Guest Editorial by Michael Ball, SVP Strategy and Innovation, IMM
Digital transformation has arrived, and eSignatures continue to play a vital role in the rapidly evolving banking industry. The ESIGN Act (Electronic Signatures in Global and National Commerce) was introduced by the government in the year 2000 in an effort to ease the adoption of electronic signatures, ushering in a new era of streamlined document-centric transaction processing.
However, nearly two decades later, the legality of electronic signatures continues to give bankers pause. In fact, our team receives an abundance of compliance-oriented inquiries from bankers each year, and of those, many are questions and/or concerns regarding the confusion surrounding demonstrable consent. These concerns are not without merit. Despite the huge strides taken to provide a more engaging, seamless customer experience - the advancements are essentially all for naught if the resulting documents cannot be enforced if ever questioned or challenged. Outlined below are proven best practices that can easily be implemented to ensure your institution satisfies the demonstrable consent element of the E-sign Act.
Defining Demonstrable Consent
Demonstrable consent is essentially affirming that when or if a consumer consents electronically, it must be in a manner that reasonably demonstrates both the consumer’s agreement to obtain records via electronic means as well as their ability to electronically receive and access that record. Essentially, the bank must be able to demonstrate that the customer is able to receive and view the document they are being asked to sign.
Considered one of the more ambiguous tenants of the ESIGN Act, demonstrable consent often causes confusion and varied interpretations. However, it is important to note that the ESIGN Act does not call out specific methods or practices that should or must be used for demonstrating such consent.
Providing a method for consumers to confirm that they can access the required information electronically is crucial to ensuring compliance. Regulatory guidance encourages financial institutions to develop procedures to ensure they maintain records of the consumer's consent process. A financial institution's failure to obtain consumer consent properly can significantly affect its compliance with consumer laws and regulations.
The demonstrable consent provision states that consumers must show both their “consent” and the ability to receive e-Sign disclosures and process documents electronically. When the Act was initially introduced, understanding the hardware and software requirements for accessing and retaining the records was an important facet. At the time, proprietary hardware and software was often used to view and/or sign documents electronically.
However, advancements in technology have eliminated what was historically a critical point to ensure consent. For example, modern eSignature platforms that leverage HTML5 to display documents no longer require special hardware or software for the consumer to view and sign documents electronically. The document is displayed using HTML5 in a “view-only” mode, allowing the consumer to view and sign documents using any internet-capable device.
Can’t View, Can’t Consent
There are steps that all financial institutions can take in obtaining a consumer’s consent prior to sending any disclosures or notices electronically in order to satisfy the consent process. To satisfy Section 101 (c), financial institutions should require the consumer to explicitly consent to the use of electronic records and signatures before they can view and/or sign the documents. Consent should be captured for each and every transaction. If needed, an institution should outline any special hardware and software requirements for accessing and retaining records. However, this step is not necessary if the eSignature platform leverages HTML5 language.
If the consumer elects to opt-out of the electronic transaction, they should be provided with the option to complete the transaction using traditional paper and wet-signature processes. This is commonly referred to as the ability to opt-out. It is important to capture and record the consumer’s consent (or opt-out) in the transaction history and audit file for future reference and research as required. The recording of the consumer consent actions in the transaction history audit file then becomes reasonable evidence that the consumer could view the documents that they were subsequently asked to sign, thereby satisfying the demonstrable consent aspect of the ESIGN Act. If a bank has not demonstrated that the consumer could both receive and access the information sent electronically, the bank cannot assert that it has complied with required consumer disclosures and notices of the regulation.
The benefits of the consumer consent provision of ESIGN outweighs the burdens of its implementation. Understanding the changes that have occurred since the provision was initially drafted and how easy it is to satisfy the provision using modern technology should overcome any compliance questions an institution may have.
Michael Ball is the SVP of Strategy and Innovation for IMM, the only eSignature provider that specializes in digital transaction solutions exclusively for financial institutions.