QES Requirements for Notaries and Legal Professionals

Navigating Qualified Electronic Signature (QES) requirements can be complex. Perhaps your chamber of notaries mentioned it during a digital transformation seminar, or you’ve discovered that certain legal proceedings now require “eIDAS-compliant qualified signatures.”

QES isn’t just another digital signature option—it’s the only electronic signature type with the same legal value as a handwritten signature under European law. This guide demystifies QES requirements specifically for notaries and legal professionals.

Table of Contents

  1. Understanding QES: The Digital Equivalent of Handwritten Signatures
  2. Legal Framework and Recognition
  3. What Makes a Signature “Qualified”? The Three Components
  4. Mandatory Use Cases for Legal Professionals
  5. Implementation Requirements for Legal Practices
  6. Compliance and Best Practices
  7. Advantages for Notaries and Legal Professionals
  8. QES in the Notarial Sector: Real-World Implementation
  9. Implementing QES: Practical Steps
  10. Key Takeaways
  11. Frequently Asked Questions

Understanding QES: The Digital Equivalent of Handwritten Signatures

Qualified Electronic Signatures (QES) represent the highest level of electronic signature under the eIDAS regulation, offering the same legal value as a traditional handwritten signature. Article 25, Paragraph 2 of the eIDAS Regulation stipulates that the qualified electronic signature has the same legal effect as a handwritten signature.

The Legal Definition

According to eIDAS Regulation Article 3.12, a QES is:
“An advanced electronic signature created by a qualified electronic signature creation device and based on a qualified certificate for electronic signatures.”
This translates to three critical components: a qualified certificate from a QTSP, rigorous identity verification, and use of a qualified signature creation device (QSCD).

Why QES Matters for Legal Practice

QES provides legal certainty (cannot be rejected by courts solely because electronic), cross-border recognition (automatically recognized in all EU Member States), non-repudiation (cryptographic proof prevents denial), maximum evidential value (burden of proof shifts to challenger), and regulatory compliance (meets highest standards).
Key Distinction for Legal Professionals: While simple and advanced electronic signatures are recognized under eIDAS, only QES provides automatic legal equivalence to handwritten signatures. For notaries, this distinction is critical—the legal weight of your signature must be unquestionable.

Legal Framework and Recognition

The legal foundation for QES rests on the eIDAS Regulation (EU) No 910/2014, which harmonizes electronic signature standards across Europe.

The eIDAS Regulation

The regulation entered into force on July 1, 2016, establishing three signature levels (Simple, Advanced, Qualified), mandatory cross-border recognition (QES accepted across all EU member states), legal equivalence principle (QES = handwritten signature), and supervision (only certified QTSPs can issue qualified certificates).

Specific Provisions for Legal Practice

Article 25(2) states:
“A qualified electronic signature shall have the equivalent legal effect of a handwritten signature.”
What this means in practice: Courts cannot reject QES merely because it’s electronic, burden of proof shifts (challenger must prove invalidity), no additional authentication required beyond QES itself, and QES satisfies legal written form requirements in most jurisdictions.

Important Limitations

While QES enjoys broad recognition, certain limitations exist. Some jurisdictions require physical presence for certain notarial acts, handwritten signatures for employment termination, or traditional signatures for family law documents and testamentary instruments.
Professional Guidance: A trusted lawyer should always be consulted when determining whether QES is appropriate for specific document types. Rules vary by jurisdiction and document type.

Real-World Legal Recognition

In Belgium, digital signing is firmly embedded in notarial practice. In 2024 alone, over 85,000 notarial deeds were signed using QES through the Belgian federation of notaries (FedNot).

What Makes a Signature “Qualified”? The Three Components

To achieve qualified status under eIDAS, a signature must incorporate three essential components.

1. Qualified Certificate from a QTSP

The signature must be based on a qualified electronic signature certificate from an authorized organization.

What is a QTSP?

A Qualified Trust Service Provider (QTSP) is an organization authorized by a national supervisory authority to provide qualified trust services:
  • Compliance Assessment: Independent auditors verify adherence to eIDAS requirements
  • Supervisory Approval: National authorities grant qualified status
  • EU Trust List: All QTSPs published on EU Trust List
  • Continuous Monitoring: Regular audits ensure ongoing compliance

Examples of QTSPs for Legal Professionals

Common providers include Deutsche Telekom, Deutsche Post, D-Trust (Germany), A-Trust (Austria), Swisscom Trust Services (Switzerland), itsme (Belgium – widely used by notaries), Evrotrust (Bulgaria – pan-European), and Adacom (Greece).

2. Identity Verification Process

QTSPs require thorough verification before issuing a qualified certificate through various methods:

Video Identification

Most common for remote verification: live video call with QTSP agent, presentation of valid government ID, document verification and liveness detection. Typically takes 5-10 minutes.

In-Person Verification

Physical appearance at registration authority with presentation of original identity documents and face-to-face verification by trained staff.

eID-Based Verification

Use of government-issued electronic identity cards with authentication through national eID infrastructure providing instant verification.
For Legal Professionals: The online identification requires a valid ID document, computer, and cell phone. Once verified, subsequent signatures are instantaneous—rigorous verification is a one-time process.

3. Qualified Signature Creation Device (QSCD)

The QES must be produced within a Qualified Signature Creation Device, which protects the digital certificate and ensures the signature cannot be altered or used fraudulently.

QSCD Requirements & Types

A QSCD must meet strict security standards including sole control, secure key generation, protection against duplication, and tamper resistance. Common implementations include hardware tokens (USB devices), cloud-based QSCDs with secure infrastructure, mobile devices with secure elements (e.g., itsme app), and enterprise-grade Hardware Security Modules (HSMs).

Implementation Example: Belgian Notaries

The Royal Dutch Association of Civil-law Notaries (KNB) partnered with itsme to develop a unified solution for digital identification and QES. The collaboration ensures secure QES-based signing through the Digital Passing Room (DOBV), developed in-house to ensure sensitive documents remain within the KNB environment.

Mandatory Use Cases for Legal Professionals

Understanding when QES is required versus recommended is crucial. In principle, QES should be used if there is a legal or contractual written form requirement or high liability risk.

Documents Requiring QES

Notarial and Legal Documents

Remote notarial authentic acts, real estate transactions (property purchase agreements, title transfers), corporate documents (articles of incorporation, board resolutions), power of attorney documents, and financial agreements (loan agreements, mortgage documents).

Public Procurement and Government

Responses to public tender offers (mandatory in many EU countries), government contract submissions, and regulatory filings to business registers.

Scenario: Cross-Border Real Estate Transaction

Situation: A Belgian notary facilitates a property purchase where the buyer is an Italian citizen residing in Spain, purchasing property in Belgium. Pre-QES Challenges:
  • Buyer must travel to Belgium for signature
  • Weeks of delay and hundreds of euros in costs
  • Legal uncertainty about cross-border validity
With QES Solution:
  • Notary uses QES from Belgian QTSP
  • Buyer uses QES from any EU QTSP
  • Both signatures legally recognized across EU
  • Transaction completed remotely same day
  • Complete audit trail for compliance

When QES is Recommended but Not Mandatory

Beyond legally required scenarios, QES should be used for high-value contracts, long-term agreements, cross-border transactions between parties in different EU countries, and litigation-prone areas where documents are likely to be contested.

Implementation Requirements for Legal Practices

Selecting a Qualified Trust Service Provider

Evaluation Criteria

When selecting a QTSP, consider: EU Trust List verification, geographic coverage for clients’ locations, integration options with practice management systems, user experience for clients, cost structure (per-signature vs. subscription), and sector experience with legal and notarial sectors.

Document Integrity and Verification

QES protects document integrity, ensuring any tampering is immediately detected. Modifications after signing will break the integrity of existing signatures. Verification tools include DSS Validation Tool (EU’s online tool), Adobe Acrobat (built-in verification with EU Trust List integration), national validation services (country-specific platforms), and QTSP portals (provider-specific verification services). The verification displays “Qualification: QESig” to indicate qualified status.
Best Practice for Legal Professionals: Always verify QES signatures on documents you receive before proceeding with legal actions. Verification confirms signature validity and that the document hasn’t been altered—critical for maintaining chain of custody.

Compliance and Best Practices

GDPR and Data Protection

QES providers must comply with GDPR and ensure sensitive data is stored securely. For notaries handling sensitive client information, this compliance is non-negotiable. Key considerations include data minimization (only collect necessary identity data), secure storage (all biometric and identity data encrypted), clear retention policies, mechanisms for client data access/correction/deletion, and EU-based cloud providers for data sovereignty.

Cross-Border Recognition

QES is recognized across all EU member states under eIDAS, enabling seamless cross-border transactions. To ensure validity: always verify QTSP appears on EU Trust List, ensure certificates are qualified (not just advanced), and include qualified timestamps for time-sensitive documents.

Security Best Practices

Recommended Security Measures

Choose eIDAS 2.0 compliant providers (GDPR, DORA, NIS2, PSD3), integrate end-to-end digital workflows (security strongest when part of consistent process), ensure clear identity ownership (high-assurance digital identity methods), implement multi-factor authentication, and conduct regular security audits of QES implementation.

Advantages for Notaries and Legal Professionals

Enhanced Security and Non-Repudiation

QES guarantees non-repudiation—the signature can be definitively linked to the individual who signed. Because QES is protected through encrypted codes and trusted devices, forgery is virtually impossible.

Security Features

  • Cryptographic Binding: Mathematical link between signer, document, timestamp
  • Tamper Evidence: Any document modification invalidates signature
  • Identity Assurance: Verified identity linked to every signature
  • Audit Trail: Complete record of who signed what, when, where

Time and Cost Savings

Factor Traditional Process With QES
Document Execution Time 3-7 days (local) 7-14 days (international) Same day (minutes)
Cost per Transaction €15-50 (printing, courier) €5-15 (QES signature)
Client Convenience Office visit required Remote signing from anywhere
Storage Physical + digitization costs Digital (minimal cost)
Retrieval Time Minutes to hours Instant

Enhanced Client Experience

Clients benefit from convenience (sign from anywhere), speed (complete transactions in minutes), accessibility (services available to international clients), and higher security assurance than physical signatures.

QES in the Notarial Sector: Real-World Implementation

Belgian Notaries: A Success Story

In Belgium, over 85,000 notarial deeds were signed using itsme’s QES in 2024 through the Belgian federation of notaries (FedNot) via Nitro.

Implementation Approach

The Royal Dutch Association (KNB) developed comprehensive strategy: partnered with itsme (identity provider) and Entrust (signature platform), created Digital Passing Room (DOBV) for secure document handling, ensured all data remains within KNB infrastructure, and provided extensive training for member notaries.

Netherlands: Preparing for eIDAS 2.0

KNB is preparing for eIDAS 2.0, which will introduce digital wallets enabling individuals to securely store and manage identification, signatures, and authorizations on mobile devices.

Implementing QES: Practical Steps

Step 1: Research Qualified Trust Service Providers

Identify QTSPs meeting your jurisdiction’s requirements and listed on the EU Trust List. Verify QTSP appears on official EU Trust List (webgate.ec.europa.eu/tl-browser), confirm qualified signatures offered, check geographic coverage, review integration options, compare pricing, and assess user experience.

Step 2: Complete Identity Verification

Prepare valid government ID (passport or national ID card), devices (computer/tablet with webcam and smartphone), allocate 10-15 minutes for initial verification, and have practice registration details ready.

Step 3: Obtain Qualified Certificate

Choose certificate option: personal certificate for individual capacity, professional certificate for notarial/professional capacity, or organizational seal for firm-level signatures.

Step 4: Integrate with Practice Management

Consider API availability, platform compatibility with existing software, workflow automation for signature routing, and archive integration for automatic storage of signed documents.

Step 5: Develop Internal Protocols

Establish document classification (which require QES), preparation standards (formatting before signing), client communication (explaining process), verification procedures, and archiving policy for long-term storage.

Step 6: Train Staff

Cover eIDAS regulation basics and QES principles, technical operation of platform, client onboarding and support, troubleshooting common issues, and security and data protection.
Timeline Expectation: From decision to full implementation, expect 4-8 weeks for small practices and 3-6 months for larger organizations. Initial setup requires planning, but ongoing operations become seamless once established.

Key Takeaways

  • QES is legally equivalent to handwritten signatures: Article 25(2) of eIDAS establishes that qualified electronic signatures have the same legal effect as handwritten signatures in all EU member states.
  • Three essential components define QES: Qualified certificate from certified QTSP, rigorous identity verification meeting eIDAS standards, and use of QSCD protecting cryptographic keys.
  • Mandatory cross-border recognition: QES created in any EU member state must be recognized as legally valid in all others, eliminating barriers for cross-border transactions.
  • Specific use cases require QES: Remote notarial acts, public procurement, real estate transactions, high-value financial agreements, and government filings often mandate qualified signatures.
  • Identity verification is rigorous but one-time: Initial verification takes 5-15 minutes, but subsequent signatures are instantaneous.
  • QES provides superior security: Cryptographic binding, tamper evidence, and verified identity make QES virtually impossible to forge, with complete audit trails guaranteeing non-repudiation.
  • Real-world adoption demonstrates viability: Over 85,000 notarial deeds signed with QES in Belgium during 2024 proves successful digitalization.
  • Implementation requires strategic planning: Successful QES adoption involves selecting QTSPs, integrating with practice systems, developing protocols, and training staff—typically 4-8 weeks for small practices.
  • GDPR compliance is essential: QES providers must ensure data protection, secure storage, clear retention policies, and respect for client data rights.
  • eIDAS 2.0 brings digital wallets: By 2026, European Digital Identity Wallets will enable citizens to create qualified signatures from mobile devices.
  • Long-term viability is assured: QES is designed for long-term validation with algorithm agility and archival format support—essential for legal documents requiring decades of enforceability.

Frequently Asked Questions

What is the difference between QES and other electronic signatures?

eIDAS defines three levels. Simple (SES) are basic acceptance mechanisms. Advanced (AES) add cryptographic security. Qualified (QES) meet highest standards and are legally equivalent to handwritten signatures. Only QES provides automatic legal equivalence.

Can notaries use QES for all types of notarial acts?

While QES is legally equivalent to handwritten signatures under eIDAS, some jurisdictions maintain specific requirements for certain acts. Remote notarial authentic acts are increasingly permitted with QES. However, some acts may require physical presence. Consult your national chamber for jurisdiction-specific guidance.

How long does the identity verification process take?

Initial identity verification typically takes 5-15 minutes involving video identification with QTSP agent and valid ID presentation. This is a one-time process—once verified, all subsequent signatures are instantaneous.

What happens if a QTSP loses its qualified status?

Signatures created before the loss remain valid—qualified status at time of signing is what matters. However, new signatures cannot be created as qualified until provider regains status. This is why working with established QTSPs is important.

Can QES be used for international transactions outside the EU?

QES is primarily recognized within EU and EEA countries under eIDAS. For transactions with parties in non-EU countries, recognition depends on destination country’s laws. Some countries (like UK post-Brexit) maintain eIDAS compatibility. For international practice, verify destination jurisdiction’s requirements.

How much does QES cost for a notary or legal practice?

Subscription services typically charge €25-100/month. Pay-per-use services charge €5-15 per signature with no monthly fees—more economical for occasional users. Enterprise solutions for larger practices may have custom pricing.

What is a QSCD and why is it required?

A Qualified Signature Creation Device (QSCD) is a secure device protecting your cryptographic signing keys. QSCDs meet strict security requirements including protection against key duplication, tamper resistance, and secure key generation. Common implementations include hardware tokens, cloud-based HSMs, or mobile apps with secure elements. The QSCD ensures only you can create signatures with your certificate.

How do clients verify that my QES is legitimate?

QES verification is built into standard software. When clients open documents with your QES in Adobe Acrobat or PDF readers, software automatically checks the EU Trust List to verify your QTSP’s qualified status and validates cryptographic signature. Verification confirms: signature from legitimate QTSP, your identity at signing, document hasn’t been altered, and signature was created with valid certificate.

Can I create QES signatures myself or must I use a QTSP?

Unlike simple or advanced signatures, QES specifically requires partnership with a QTSP. This is intentional—qualified status depends on: verified identity by certified authority, qualified certificates meeting eIDAS standards, and use of certified QSCDs. You cannot achieve qualified status with self-issued certificates. Platforms like QES-Sign simplify QTSP access.

What about long-term validity of QES signatures?

QES signatures are designed for long-term validation—essential for legal documents needing enforceability for decades. QES implementations include: qualified timestamps proving when signature was created, long-term validation data embedded in document, archive timestamps that can be refreshed as technology evolves, and archival formats like PDF/A designed for preservation.

How does QES protect against fraud and repudiation?

QES provides strongest anti-fraud protection through: verified identity ensuring certificate holder is who they claim, sole control of QSCD preventing unauthorized use, cryptographic binding mathematically linking signature to document and signer, tamper detection making any alteration immediately visible, and complete audit trail documenting every event. This makes non-repudiation virtually certain.

What preparation do clients need to use QES?

Client preparation is minimal. For first-time signers: valid government ID, device with camera and internet for video verification, 10-15 minutes for verification, and email address or phone. For subsequent signatures: receive signature request, authenticate (often via mobile app), review document, and sign—typically under 2 minutes. No software installation required.

Ready to Implement QES in Your Legal Practice?

QES-Sign provides access to three certified QTSPs (itsme, Evrotrust, Adacom) covering 68 countries worldwide. Create qualified electronic signatures with full eIDAS compliance starting at €5 per signature—no subscription required, no commitment, credits never expire. Start Creating Qualified Signatures Today →
Type to search

Shopping cart

0
image/svg+xml

No products in the cart.

Continue Shopping