Call Anytime +977- 9768717747

Data Center and Cloud Service Registration Nepal

  • Home
  • Blog
  • Data Center and Cloud Service Registration Nepal
Data Center and Cloud Service Registration Nepal
28 May

What Is Data Center and Cloud Service Registration Nepal?

Data Center and Cloud Service Registration Nepal refers to the formal process by which a business entity operating data center infrastructure or providing cloud computing services is incorporated under Nepalese law and listed with the Department of Information Technology under the Data Center and Cloud Services (Operation and Management) Directive, 2081 (2025). This directive, issued on January 28, 2025, under Section 79 of the Electronic Transactions Act, 2063, mandates compulsory registration for all data center and cloud service providers operating in Nepal. The directive establishes a tier classification system for data centers, prescribes operational standards, mandates security compliance, and requires government agencies to use only registered providers. For IT entrepreneurs, infrastructure investors, and foreign technology companies seeking to establish data center or cloud operations in Nepal, understanding the legal architecture, infrastructure requirements, and compliance obligations is essential. This guide has been prepared to explain every stage of the procedure in a manner that is both legally accurate and practically actionable. CorporateNp is recognized as a trusted service provider for data center and cloud service registration and IT compliance in Nepal.

Legal Framework Governing Data Center and Cloud Service Registration Nepal

Multiple statutes and regulations are applied to govern the establishment and operation of data centers and cloud services in Nepal. The primary legislation is the Electronic Transactions Act, 2063 (2008), which provides the legal basis for digital services, electronic signatures, and data protection. The Data Center and Cloud Services (Operation and Management) Directive, 2081 (2025) establishes the mandatory registration requirement, tier classification system, and operational standards. The Companies Act, 2063 (2006) governs the incorporation of the service provider as a corporate entity. The Information Technology Policy, 2072 (2015) establishes the strategic framework for IT sector development. The National Cyber Security Policy, 2078 (2021) prescribes security standards for critical digital infrastructure. The Foreign Investment and Technology Transfer Act, 2075 (2019) permits 100% foreign ownership in IT services with no minimum capital requirement. The Income Tax Act, 2058 (2002) imposes corporate tax at 25%, though IT exports may qualify for tax rebates. The Individual Privacy Act, 2075 (2018) governs personal data protection. Together, these laws create a comprehensive regulatory system through which Data Center and Cloud Service Registration Nepal is administered.

Legal Framework Summary Table

Legislation Relevance to Data Center and Cloud Registration
Electronic Transactions Act, 2063 Legal basis for digital services and data protection
Data Center and Cloud Services Directive, 2081 Mandatory DoIT listing, tier classification, operational standards
Companies Act, 2063 Company incorporation and corporate governance
Information Technology Policy, 2072 Strategic IT sector development framework
National Cyber Security Policy, 2078 Security standards for critical infrastructure
FITTA, 2075 Foreign investment with zero minimum capital for IT
Income Tax Act, 2058 Corporate tax and export rebate provisions
Individual Privacy Act, 2075 Personal data protection requirements

Types of Data Center and Cloud Services Recognized in Nepal

Four primary categories of data center and cloud service operations are recognized under the Directive 2081. Each category is subject to distinct registration and compliance requirements.

Data Center Operator

  • Owns and operates physical data center facilities
  • Provides colocation, server hosting, and infrastructure services
  • Must achieve tier classification (I, II, III, or IV)
  • Highest infrastructure and capital requirements
  • Mandatory DoIT listing before commencing operations

Cloud Service Provider

  • Offers Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS)
  • May operate own data centers or use third-party facilities
  • Must comply with information security and IT service management standards
  • Mandatory DoIT listing for all cloud service operations

Managed Service Provider

  • Provides managed hosting, disaster recovery, and IT outsourcing services
  • Often combines data center operations with cloud services
  • Must obtain appropriate listings for each service category
  • Requires both infrastructure and service management compliance

Hybrid Service Provider

  • Combines data center operations with cloud service delivery
  • Offers both physical infrastructure and virtualized services
  • Must comply with all requirements applicable to both categories
  • Most complex compliance structure

Service Type Comparison Table

Service Type Primary Offering DoIT Listing Required Infrastructure Level Capital Requirement
Data Center Operator Colocation, physical hosting Mandatory Very High NPR 10M-100M+
Cloud Service Provider IaaS, PaaS, SaaS Mandatory High NPR 5M-50M+
Managed Service Provider Managed hosting, DR Mandatory High NPR 5M-30M+
Hybrid Service Provider Combined physical and cloud Mandatory Very High NPR 15M-100M+

Data Center Tier Classification System in Nepal

The Directive 2081 establishes a four-tier classification system for data centers based on infrastructure reliability, redundancy, and service availability.

Tier I: Basic Capacity

  • Uptime: 99.671%
  • Maximum downtime per year: 28.8 hours
  • Power backup: 12 hours minimum
  • Redundancy: None (N)
  • Suitable for: Startups, small businesses, non-critical applications
  • Infrastructure requirements: Basic power and cooling, single distribution path

Tier II: Redundant Capacity Components

  • Uptime: 99.749%
  • Maximum downtime per year: 22 hours
  • Power backup: 12-24 hours
  • Redundancy: Partial (N+1 for critical components)
  • Suitable for: Small to medium businesses, moderately critical applications
  • Infrastructure requirements: Redundant power and cooling components, single distribution path

Tier III: Concurrently Maintainable

  • Uptime: 99.982%
  • Maximum downtime per year: 1.6 hours
  • Power backup: 24-48 hours
  • Redundancy: N+1 (one active backup for every component)
  • Suitable for: Banks, government agencies, large enterprises, critical applications
  • Infrastructure requirements: Multiple distribution paths, concurrent maintenance capability, dual power feeds

Tier IV: Fault Tolerant

  • Uptime: 99.995%
  • Maximum downtime per year: 26.3 minutes
  • Power backup: 48+ hours
  • Redundancy: 2(N+1) (fully fault-tolerant architecture)
  • Suitable for: Critical infrastructure, military, emergency services, maximum availability requirements
  • Infrastructure requirements: Independent systems, fault-tolerant architecture, continuous operation during component failure

Tier Classification Summary Table

Tier Uptime Downtime/Year Power Backup Redundancy Suitable For
I 99.671% ≤ 28.8 hours 12 hours None Startups, small businesses
II 99.749% ≤ 22 hours 12-24 hours Partial Small to medium businesses
III 99.982% ≤ 1.6 hours 24-48 hours N+1 Banks, government, enterprises
IV 99.995% ≤ 26.3 minutes ≥ 48 hours 2(N+1) Critical infrastructure

Government Data Storage Requirement

  • Data centers storing government data must achieve Tier III or higher classification
  • Government agencies are mandated to use only DoIT-listed data center and cloud service providers
  • Security agencies must use services operated by the Integrated Data Management Center

Eligibility Criteria for Data Center and Cloud Service Registration Nepal

Specific eligibility conditions must be satisfied before a data center or cloud service provider can be registered and listed in Nepal.

Company Structure Requirements

  • The company must be incorporated as a private limited company, public limited company, or foreign company branch under the Companies Act
  • The memorandum of association must expressly include data center operations, cloud services, or related IT infrastructure services as primary objectives
  • Minimum authorized capital for domestic private limited companies is NPR 100,000 with at least 10% paid-up
  • For foreign investors in IT services, no minimum capital requirement applies under FITTA

Technical Personnel Requirements

  • At least one technical director or manager with demonstrated expertise in data center operations or cloud architecture
  • Network security specialists are mandatory for Tier III and IV facilities
  • Compliance officer must be appointed or services obtained from authorized institutions
  • IT service management certified personnel are recommended

Infrastructure Requirements

  • Registered office and operational facility in Nepal
  • Physical data center facility meeting tier classification standards or cloud service delivery infrastructure
  • Reliable power supply with backup systems meeting tier requirements
  • Fire safety systems certified by relevant authorities
  • Physical security measures including access control and surveillance
  • Environmental controls including cooling and humidity management
  • Network connectivity with redundant internet access

Security and Compliance Requirements

  • Information security management system implemented
  • Business continuity and disaster recovery plans documented
  • Data protection and privacy policies enforced
  • Annual security audit capability
  • Compliance with National Cyber Security Policy standards

Step-by-Step Data Center and Cloud Service Registration Nepal Process

The procedure for Data Center and Cloud Service Registration Nepal involves sequential stages across multiple government agencies. The process is described below in the order in which it is typically completed.

Stage 1: Company Incorporation

Step 1: Reserve Company Name

  • An online name reservation application is submitted through the OCR portal
  • The proposed name should reflect the data center or cloud service nature of the entity
  • Names typically include terms such as Data Center, Cloud, Host, Server, or Digital Infrastructure
  • Name reservation is generally approved within 1 to 3 working days

Step 2: Draft MOA and AOA

  • The Memorandum of Association specifies data center operations, cloud services, and related IT infrastructure objectives
  • The Articles of Association provide for:
  • Board composition and director appointment
  • Share transfer restrictions
  • Compliance officer appointment
  • Data protection and privacy provisions
  • Business continuity and disaster recovery procedures
  • Asset disposal upon dissolution

Step 3: Submit Incorporation Documents to OCR

  • Required documents include:
  • Name reservation approval
  • MOA and AOA signed by all promoters
  • Notarized citizenship certificates of promoters
  • Passport-sized photographs of promoters
  • Office rent agreement or ownership documents
  • Ward office recommendation letter
  • OCR verification and approval typically takes 3 to 7 working days

Step 4: Obtain PAN and Tax Registration

  • Permanent Account Number is registered at the Inland Revenue Department
  • Tax clearance certificate is obtained
  • VAT registration is completed if annual taxable turnover exceeds NPR 2 million for services

Step 5: Ward Office Business Registration

  • The company is registered at the local Ward Office where the registered office is located
  • A trade license or business operation certificate is obtained
  • Fees vary by municipality, typically ranging from NPR 5,000 to NPR 15,000 annually

Stage 2: Department of Information Technology Listing

Step 6: Determine Listing Category

  • Separate applications are required for data center and cloud service operations
  • Companies offering both services must apply for both listings
  • The appropriate tier classification is determined based on infrastructure capabilities

Step 7: Prepare DoIT Application for Data Center Listing

  • Required documents include:
  • Certificate of incorporation of company
  • Security and privacy policy of the organization
  • Business continuity plan details
  • IP pool details available in the company's name
  • Fire safety compliance certificate
  • Building completion certificate
  • Map location of the data center
  • Data center tier classification details
  • Technical manpower details
  • Physical security procedures
  • High-level electricity design
  • Information security standard certificates for both primary and disaster recovery sites

Step 8: Prepare DoIT Application for Cloud Service Listing

  • Required documents include:
  • Certificate of incorporation
  • Security and privacy policy
  • Business continuity plan
  • IP pool details
  • Technical manpower details
  • Data center location map where cloud service is operated
  • Agreement with the data center if using third-party facilities
  • ISP/NSP affiliation details
  • Information security standard certificates
  • Information technology service management standard certificates

Step 9: Submit Application and Undergo Inspection

  • The complete application is submitted to the Department of Information Technology
  • DoIT officials conduct document verification
  • Physical inspection of data center facilities is conducted for data center listings
  • Technical evaluation of cloud service infrastructure is performed
  • Additional documents may be requested during the review process

Step 10: Obtain DoIT Listing Certificate

  • Upon satisfactory verification and inspection, DoIT issues the listing certificate
  • The certificate is typically issued within one month of complete application submission
  • Listed providers must update their details annually by the end of Poush (mid-January)

Stage 3: Additional Compliance

Step 11: Implement Operational Compliance Systems

  • Equal access opportunities are provided to all customers
  • Necessary security standards are adopted for data storage
  • Service continuity is ensured through redundant systems
  • Unauthorized access monitoring and reporting systems are implemented
  • Compliance officer is appointed or services are obtained from authorized institutions
  • Annual security audit arrangements are made
  • Customer data protection measures are implemented through bilateral agreements
  • Infrastructure transfer assistance procedures are established for customer termination

Step 12: Obtain ISP License if Providing Connectivity

  • If the data center or cloud provider also offers internet connectivity, an ISP license must be obtained from the Nepal Telecommunications Authority
  • Three categories of ISP licenses are available: National, Regional, and Local

Documents Required for Data Center and Cloud Service Registration Nepal

Proper documentation is essential for the successful registration and listing of data center and cloud service providers. The following documents are required at various stages.

Company Incorporation Documents

  • Certificate of incorporation from OCR
  • Memorandum and Articles of Association
  • Board resolution authorizing business operations
  • PAN registration certificate
  • Tax clearance certificate
  • Ward office business registration certificate

DoIT Data Center Listing Documents

  • Certificate of incorporation of company
  • Security and privacy policy of the organization
  • Business continuity plan details
  • IP pool details available in the company's name
  • Fire safety compliance certificate
  • Building completion certificate
  • Map location of the data center
  • Data center tier classification details
  • Technical manpower details
  • Physical security procedures
  • High-level electricity design
  • Information security standard certificates for primary site
  • Information security standard certificates for disaster recovery site

DoIT Cloud Service Listing Documents

  • Certificate of incorporation
  • Security and privacy policy
  • Business continuity plan
  • IP pool details
  • Technical manpower details
  • Data center location map where cloud service is operated
  • Agreement with the data center if using third-party facilities
  • ISP/NSP affiliation details
  • Information security standard certificates
  • Information technology service management standard certificates

ISP License Documents if Applicable

  • Completed ISP license application form
  • Company registration certificate, MOA, and AOA
  • PAN and VAT registration certificates
  • Tax clearance certificate
  • Detailed business plan
  • Technical proposal and network diagram
  • Financial statements and capital proof
  • CVs of key technical personnel
  • Network security and data protection plan

Documents Summary Table

Document Category Specific Documents Submitting Authority
Company Incorporation certificate, MOA, AOA, PAN, tax clearance OCR, IRD
DoIT Data Center Security policy, BCP, IP pool, fire safety, tier details, IS certificates for DC and DR Department of Information Technology
DoIT Cloud Service Security policy, BCP, IP pool, DC agreement, ITSM certificates, ISP/NSP affiliation Department of Information Technology
ISP License Business plan, technical proposal, financial proof, security plan Nepal Telecommunications Authority

Operational Compliance Obligations Under Directive 2081

The Data Center and Cloud Services Directive, 2081 imposes specific operational compliance obligations on all listed providers.

Equal Access and Non-Discrimination

  • Equal access opportunities must be provided to all customers
  • No preferential treatment or discriminatory pricing based on customer size or sector
  • Transparent service level agreements must be offered

Security Standards

  • Necessary security standards must be adopted for data storage and processing
  • Information security management systems must be implemented and certified
  • Regular security audits must be conducted by authorized auditors

Service Continuity

  • Service continuity must be ensured through redundant infrastructure
  • Business continuity plans must be documented and tested regularly
  • Disaster recovery capabilities must match the declared tier classification

Unauthorized Access Reporting

  • Unauthorized access incidents must be reported immediately to regulatory authorities
  • Incident response procedures must be documented and operational
  • Customer notification protocols must be established for security breaches

Compliance Officer Requirement

  • A compliance officer must be appointed or services obtained from authorized institutions
  • The compliance officer is responsible for regulatory liaison and compliance monitoring
  • Annual compliance reports must be submitted through the compliance officer

Annual Security Audits

  • Annual security audits must be conducted by certified auditors
  • Audit reports must be submitted to DoIT as part of annual updates
  • Remediation of identified vulnerabilities must be documented

Customer Data Protection

  • Customer data must be protected through bilateral agreements
  • Data localization requirements must be observed for government and financial sector data
  • Cross-border data transfer restrictions must be complied with

Infrastructure Transfer Assistance

  • Upon termination of services, infrastructure transfer assistance must be provided to customers
  • Data portability mechanisms must be established
  • No unreasonable barriers to customer migration may be imposed

Compliance Obligations Summary Table

Obligation Requirement Frequency
Equal Access Non-discriminatory service provision Continuous
Security Standards ISMS implementation and certification Annual audit
Service Continuity BCP testing and DR validation Annual
Incident Reporting Unauthorized access reporting Immediate
Compliance Officer Appointed or contracted Continuous
Security Audits Certified auditor assessment Annual
Data Protection Bilateral agreements and localization Continuous
Transfer Assistance Customer migration support Upon termination

Delisting Procedures and Consequences

The Directive 2081 establishes clear procedures for delisting non-compliant providers.

Grounds for Delisting

  • Non-compliance with operational obligations
  • Data misuse or unauthorized data handling
  • Company dissolution or voluntary withdrawal
  • Failure to submit annual updates
  • Security incidents not properly reported or remediated

Delisting Process

  • DoIT issues a notice requiring written explanation within 15 days
  • The provider submits explanation and remediation plan
  • If explanation is inadequate, delisting is executed within 7 days
  • Delisting details are published in national newspapers and on the DoIT website
  • Customers must transfer services from delisted providers

Consequences of Delisting

  • Immediate prohibition from offering data center or cloud services
  • Public notification of delisted status
  • Mandatory customer migration to listed providers
  • Potential legal action for continued operation after delisting

Foreign Investment in Nepal's Data Center and Cloud Sector

Foreign participation in Nepal's data center and cloud services sector is expressly encouraged under current investment policy.

Zero Minimum Capital Requirement

  • Under FITTA, the information technology sector has no minimum foreign investment threshold
  • This is a significant advantage compared to other sectors requiring NPR 20 million minimum
  • Foreign investors may establish wholly-owned subsidiaries

Automatic FDI Route

  • Foreign investments up to NPR 500 million are approved without case-by-case screening
  • Approval is typically granted within 7 days for complete applications
  • Company registration is completed at OCR
  • Foreign capital must be recorded with Nepal Rastra Bank within 6 months

Repatriation of Profits

  • Profits, dividends, and capital gains are fully repatriable after tax compliance
  • The repatriation process has been streamlined following December 2025 NRB reforms
  • Approval is now delegated to licensed commercial banks with 15-working-day timeline

Technology Transfer Benefits

  • Technology transfer agreements for proprietary data center infrastructure and cloud platforms are permitted
  • Royalty payments for technology are regulated under FITTA
  • Foreign technical experts may be employed subject to work permit requirements

Tax Implications for Data Center and Cloud Service Providers

The tax framework for data center and cloud service providers in Nepal includes standard corporate provisions and IT-specific incentives.

Corporate Income Tax

  • Standard corporate income tax rate is 25%
  • Applies to net taxable income from data center and cloud service operations

VAT Obligations

  • VAT at 13% applies to taxable supplies if turnover exceeds NPR 2 million for services
  • Voluntary VAT registration is recommended for B2B service providers
  • Export of cloud services to foreign clients may be zero-rated

Export Incentives

  • IT exports may qualify for tax rebates under the Income Tax Act
  • Up to 75% tax rebate is available for information technology exports under certain conditions
  • Proper documentation of foreign earnings is required

Withholding Taxes

  • Payments to foreign service providers for software licenses or technical services attract 15% withholding tax
  • Double taxation avoidance agreements may provide relief

Tax Summary Table

Tax Type Rate Applicability
Corporate Income Tax 25% On net taxable income
VAT 13% If turnover threshold exceeded
Export Rebate Up to 75% For qualifying IT exports
WHT on Foreign Payments 15% On royalties and technical fees
Dividend WHT 5% On profit distribution

Post-Registration Compliance for Data Center and Cloud Service Providers

Ongoing compliance is mandatory to maintain DoIT listing and operate legally.

Annual Company Compliance

  • Annual returns must be filed with OCR within 6 months of fiscal year-end
  • Audited financial statements must be prepared by registered auditor
  • Income tax returns are due within 3 months of income year-end
  • Advance tax installments are payable by mid-January, mid-April, and mid-July

DoIT Annual Update

  • Listed providers must update registration details annually by end of Poush (mid-January)
  • Updated security audit reports must be submitted
  • Changes in technical manpower, infrastructure, or service offerings must be reported
  • Tier classification must be maintained or updated if infrastructure is upgraded

Security and Audit Obligations

  • Annual security audits must be conducted by certified auditors
  • Information security standard certificates must be maintained current
  • Vulnerability assessments and penetration testing are recommended
  • Incident response procedures must be documented and tested

Compliance Calendar Table

Compliance Item Frequency Deadline Authority
Annual return filing Annual Within 6 months of fiscal year-end OCR
Income tax return Annual Within 3 months of income year-end IRD
Advance tax installments Quarterly Mid-Jan, Mid-Apr, Mid-Jul IRD
DoIT annual update Annual End of Poush (mid-January) DoIT
Security audit Annual As per audit schedule DoIT/Internal
VAT return Monthly/Quarterly Within 25 days of period end IRD
Incident reporting As needed Immediate upon discovery DoIT

Cost Breakdown for Data Center and Cloud Service Registration Nepal

The total cost of establishing a data center or cloud service operation in Nepal varies based on the scale, tier classification, and service model.

Company Registration Costs

  • OCR registration fee: NPR 15,000
  • Ward office registration: NPR 5,000 to NPR 15,000 annually
  • PAN registration: free of charge
  • VAT registration: free of charge
  • Professional fees for legal documentation: NPR 10,000 to NPR 50,000

DoIT Listing Costs

  • Application and processing fees: variable
  • Security audit and certification: NPR 100,000 to NPR 500,000
  • Infrastructure compliance upgrades: variable by tier

Infrastructure Setup Costs

  • Tier I data center facility: NPR 5,000,000 to NPR 20,000,000
  • Tier II data center facility: NPR 20,000,000 to NPR 50,000,000
  • Tier III data center facility: NPR 50,000,000 to NPR 200,000,000
  • Tier IV data center facility: NPR 200,000,000+
  • Server hardware and networking equipment: NPR 10,000,000 to NPR 100,000,000
  • Uninterruptible power supply systems: NPR 2,000,000 to NPR 20,000,000
  • Fire safety and physical security: NPR 1,000,000 to NPR 10,000,000
  • Cooling and environmental controls: NPR 2,000,000 to NPR 15,000,000
  • Software licenses and management platforms: NPR 500,000 to NPR 5,000,000 annually

Professional Service Fees

  • Legal and documentation support: NPR 50,000 to NPR 200,000
  • Technical consultancy and tier certification: NPR 200,000 to NPR 1,000,000
  • DoIT liaison and application preparation: NPR 100,000 to NPR 300,000

Cost Summary Table

Cost Item Tier I Tier II Tier III Tier IV
Company Registration NPR 15,000-75,000 NPR 15,000-75,000 NPR 15,000-75,000 NPR 15,000-75,000
DoIT Listing NPR 100,000-600,000 NPR 100,000-600,000 NPR 100,000-600,000 NPR 100,000-600,000
Facility Construction NPR 5M-20M NPR 20M-50M NPR 50M-200M NPR 200M+
Equipment and Infrastructure NPR 10M-30M NPR 30M-80M NPR 80M-300M NPR 300M+
Professional Fees NPR 350,000-1,300,000 NPR 350,000-1,300,000 NPR 350,000-1,300,000 NPR 350,000-1,300,000

Frequently Asked Questions

What is Data Center and Cloud Service Registration Nepal?

It is the formal process of incorporating a data center or cloud service entity under the Companies Act and obtaining mandatory listing from the Department of Information Technology under the Data Center and Cloud Services Directive, 2081.

Is DoIT listing mandatory for all data center operators?

Yes, all data center and cloud service providers must be listed with DoIT before offering services. Existing operators were required to apply within 6 months of the directive's issuance on January 28, 2025.

What are the tier classifications for data centers in Nepal?

Four tiers are established: Tier I (99.671% uptime), Tier II (99.749%), Tier III (99.982%), and Tier IV (99.995%). Government data must be stored in Tier III or higher facilities.

What is the minimum capital required for a data center in Nepal?

For domestic private limited companies, the minimum authorized capital is NPR 100,000. For foreign investors in IT services, no minimum capital requirement applies under FITTA.

Can foreigners establish data centers in Nepal?

Yes, foreign investors may establish wholly-owned data center and cloud service companies with 100% ownership. The IT sector has no minimum capital requirement and falls under the automatic FDI route.

How long does data center registration take?

Company incorporation takes 5 to 7 working days. DoIT listing takes approximately 1 month after complete application and inspection. Total timeline is typically 2 to 3 months.

What documents are required for DoIT data center listing?

Required documents include company registration, security policy, business continuity plan, IP pool details, fire safety certificate, building completion certificate, location map, tier details, technical manpower details, physical security procedures, electricity design, and IS certificates for primary and disaster recovery sites.

What documents are required for DoIT cloud service listing?

Required documents include company registration, security policy, business continuity plan, IP pool details, technical manpower details, data center location map, data center agreement if using third-party facilities, ISP/NSP affiliation, IS certificates, and IT service management certificates.

What happens if a provider operates without DoIT listing?

Operating without mandatory DoIT listing violates the Data Center and Cloud Services Directive. Penalties include delisting orders, fines, mandatory customer data transfer to listed providers, and potential legal action.

What is the validity period of DoIT listing?

DoIT listing requires annual updates by the end of Poush (mid-January). The listing remains valid provided annual updates are submitted and compliance is maintained.

Are security audits mandatory for data center operators?

Yes, annual security audits are mandatory for all DoIT-listed providers. Information security standard certificates must be maintained current for both primary and disaster recovery sites.

Can a cloud provider use third-party data centers?

Yes, cloud service providers may use third-party data center facilities. However, an agreement with the data center must be submitted to DoIT, and the underlying data center must be DoIT-listed.

What is the Integrated Data Management Center?

It is a government-operated facility that provides data center services specifically for security agencies. Security agencies are mandated to use services from this center rather than commercial providers.

What are the consequences of DoIT delisting?

Delisted providers are prohibited from offering services, publicly notified, and required to assist customers in migrating to listed providers. Continued operation after delisting attracts legal penalties.

How CorporateNp Assists with Data Center and Cloud Service Registration Nepal

Navigating the Data Center and Cloud Service Registration Nepal process requires coordination across company incorporation, DoIT listing, infrastructure compliance, and ongoing regulatory obligations. CorporateNp provides comprehensive registration and compliance services to IT entrepreneurs and foreign investors seeking to establish data center and cloud operations in Nepal.

Services Provided

  • Company incorporation with IT-specific memorandum and articles of association
  • DoIT listing application preparation and submission for data center and cloud service providers
  • Security policy drafting and business continuity plan development
  • Tier classification assessment and infrastructure compliance advisory
  • Coordination with DoIT for inspection and certification
  • Fire safety and building completion certification coordination
  • ISP license application support through NTA if connectivity services are offered
  • Tax registration and export incentive advisory
  • Ongoing compliance management including annual updates, security audit coordination, and regulatory reporting

Expertise and Credentials

  • Deep expertise in the Electronic Transactions Act, Data Center and Cloud Services Directive, Companies Act, and FITTA
  • Established relationships with the Department of Information Technology, Nepal Telecommunications Authority, and Office of Company Registrar
  • Proven track record of successful IT infrastructure registrations and DoIT listings

Call to Action

IT entrepreneurs and infrastructure investors are encouraged to contact CorporateNp for a consultation before initiating the data center and cloud service registration process.

Disclaimer

The information provided in this guide is intended for general informational and educational purposes only. It does not constitute legal, tax, or business advice. Laws and regulations in Nepal are subject to frequent amendment, and individual circumstances may vary. Readers are strongly advised to seek independent professional advice from qualified legal counsel or tax advisors before making decisions related to data center or cloud service registration. CorporateNp disclaims any liability for actions taken based on the contents of this guide.

References

For further reading and official guidance, the following authoritative sources are recommended.

Latest Posts

Categories

Tags

pan card nepal online pan registration in nepal ird pan login banijya bibag nepal deparment of commerce nepal nid nepal Nid narayanhiti nid online form travel and tour company registration company registration in nepal tourism business registration in nepal open travel company in nepal FDI in nepal FDI process in Nepal FDI company registrationin Nepal FDI approval process in Nepal foreign investment in nepal fdi in nepal investment in nepal property business registration Nepal real estate business Nepal DFTQC Nepal Food License Nepal Nepal business visa requirements business visa Nepal cost extend business visa Nepal Nepal business visa duration marriage registration in nepal marriage visa in nepal visa for marraige in nepal convert tourist visa to business visa convert tourist visa in nepal it company registration in nepal nepal software business license nepal tech startup registration Trademark Registration in Nepal intellectual property registration in nepal DOI trademark Nice classification Nepal trademark renewal Nepal overstay visa in nepal business visa in nepal foreign branch office registration in nepal branch office registration in nepal share transfer nepal buying shares in nepal purchase agreement nepal company share purchase nepal law social welfare council nepal INGO registration requirement nepal pan registration nepal ird pan nepal land tax nepal property registration in nepal property tax in nepal EIA Nepal IEE Nepal visa for business in nepal social media registration in nepal media registration in nepal online media registration in nepal education consultancy registration in nepal tuition center registration in nepal dairy business registration Nepal dairy compliance Nepal Nepal dairy regulations healthcare facility registration Nepal medical clinic license Nepal clinic registration process Nepal online business Nepal digital marketplace Nepal e-commerce legal requirements Nepal Construction License in Nepal Nepal Construction License DUDBC License Nepal fdi process in nepal DOI foreign investment Nepal IBN investment approval Nepal automatic route FDI Nepal Company Dividend Nepal company dividend distribution process in nepal cigar factory legal compliances in Nepal tobacco factory registration Nepal cigar manufacturing license Nepal polyclinic license Nepal multi-specialty clinic registration Nepal health institution license Nepal Kathmandu notary public notary services Kathmandu document notarization Nepal power of attorney notary Kathmandu Manpower license Nepal foreign employment license DOFE Nepal manpower company registration Nepal recruitment agency license Startup loan Nepal IEDI startup loan collateral free loan Nepal government startup funding Nepal DCGF guarantee Nepal startup registration Nepal product trademark nepal good trademark registration nepal producr brand registration nepal doi trademark nice classification goods nepal Student visa Nepal study visa Nepal international students Nepal Department of Immigration Nepal student visa Nepal student visa requirements Liaison office registration Nepal foreign company liaison office Nepal contact office Nepal liaison office vs branch office Nepal iaison office compliance Nepal MOA amendment Nepal change company objectives Nepal company objective modification Nepal debt recovery lawyer in nepal Corporate governance Nepal company compliance director responsibilities statutory meetings fiduciary duties SEBON guidelines OCR requirements Companies Act 2063 foreign company branch office registration Nepal FDI company registration FITTA 2075 foreign investment Nepal OCR Nepal company registration Nepal ocr.gov.np DFTQC registration dietary supplement Nepal nutraceutical registration health supplement Nepal food supplement license DDA supplement registration Nepal Rastra Bank FDI Approval NRB Foreign Investment Recording FDI Capital Injection Nepal Foreign Investment Repatriation Nepal FITTA 2075 NRB Compliance One Stop FDI Approval Nepal OSSC Nepal Investment One Stop Service Centre IBN Single Window FDI Nepal Fast Track Investment Approval Nepal Recording of Foreign Direct Investment Nepal NRB FDI Recording Foreign Investment Recording Nepal FDI Inflow Certificate Nepal Capital Injection Recording Nepal SEBON Private Equity Nepal PE Fund Registration Nepal Alternative Investment Nepal Private Equity Fund Nepal Foreign Company Tax Rate in Nepal Nepal Foreign Company Tax Branch Office Tax Nepal Visa Law of Nepal Nepal Visa Rules 2026 Nepal Immigration Law Foreigner Company Name Reservation in Nepal CAMIS Name Reservation Nepal OCR Company Name Check Hetauda Sub-Metropolitan City business license Industrial Enterprise Act Nepal industry registration Nepal Industrial Enterprises Act 2076 Nepal industry compliance ndustry tax incentives Nepal
+977 9768717747