Electronic Signatures: A “New Normal”
Even before Covid-19, electronic signatures (e-signatures for short) were revolutionizing the way agreements were being executed and stored. Covid-19 has not only accelerated this trend, but also highlighted the importance of using e-signature technology to conduct business and document transactions in a more fluid, cost-effective and reliable manner. As a result, all generations (young and old) are being forced to embrace the benefits of e-signature technology, especially in the finance arena where millions of dollars are transferred every minute throughout the world at lightning speeds with the push of a button.
Prior to the advent of e-signature technology, documents were typically signed, emailed and then saved in an electronic format, such as pdf. This methodology for executing transactional documents runs the risk that a transacting party’s signature was procured through forgery or other improper means. By contrast, e-signature technology generally involves a front-end process to confirm the authenticity of a signature (i.e., that the proper party signed the document) and a back-end process to electronically store the signed document (i.e., the “vault”) to confirm that the document stored is the document that the individual signed. Thus, e-signature technology significantly reduces the risk of fraud or forgery in the execution of transactional documents.
E-signature technology not only makes the process of executing transactional documents easier for all parties, but also makes it easier to verify the authenticity of the signatures on those transactional documents if the need ever arises. The first question surrounding the authenticity of a signature has been and always will be, “how do I know who signed this?” Prior to the advent of e-signatures, the only verification of the person who actually signed the document was by a witness and/or a notary—neither of whom is generally accessible and/or reliable. However, when set up properly, an electronically signed document materially upgrades the verification process. For most companies, it is recommended that a “multi-factor” authentication process be implemented. For example, many front-end vendors start the e-signature process by sending a passcode and other required access information by SMS text to a signatory’s mobile phone. With this information in hand, the signatory logs on to a website and creates an account and new password. Then, before electronically signing the document, the person has been authenticated by two methods (i.e., first by mobile phone and second by computer). In addition, many funders go further and ask signatories to properly answer specific questions to verify their identity. These questions often refer to information about the signatory obtained from public or other records, such as a prior address. This test is specifically designed to not seek current information about the signatory and is sometimes referred to as the “out of the wallet test.” The purpose of the “out of the wallet test” is to ensure that if someone found your wallet they could not answer these questions based upon information directly found therein. Taking this extra step and asking these specific questions create an additional layer of confidence and security that the person executing the document is, in fact, the person who should be executing the document.
Moreover, e-signature protocols typically have additional built-in verification tools in the form of a clear and traceable electronic “trail” verifying that the electronic document was opened and signed electronically, in addition to providing a clear identification of the computer that was used to access and sign the document. E-signatures are far more easily verified—and therefore more resistant to fraud or abuse—compared to their paper predecessors. Thus, an e-signed document can provide many more touch points to confirm that the proper party signed the document. In contrast, an ink signature usually provides little to no additional verification.
Once signed, what should a transacting party do with the signed document? The best answer is to store it electronically. This is usually done by an outside vendor (usually different from the front-end company that obtained the e-signature) that will store and safeguard the electronic document. This raises the second important issue: once the document is signed electronically, how do we confirm what was signed? For example, if the document is stored electronically, how do we know the document hasn’t been changed?
More so than with paper contracts, if an electronic document is being properly stored electronically and has been slightly revised, a comparison of the original and revised version would look vastly different because most e-vaulting companies set up the electronic documents using codes and other verification tools. Each and every change made to a document, regardless of how insignificant it might appear on a paper copy, can be determined electronically by changes in the code and therefore not missed as an oversight (which could happen more easily on a paper version). The value of e-vaulting is that it shows when, how, and by whom a document has been changed—and, more importantly, when it has not been altered.
While there are not many cases that deal with the enforceability of electronically signed documents, federal and state laws, such as the Electronic Signatures in Global and National Commerce Act (“E-SIGN”) and the Uniform Electronic Transactions Act (“UETA”) support the enforceability of certain documents which are electronically signed. Put in other words, the statute states that certain documents cannot be denied legal effect solely because they were electronically signed.
Just because E-SIGN and/or UETA may not provide authority for electronic signatures for certain transactions, does not necessarily mean that an electronic signature will not be enforceable. In fact, the Uniform Commercial Code (“UCC”) provides explicit authority for enforcing electronic signatures in connection with specific transactions. For example, Article 9 of the UCC provides authority for the enforceability of electronic signatures for secured transactions, Article 5 of the UCC provides authority for the enforceability of electronic signatures for letters of credit and Article 8 of the UCC provides authority for the enforceability of electronic signatures for security.
It is important to note that even though federal and/or state law may support the enforcement of an electronically signed document, the party enforcing it must still prove that: (i) the party electronically signed and intended to sign that document (i.e., it wasn’t a mistake); and (ii) the document sought to be enforced was the exact document that was electronically signed. As such, you must be able to “authenticate” that the person who executed the document was the intended signer. A well-designed e-signature protocol will materially bolster the authentication process. Similarly, once the document is executed, you must be able to prove that the document executed is the exact document as the one that you are seeking to enforce. This, in most circumstances, requires the document to be stored in such a manner, as explained above, that ensures the document will remain secure and free of any intentional or unintentional modifications. In addition, many of the vaulting companies have procedures in place to generate a paper document that will be considered an “original” should a tangible original be necessary (for example, for court).
As the Covid-19 pandemic continues to force people to adopt to a “new normal” where social distancing, remote working and the utilization of enhanced technology are no longer options but necessities, the use of electronically signed documents is an effective way to ensure that business continues without unnecessary delays. When the Covid-19 pandemic is long over, and the “new normal” remains, it will be those who embraced the use of electronically signed documents now that will have a competitive advantage over others who are late to the game.
 Note that Illinois and New York are the two states that have not adopted UETA but have adopted their own e-signature statutes.