Electronic Signature for Local Authorities in France: Implementation and Regulatory Framework

Why electronic signature has become indispensable for local authorities

The dematerialisation of administrative procedures is now a priority for town halls, departments, regions and local public bodies. Since the entry into force of Ordinance No. 2014-1329 of 6 November 2014 relating to remote deliberations of the deliberative bodies of local authorities, and even more so with the Action Publique 2022 programme led by the government, electronic signature for local authorities has become a strategic lever for modernisation. By 2026, nearly 87% of French regions have deployed at least one digital signature system according to SGMAP data, and the movement is now extending to municipalities with fewer than 3,500 inhabitants.

The generalisation of contract dematerialisation within local authorities — public contracts, partnership agreements, deliberations, orders — responds to a threefold logic: operational efficiency, legal security and the citizen requirement for transparency. This article guides you through the regulatory foundations, the applicable signature levels, concrete use cases and best practices to adopt for a successful digital transition.

A regulatory context undergoing consolidation

The European Directive on public procurement (2014/24/EU), transposed into French law by Decree No. 2016-360, requires the complete dematerialisation of public procurement procedures above €40,000 excluding VAT since 1 October 2018. In parallel, the eIDAS Regulation No. 910/2014 established a harmonised framework for mutual recognition of electronic signatures across all Member States, a foundation that the eIDAS 2.0 revision (EU Regulation 2024/1183, which entered into force in May 2024) strengthens further with the introduction of the European Digital Identity Wallet (EUDIW).

For local authorities, this concretely means that any act binding the legal entity — municipal order, public contract, delegation of public service agreement — can and should be capable of being signed electronically, provided the right level of signature is chosen according to the nature and risk of the act.

The three levels of electronic signature applicable to local authorities

The eIDAS Regulation distinguishes three levels of signature, the relevance of which varies according to the administrative act concerned.

Simple electronic signature (SES)

Simple electronic signature is the minimum level. It is based on electronic data attached to other data (a click accepting terms, a verified email address) without third-party certification requirement. It is suitable for acts with low legal risk: receipt confirmations, internal notices, common administrative forms. For a municipality, it can be used for managing online registrations or confirming administrative appointment confirmations.

Warning: simple signature offers only limited presumption of reliability and its enforceability in litigation can be contested. It is therefore unsuitable for contracts involving significant expenditure or acts subject to legality review.

Advanced electronic signature (AES)

Advanced signature is uniquely linked to the signatory, allows them to be identified, is created using data that the signatory can keep under their exclusive control, and is linked to the signed data in such a way as to detect any subsequent alteration. It is generally based on a digital certificate issued by a qualified trust service provider (QTSP) listed on the French trust list (Trust Service Status List – TSL).

For public contracts below threshold and inter-authority partnership agreements, advanced signature represents a good balance between security and operational fluidity. Many modern SaaS solutions, including Certyneo, allow deployment of this level with strong authentication (OTP SMS + document verification), without requiring physical keys.

Qualified electronic signature (QES)

Qualified signature is the highest level provided by eIDAS. It is mandatory based on a qualified certificate issued by an accredited QTSP, and is generally created using a qualified signature creation device (QSCD) — smart card, USB token or, since eIDAS 2.0, a qualified remote signature creation service. It benefits from a legal presumption of equivalence to handwritten signature in all Member States (Article 25(2) of the eIDAS Regulation).

This signature is recommended — even mandatory — for the most sensitive acts: delegations of signature from the mayor or president of a departmental council, large-scale public contracts, acts subject to prefectural legality review. The cost and implementation burden are higher, but the absolute legal security it provides makes it the undisputed standard for authorities managing a large volume of high-stakes contracts.

For a comparative view of solutions available on the market, Certyneo's comparison of electronic signature solutions will allow you to quickly evaluate offerings according to your budgetary and technical constraints.

Dematerialisation of contracts: which acts are concerned in practice?

Contract dematerialisation in municipalities and town halls covers a very wide range of administrative acts. Understanding which ones are priorities allows for a progressive and controlled rollout.

Public contracts and framework agreements

Since the Order of 22 March 2019 setting the conditions for making consultation documents available and communication between contracting authorities and economic operators, electronic signature is mandatory for formalised contracts (thresholds > €215,000 excluding VAT for supplies and services). The AAPC (Notice of Public Call for Competition), the General Specifications, the Technical Specifications and the Commitment Acts must be signed by the legal representative of the authority and by the contract holder.

The buyer profile (dematerialisation platform for public contracts) must be interoperable with signature tools. API integration with a solution like Certyneo allows for automation of document sending, signature collection and archiving with probative value in a digital safe deposit box compliant with NF Z 42-013.

Conventions and deliberations

Delegation of public service agreements (DSP), public domain occupation conventions, partnership agreements with associations or other legal entities, as well as deliberations of the municipal council or deliberative assembly can all be dematerialised. For the latter, Decree No. 2020-1407 of 18 November 2020 relaxed the conditions for remote meetings, opening the way to electronic signature of minutes.

Civil status documents and administrative orders

Danger orders, administrative police orders, planning documents (building permits, prior declarations) can also be electronically signed. The Department of Legal and Administrative Information (DILA) has developed the @ctes portal for the dematerialised transmission of acts subject to legality review to the prefecture, with integration of the mayor's or president's electronic signature.

If your authority also rolls out electronic signature in its HR processes — recruitment, contract amendments, training — the guide dedicated to electronic signature for HR will provide you with a precise reference framework.

Choosing and deploying a digital signature solution suited to public sector constraints

Local authorities face specific constraints that generic market solutions do not always integrate: hosting of data on national or European territory, compatibility with existing information systems (Berger-Levrault, Sedit Marianne, Civil Net...), management of authorisations by delegation, and traceability requirements for legal archiving.

Criteria for selecting a compliant solution

Several criteria should guide the choice:

• Provider qualification: the provider must be listed on the national trust list (French TSL published by ANSSI) or on the consolidated European list (EU Trusted Lists). eIDAS qualification is a non-negotiable minimum guarantee.
• Sovereign hosting: data processed by local authorities often falls under administrative secrecy or personal data under GDPR. Hosting certified HDS (Healthcare Data Hosting) or SecNumCloud qualified is strongly recommended for the most sensitive processing.
• Interoperability: the solution must integrate via REST API with customer relationship management systems (CRM), business software and public procurement platforms (AWS, Klekoon, e-Marchés publics...).
• Archiving with probative value: the signed document, accompanied by its metadata (qualified timestamp, certificate chain, verification report), must be archived in a system compliant with NF Z 42-013 or ISO 14721 (OAIS).
• Management of delegations and authorisations: a municipality must be able to configure signature workflows reflecting its internal delegations (delegation from mayor to DGA, joint signature of two elected officials, etc.).

Progressive implementation: the recommended method

DGFIP and AMF (Association of Mayors of France) recommend a three-phase approach: (1) audit of existing systems and mapping of acts to be dematerialised, (2) pilot on a limited scope (e.g. common supply contracts), (3) generalisation with training of staff and communication with external partners.

Certyneo's ROI calculator can help you quantify the expected return on investment based on the volume of contracts processed annually by your authority, taking into account printing, postage, physical storage and administrative management costs.

Finally, for authorities already equipped with an existing solution and wishing to migrate to a more effective platform, the Certyneo migration offer provides end-to-end support including data recovery and continuity of workflows in progress.

Legal framework applicable to electronic signature in local authorities

The electronic signature used by local authorities is part of a coherent regulatory stack that must be understood to secure each dematerialised act.

French Civil Code, Articles 1366 and 1367: Article 1366 provides that "electronic writing has the same probative force as writing on paper, provided that the person from whom it emanates can be properly identified and that it is established and preserved in conditions such as to guarantee its integrity." Article 1367, for its part, recognises the validity of electronic signature when it "consists of the use of a reliable identification procedure guaranteeing its link with the act to which it is attached", with a strengthened presumption of reliability when the qualified eIDAS signature is used.

eIDAS Regulation No. 910/2014 of the European Parliament and of the Council: This regulation, directly applicable in all Member States, defines the three levels of electronic signature (simple, advanced, qualified), establishes the requirements applicable to qualified trust service providers and guarantees cross-border recognition of qualified signatures (Article 25). The eIDAS 2.0 revision (EU Regulation 2024/1183) strengthens these provisions and introduces the European Digital Identity Wallet (EUDIW).

GDPR Regulation No. 2016/679: The processing of personal data of signatories (identity, contact details, possible biometric data) is subject to the principles of minimisation, purpose and security of the GDPR. Authorities must keep a register of processing and ensure that their provider acts as a data processor with a DPA (Data Processing Agreement) compliant with Article 28.

NIS2 Directive (EU 2022/2555): Transposed into French law by Law No. 2023-703 of 1 August 2023 and its implementing decrees, the NIS2 Directive imposes on public administrations — including authorities of significant size — strengthened requirements in terms of cybersecurity, notably the management of risks related to the digital supply chain. The signature provider must be able to document its security measures.

ETSI EN 319 132 and EN 319 122 Standards: These standards define the formats of advanced electronic signature (XAdES, CAdES, PAdES) accepted in public procurement. The PAdES-B-LTA format (PDF Advanced Electronic Signature with Long Term Archival) is particularly recommended for contractual documents to be retained for long periods.

Ordinance No. 2014-1329 and Decree No. 2020-1407: These texts govern remote deliberations and electronic signature of acts of the deliberative bodies of local authorities.

Legal risks in case of non-compliance: An act signed with an inappropriate signature level or by a non-qualified provider may be annulled by the administrative judge in case of litigation. Prefectural legality review may also reject acts transmitted via non-compliant channels. It is therefore essential that the Data Protection Officer (DPO) and the legal department of the authority validate the deployment framework before any production rollout.

Concrete use case scenarios in local authorities

Scenario 1 — A medium-sized municipality dematerialises its road works public contracts

A municipality of approximately 25,000 inhabitants manages between 40 and 60 public contracts each year, including about twenty above the formal competition threshold. Before dematerialisation, each contract required the printing of 3 to 5 copies of the contract documentation, a physical signature circuit involving the mayor, the DGA and the public accountant (DGFIP representative), then sending by registered mail to the contractor and to the prefecture for legality review. The average time between award and contract notification was 18 working days.

After deploying a qualified electronic signature solution integrated into its buyer profile, the municipality reduced this timeframe to 4 working days, a reduction of 78%. Direct cost savings on printing, postage and archival management were estimated at approximately €12,000 per year. Legality review, now carried out via the @ctes portal with electronic signature, is completed within 48 hours compared to an average of 7 days previously.

Scenario 2 — A department dematerialises its subsidy agreements with associations

A regional council allocates each year over 1,200 subsidies to local associations, each giving rise to a bilateral agreement. Paper management mobilised a team of 4 part-time staff for 3 months per year, with a rate of return of signed agreements within deadlines barely above 60% — associations often delaying the return of signed documents.

After deploying an advanced electronic signature solution in white label, the department automated the sending of agreements electronically with automatic follow-ups. The signature rate within deadlines rose to 94% in the first year alone. The gain in full-time equivalents represents approximately 1.2 FTE/year. Automatic archiving in a compliant digital safe deposit box also made it possible to reduce physical storage costs by 35%.

Scenario 3 — An inter-municipal authority secures its community council deliberations

A metropolitan council grouping 18 municipalities holds an average of 12 community councils per year, each producing between 20 and 50 deliberations. The physical signature of each deliberation by the president and delegated vice-presidents involved heavy logistics, with travel sometimes difficult for elected officials living in peripheral municipalities.

By deploying a remote qualified signature workflow, allowing each elected official to affix their signature from their smartphone or computer with their personal certificate, the inter-municipal authority eliminated geographic constraints and reduced the time to finalise deliberations from 12 days to an average of 2 days. The saving on travel (mileage fees, staff time) was valued at approximately €8,500 per year. The complete traceability of signatures and timestamps also simplified responses to contentious challenges.

Conclusion

Electronic signature has established itself as a structuring tool for the modernisation of local authorities. Whether for public contracts, partnership agreements, deliberations or administrative orders, contract dematerialisation in town halls offers measurable benefits: reduction in processing times, direct savings on administrative costs, strengthening of legal security of acts and improvement of relations with partners and service providers. The regulatory framework — eIDAS, Civil Code, GDPR, NIS2 — provides a solid foundation for securing this transition, provided that a qualified provider is chosen and the signature level is calibrated to the risk of each act.

Certyneo supports local authorities in this transformation with an eIDAS-compliant platform, hosted in Europe, featuring advanced delegation management and API integration with the main public information systems. Discover our tariffs and offers dedicated to the public sector or contact our team for a personalised demonstration.