | Hanoi, 17 April 17th, 2002 |
THE GOVERNOR OF THE STATE BANK
- Pursuant to the Law on the State Bank of Vietnam No. 01/1997/QH10 dated 12 December, 1997;
- Pursuant to the Ordinance on the protection of the State secrets dated 28 December, 1997;
- Pursuant to the Decree No. 15/CP dated 2 March, 1993 of the Government providing for the assignment, authority and responsibility for the State management of the Ministries and ministerial-level agencies;
- Pursuant to the Decision No. 135/1999/QD-TTg dated 2 June, 1999 of the Prime Minister on the List of the State secrets in the banking area;
- Pursuant to the Decision No. 44/2002/QD-TTg dated 21 March, 2002 of the Prime Minister on the use of electronic vouchers as accounting vouchers for the accounting and payment of funds by payment service suppliers;
- Upon the proposal of the Director of the Banking Information Technology Department,
DECIDES
Article 2. This Decision shall be effective after 15 days from the date of signing.
...
...
...
ON THE SETTING UP, ISSUANCE, MANAGEMENT AND USE OF SECRECY CODE IN THE INTER-BANK ELECTRONIC PAYMENT SYSTEM
(issued in conjunction with the Decision No. 349/2002/QD-NHNN of April 17th, 2002 of the Governor of the State Bank of Vietnam)
Secrecy code includes 2 types:
1. Secrecy code for approval competence (referred to as approval secrecy code).
2. Secrecy code for the preparation of payment order and internal control (referred to as internal secrecy code).
...
...
...
ii. setting up, issuance and management of secrecy code
Article 4. The competence for the issuance and management of secrecy code
1. The Director of the Banking Information Technology Department shall be responsible for the setting up, issuance and management of approval secrecy code.
2. Heads of members and member units shall be responsible for the setting up, issuance and management of internal secrecy code.
Article 5. Subjects to be granted secrecy code
1. In respect of approval secrecy code
a. The Directors, Deputy Directors who are responsible for Accounting, the Head of Payment Accounting Division or persons who are authorized to verify electronic vouchers at the Banking Operation Department, the State Bank branches participating in the inter-bank electronic payment.
b. The General Director (Director) or person who is authorised to verify electronic vouchers in the inter-bank electronic payment system at members and member units which are not in the State Bank system.
2. In respect of internal secrecy code
...
...
...
Article 6. The issuance and management of secrecy code
1. The issuance and management of secrecy code shall be performed in accordance with the informatic program that is installed by the State Bank in a special computer and located at the secrecy code issuing and managing unit. The operation of this informatic program shall be in compliance with provisions in the technical Process on the operation of the inter-bank electronic payment system guided by the Banking Information Technology Department.
2. The Director of the Information Technology Department or any person who is authorised by the Director of the Information Technology Department shall perform the procedure for the issuance of the approval secrecy code to individuals being subjects to be issued the code in accordance with the List requested by members and member units.
3. Heads of members and member units or any person who is authorized by Heads of members and member units shall perform the procedure for the issuance of the internal secrecy code to officers who are assigned to draw payment order and carry out internal control.
Article 7. The setting up of secrecy code shall be in compliance with following provisions:
1. Computers, printers and other technical equipments serving for the setting up of the secrecy code shall be installed in a safe place, strictly managed and specially used to secure good and safe condition of technique;
2. To strictly comply with the process on the setting up of secrecy code as provided for in the technical process on the operation of the inter-bank electronic payment system guided by the Banking Information Technology Department;
3. Secrecy code must be registered in the Book for monitoring secrecy codes, this monitoring book shall be directly kept by the Head of or a person authorized by the Head of the secrecy code issuing unit and preserved in accordance with the regime on secret documents. The monitoring book shall be stated fully with all elements relating to secrecy code such as: unit code, user code, user name, date of issue, expected date of expiry, effective date.
4. During the usage and preservation process, secrecy code shall be saved in floppy disc or CDROM. The management of these information carriers shall be in compliance with provisions stated in Article 9 of this Regulation.
...
...
...
iii. delivery and receipt, transport, preservation of secrecy code
1. Modes of delivery and receipt, transport of secrecy code:
- Delivery and receipt through the computer network in the secrecy form;
- Direct delivery and receipt;
- Delivery and receipt through secret official dispatch.
2. The delivery and receipt of secrecy code through the computer network in the secrecy form shall be performed in accordance with provisions in the technical Process on the operation of the inter-bank electronic payment system guided by the Banking Information Technology Department.
3. All cases of direct delivery and receipt of secrecy code between the setter, archivist, granted person and other subjects shall be registered in the book, signed between two parties at their office in accordance with provisions.
4. Upon delivery and receipt of secrecy code through the secret letter: The Banking Information Technology Department, members and member units must state in the book "Out-coming secrecy codes" for monitoring and reconciliation and make following procedures:
...
...
...
- The preparation of the secrecy code note: State (pint) clearly number and symbol of secrecy code, name of receiver. The secrecy code note must be sealed stating the degree of secrecy, urgency in accordance with provisions on secret documents.
- The preparation of sending note: State clearly date, hour, name of receiver of the secrecy code note.
- The management of envelopes: The secrecy code note must be delivered in a separate envelope, separate from any conventional documents; envelopes must be made of tough, water resistant, non-transparent paper; envelope is folded through an oblique knot, glue must be sticky, difficult to open. The secrecy code note shall be contained in two envelopes for sending.
Inner envelope: shall contain only the secrecy code note; shall be tightly stuck and sealed up. Name of the receiver on the envelope shall be clearly stated and seal with the words "Top secret" and the words "to be opened only by the person whose name is stated on the envelope".
Outer envelope: shall contain the inner envelope and the sending note. Statements on the envelope shall be made as in case of conventional documents and sealed with the letter "B" in bold; the words "Top secret" is not to be put on the envelop.
The Banking Information Technology Department, members and member units shall be responsible for monitoring, verification and reconciliation with units or individuals that receive the code to avoid any loss and error.
b. In case of receipt of secrecy code note
The incoming secrecy code note shall be recorded in the book "Incoming top secret documents" by the confidential archivist for monitoring and immediately be reported to the Head of unit before transferring to the individual who is granted (given). Upon receipt of the secrecy code note, the receiver shall sign for confirmation on the note and transfer to the archivist for making procedure of the return of the note and send to the Information Technology Department right in the working day.
...
...
...
2. In case where secrecy code is not used or has not been used, it must be kept, preserved carefully in the trunk, cabinet locked solidly and located in the office where the administrative security and technical environmental conditions are ensured (temperature, humidity, etc).
iv. responsibilities of a person who issues the secrecy code
article 10. Responsibilities of the Banking Information Technology Department
Upon the receipt of a request for the suspension, change or a report on unsafe usage of secrecy code, the Director of the Banking Information Technology Department or an authorized person shall, depending on each case, carry out following works:
1. To use measures of informatic technique for:
a. Suspending the use and canceling approval secrecy code.
b. Re-granting a new approval secrecy code (if required)
2. To notify related units and individuals of any change, suspension or new issuance of secrecy code for their knowledge and implementation.
Article 11. Responsibilities of members and member units.
...
...
...
1. In respect of approval secrecy code
a. To use measures of informatic technique for:
- Suspending and revoking secrecy code.
b. To immediately notify the Banking Information Technology Department.
c. To cancel the use right of software of this controller at the unit and notify the Banking Information Technology Department in writing.
2. In respect of internal secrecy code
To use measures of infomatic technique for:
a. Suspending the use and canceling the use right of the inter-bank electronic payment software of the manager using secrecy code.
b. Canceling the old secrecy code, re-granting a new secrecy code.
...
...
...
Screen of computer, keyboard and equipments for the use of secrecy code shall be located, arranged in a hidden place to prevent others from seeing symbols of code and manipulations in the using process.
vi. Suspense of usage, revocation and change of secrecy code
article 16. Secrecy code shall be suspended, cancelled and changed in following cases:
1. Secrecy code that has been notified to be lost, exposed or in suspicion of exposition;
2. Secrecy code that has errors due to technical elements.
...
...
...
Article 17. Revocation of secrecy code
Secrecy code shall be revoked and cancelled in case where the person who is granted the secrecy code moves to another work or is forced to stop using the inter-bank electronic payment system.
vii. Violation and dealing with violation
article 19. Violating behaviors.
1. Causing loss or exposition of secrecy code.
2. Looking for a way to decode, appropriate, purchase, reveal, copy and cancel secrecy code illegally.
3. Using secrecy code contrary to applicable provisions or abusing it to embezzle the State's property.
4. Abusing the protection of secrecy code to conceal violating behaviors of applicable laws.
...
...
...
Article 20. Dealing with violations
Any violating behavior of the Regulation on the setting up, issuance, management and use of secrecy code in the inter-bank electronic payment system shall, depending on the nature, seriousness of violation, be subject to the administrative punishment or prosecuted for criminal liability and responsible for material compensation for occurring damages in accordance with provisions of applicable laws.
article 21. The Director of the Banking Information Technology Department shall be responsible for:
1. Managing the setting up, issuance, change and providing guidance of the use of approval secrecy code in the inter-bank electronic payment system.
2. Providing the guidance and examining the implementation of the Regulation on the setting up, issuance, use and management of secrecy code in the inter-bank electronic payment system.
1. Managing the setting up, issuance, change and providing guidance on the use of internal secrecy code in the inter-bank electronic payment system.
2. Managing and supervising the use of secrecy code at their unit in accordance with provisions of this Regulation.
...
...
...
- 1 Decision No. 1571/2005/QD-NHNN of October 31, 2005, on the amendment, supplement of several articles of the regulation on inter-bank electronic payment issued in conjunction with the Decision No. 309/2002/QD-NHNN dated 9 April 2002 of the Governor of the State Bank
- 2 Ordinance No. 30/2000/PL-UBTVQH10 of December 28, 2000 on state secrets protection
- 3 Law No. 06/1997/QH10 of December 12, 1997 on The State Bank of Vietnam
- 4 Decree No.15-CP of Government, relating to duties, powers and responsibilities for State Mangement of Ministries, ministerial Agencies.
- 1 Decision No. 1571/2005/QD-NHNN of October 31, 2005, on the amendment, supplement of several articles of the regulation on inter-bank electronic payment issued in conjunction with the Decision No. 309/2002/QD-NHNN dated 9 April 2002 of the Governor of the State Bank
- 2 Directive No. 02/2004/CT-NHNN of February 6, 2004, on the enhancement of prudence work in the inter-bank electronic payment operation