Today the use of E-Signatures is an acceptable business practice that is admissible in times of litigation and audit. The key to success is to identify and understand regulations based on particular business processes for E-Signing. In Europe one regulation is changing the game.
Effective July 2016, the new EU regulation on electronic identification and trust services 910/2014 – typically referred to as eIDAS - goes into force. It is designed to propel digital transformation a as a major corner stone for a single European Market. One of its major goals is to fuel E-Signature adoption in Europe by largely replacing 28 nation laws on E-Signatures. eIDAS comes with new options to go digital with both identification and signing processes.
Businesses should familiarize with these new options to stay competitive. Industries with broad potential to benefit from eIDAS are for example banking, insurance, telco and services, in particular if they run multi-channel and multi-national operations. They ought to assess their signing process whether they have already embarked on E-Signing or still stick with wet ink signatures.
Barriers around E-Signing in identification, signing execution and user acceptance, which have been identified at past attempts to go paperless and mobile in signing processes, may have become, at least partially, obsolete. Requirements to stick with wet ink signatures on paper are gradually disappearing. The overwhelming majority of business processes where wet ink signatures are captured today might be executed with E-Signatures. Start exploring your (new) options now.
Know your Purposes
In order to assess the particular relevance of eIDAS regulation to your business and identify corresponding laws the first step should be to understand the intended purposes for signing, which is either one purpose or multiple purposes of the following:
- Associate the signer with a document
- Prove involvement in the act of signing
- Provide proof of the signer’s involvement with the content of the signed document
- Provide endorsement of authorship
- Provide endorsement of the contents of a document authored by someone else, e.g. witnessing.
- Prove a person was at a given place at a given time
- Meet a statutory requirement that a document be signed to make it valid
This kind of assessment is required to understand the use case(s) of a wet ink signature on paper and to identify the corresponding requirements of an E-Signature associated to an electronic document. Note that there may be several signature fields in a particular document fulfilling different purposes. A good example for documents with multiple purposes are account opening documents of banks and telecommunication companies, where customers are typically requested to sign multiple times throughout the on-boarding process.
Questions you may ask when trying to identify and understand related to the role of signatures in your business process and their associated risk may include:
- Why is something (e.g. contract) signed and by whom (e.g. customer)? Potential answers: Legal Requirement; Operational Reasons – e.g. evidence; Sales Reasons – e.g. confident experience of a conclusion
- Which operational risks do you need to consider?
- How many and to what extent did your organization experience claims or challenges related to signatures in the paper-based process?
- What are realistic attack scenarios for the electronic signing process?
- How likely and how often is a dispute to occur in relation to the signature?
Wet ink signatures on paper are visual acknowledgements and validation of intent. When it comes to E-Signatures, requirement sets and levels of functionality were created to ensure trustworthiness. In many business cases wet ink signatures hold a certain acceptance and comfort level, as the traditional signing ceremony is tried, tested and trusted procedure for centuries. eIDAS also recognizes methods where this traditional way of signing is transferred to the digital world and handwritten signatures are captured throughout the writing process including their biometric characteristics also on smartphones and tablets.
In my view, signatures executed in a trustworthy manner may occur in various ways, and is also true of E-Signatures. There is no one-size fits it all approach or a checklist for the perfect E-Signature solution. I encourage you use the information presented here, to find new for E-Signature opportunities based on eIDAS. Take time to identify an understand ongoing changes in legal, technical and process requirements that matter to your business. An E-Signing process in general and the signature ceremony in particular may be considered trustworthy if the process is capable of fulfilling the requirements of a signature process.
For example. these requirements for Germany, are outlined in the definition in a written form in German Civil law. They are relevant for the signing process in general: “The quality of proof - the evidential weight - is based on functions that cater to:
- Conclusiveness (non-repudiation as much as it is possible).
- Integrity (resistance against manipulation).
- Warning (protection against haste, time to recognize content to be signed).
- Identity (validation and verification of the signee).
Selecting the appropriate E-Signing method is important, and requires an understanding of the characteristics and best practices supporting a trustworthy E-Signature. Organizations wishing to implement E-Signatures must align their technology, culture, and processes to meet the challenges of E-Signature use.
Register and attend AIIM’s upcoming webinar titled “e-Signatures in Europe - Understanding the New Regulation and How It Can Help Your Business” on March 10, 2016 at 2 pm UK time. Join Stephen Mason, Barrister and author of various books on E-Signing, and Joerg Lenz, Kofax Product Marketing Manager as they discuss this new regulation and the impact it has on business within the European Community.
Participants of this webinar will be the first to be given access to download a copy of the new AIIM Whitepaper titled "E-Signatures in Europe: Understanding Legal Regulations for Proof of Intent".
This article is underwritten by Kofax from Lexmark