Section 22

Section 22 establishes the formal gateway for entry into India's licensed CA ecosystem. Any person — individual, company, or government entity — may apply to the Controller for a licence to issue Electronic Signature Certificates. Three procedural requirements apply: the application must be in the prescribed form, accompanied by prescribed documents (which the Information Technology (Certifying Authorities) Rules 2000 specify in detail, including technical infrastructure requirements, security audit reports, and financial capability evidence), and accompanied by the prescribed fee, capped at Rs 25,000 by the section itself. This fee cap ensures that the statutory fee cannot be set at a prohibitive level, even though the actual cost of meeting the technical requirements is far higher. Section 22(3) defines the character of the licence: it is time-limited (the period is prescribed), non-transferable (a CA licence cannot be sold, assigned, or passed on to another entity), and non-heritable (on the death of an individual licence holder, the licence does not pass to their estate). The non-transferability rule prevents the monetisation of CA licences and ensures that the licence attaches to the approved entity's specific technical and governance arrangements. Conditions attached under regulations give the Controller ongoing leverage over licensed CAs — compliance failures can trigger those conditions and ultimately licence action under Sections 25 (suspension) and 33 (surrender).