Is a digital share register legally valid in Belgium?

Moving to an electronic share register is a logical step in the digitization of business, but is it legally conclusive? Yes, a fully-fledged electronic share register is legally possible and offers significant advantages, provided one follows the rules from the Code of Companies and Associations (CCA) and the royal decree implementing the CCA (RD/CCA) meticulously follows.

The legal context: the crucial distinction between 'digitally managed' and 'electronic'

Before we go over the requirements, it is essential to distinguish two concepts that often cause confusion in practice.

The digitally managed share register This is essentially a paper registry maintained using software. Although the tool simplifies administration, the legal reality remains analogous. To ensure opposability and probative value, the governing body must make a (digital) printout of the information and sign it. This signed version is the only official document. It is a modern tool, but not a legal replacement for the paper register.

The electronic share register The electronic register does represent a full legal alternative. From the formal changeover, this register becomes the only authentic source and the paper version loses its special probative value. The electronic register enjoys a legal presumption iuris tantum (a presumption to the contrary) of holding the effects. This definitively rules out discussions of conflicting physical versions.

The regulations: a detailed roadmap

The legal basis for the electronic register can be found in the CCA (for the BV, CV and NV in Articles 5:24, 6:24 and 7:28 WVV, respectively) and the detailed technical requirements in the RD/CCA.

Step 1: the formal decision of the governing body (CCA).

The first, indispensable step is a formal decision by the governing body to begin conducting the register (or registers for specific classes of securities) electronically. This decision must be in writing, either in minutes of the board meeting or by a unanimous written resolution of the directors.

Step 2: implementation according to the strict conditions (RD/CCA)

The RD/WVV imposes far-reaching formalities to ensure the accuracy and confidentiality of data:

• Preservation of historicity: When switching, the old, historical paper register must be physically kept at the company's headquarters. This document serves as proof of past transactions.
• Waterproof access control: This is the core of security. Only authorized individuals should be allowed access, and every transaction or consultation should be logged. The system must record who accessed what data, when and for what specific purpose.
• Strict identification: A user's identity verification must meet the confidence level "high" as defined in the European eIDAS Regulation. In the Belgian context, this is often filled in by identification methods such as Itsme.
• Verification of capacity: The system must verify not only the identity but also the capacity (the "role") of the user. For members of the governing body, this is done by verifying their mandate in the Crossroads Bank for Enterprises. For security holders, this is done on the basis of their entry in the register itself.
• Electronic operations: The CCA allows a transfer statement to be prepared electronically and signed with an ordinary, advanced or qualified electronic signature.
• Authorization and the 'trusted third party': The management of the register can be entrusted to an external service provider, the so-called "trusted third party. This party (e.g., an accountant, attorny or notary) is then subject to exactly the same legal obligations as the company itself.
• GDPR compliance: The company running the register is the data controller within the meaning of the GDPR. Any trusted third party acts as a processor. The RD/CCA explicitly emphasizes the duty of data security and incident management.

Legal analysis and interpretation

The strict regulations are no accident. The share register is the cornerstone of shareholders' rights. The legislature wanted to allow the undeniable advantages of digitization (efficiency, accessibility, fewer errors) only if legal security and data integrity are absolutely guaranteed.

A deeper analysis of the RD/CCA reveals an interesting technical nuance. The decree refers to Article 6 eIDAS Regulation for identification when perhaps the King should have referred to Article 8. The practical implication is that a strict reading of the current text limits the number of possible technology providers to those systems officially notified to the European Commission, such as Itsme.

In addition, the law creates a paradox: the paper register must be physically preserved, but at the same time loses its special evidential value. This confirms that the old registry is degrading into a mere historical record. The legal truth, after the changeover, resides exclusively in the electronic system. This underlines the risk of using a non-compliant platform: one imagines oneself to be digitized, but in reality does not have a legally valid register.

What this specifically means

• For the governing body: Your responsibility is threefold: making the formal decision to switch, performing thorough due diligence in choosing a software provider that offers all legal guarantees, and properly managing access rights.
• For the shareholder: You will have a secure and efficient way to exercise your rights. You are entitled to access the entire register as far as your own category of securities is concerned. A compliant electronic system guarantees that this right can be exercised in a controlled manner.
• For the external advisor (accountant, attorney, notary): You can be designated as a "trusted third party" by the company to manage the register. This streamlines processes such as the processing of share transfers, but also brings full responsibility for compliance.

Frequently asked questions (FAQ)

Is a share register in an online tool such as Excel or Google Sheets legally valid?
No. Such standard applications are merely "digitally managed" registries and absolutely do not suffice as full-fledged electronic registries. They lack the mandatory access control, the granular logging of every action, the eIDAS-compliant identification, and the capacity control required by the RD/CCA.

Who may access the electronic share register?
Access is strictly regulated. Members of the governing body have access to perform their management duties. Each security holder has access rights to the data of his or her class of securities. Finally, third parties, such as advisors, can gain access through authorization. Each access must be logged.

What happens to the registry in the event of bankruptcy or liquidation?
When the electronic register is discontinued, such as when the company is liquidated, a complete printout of the register signed by the governing body must be attached to the minutes of the decision to discontinue.

Conclusion

Moving to an electronic share register is a logical and valuable evolution that can significantly optimize a company's internal processes. However, the legal requirements, particularly in terms of security and traceability, are stringent and non-negotiable. The key to a successful and legally valid transition lies in choosing a technology partner that demonstrably and fully complies with the complex framework of the CCA and RD/CCA.