Read Blog Post

Read Blog Post

Contributed on February 29, 2016

3.2K

1K

EU Regulation eIDAS: What it Means for Your Business

Blog: Kofax - Smart Process automation

Today the use of e-Signatures is an acceptable business practice that is admissible in times of litigation and audit. The key to success is to identify and understand regulations based on particular e-signing business processes. In Europe, one regulation is changing the game.

Effective July 2016, the new EU regulation on electronic identification and trust services 910/2014—typically referred to as eIDAS—will propel digital transformation as a major cornerstone for a single European market. One of its major goals is to fuel e-signature adoption in Europe by largely replacing 28 nations’ laws on e-signatures. eIDAS comes with new options to go digital with both identification and signing processes.

Businesses should familiarize with these new options to stay competitive. Industries with broad potential to benefit from eIDAS include banking, insurance, telco and services (in particular if they run multichannel and multinational operations). They ought to assess their signing process whether they have already embarked on e-signing or stick with wet ink signatures.

Barriers to implementing e-signing, pertaining to identification, signing execution and user acceptance – identified in past attempts to go paperless and mobile for signing processes – may have become, at least partially, obsolete. Requirements to stick with wet ink signatures on paper are gradually disappearing. The overwhelming majority of business processes where wet ink signatures are captured today could be executed with e-signatures. Start exploring your (new) options now.

Know Your Purposes

In order to assess the particular relevance of eIDAS regulation to your business and identify corresponding laws, the first step should be to understand the intended purposes for signing, which is either one or more of the following:

• Associate the signer with a document
• Prove involvement in the act of signing
• Provide proof of the signer’s involvement with the content of the signed document
• Provide endorsement of authorship
• Provide endorsement of the contents of a document authored by someone else (e.g. witnessing).
• Prove a person was at a given place at a given time
• Meet a statutory requirement that a document be signed to make it valid

This kind of assessment is required to understand the use case(s) of a wet ink signature on paper and to identify the corresponding requirements of an e-signature associated to an electronic document. Note that there may be several signature fields in a particular document fulfilling different purposes. A good example for documents with multiple purposes are account opening documents of banks and telecommunication companies, where customers are typically requested to sign multiple times throughout the on-boarding process.

Considerations

Questions you may ask related to the role of signatures in your business process and their associated risk may include:

• Why is something (e.g., a contract) signed and by whom (e.g., a customer)? Potential answers: legal requirement; operational reasons.
• Which operational risks do you need to consider?
• How many and to what extent did your organization experience claims or challenges related to signatures in the paper-based process?
• What are realistic attack scenarios for the electronic signing process?
• How likely and how often is a dispute to occur in relation to the signature?

Wet ink signatures on paper are visual acknowledgements and validation of intent. When it comes to e-signatures, requirement sets and levels of functionality were created to ensure trustworthiness. In many business cases, wet ink signatures hold a certain acceptance and comfort level, as the traditional signing ceremony has been a tried, tested and trusted procedure for centuries. eIDAS also recognizes methods where this traditional way of signing is transferred to the digital world and handwritten signatures are captured throughout the writing process, including their biometric characteristics, also on smartphones and tablets.

Final Thoughts

In my view, signatures executed in a trustworthy manner may occur in various ways, and this is also true of e-signatures. There is no one-size-fits-it all approach or a checklist for the perfect e-signature solution. I encourage you use the information presented here to find new e-signature opportunities based on eIDAS. Take time to identify and understand ongoing changes in legal, technical and process requirements that matter to your business. An e-signing process in general and the signature ceremony in particular may be considered trustworthy if the process is capable of fulfilling the requirements of a signature process.

For example, these requirements for Germany are outlined in the definition in a written form in German Civil law. They are relevant for the signing process in general. The quality of proof—the evidential weight—is based on functions that cater to:

• conclusiveness (non-repudiation as much as it is possible).
• integrity (resistance against manipulation).
• warning (protection against haste, time to recognize content to be signed).
• identity (validation and verification of the signee).

Selecting the appropriate e-signing method is important, and it requires an understanding of the characteristics and best practices supporting a trustworthy e-signature. Organizations wishing to implement e-signatures must align their technology, culture, and processes to meet the challenges of e-signature use.

Interested in learning more?

Register for AIIM’s upcoming webinar titled “e-Signatures in Europe – Understanding the New Regulation and How It Can Help Your Business” on March 10, 2016 at 2 p.m. UK time. Join Stephen Mason, Barrister and author of various books on e-signing, and Joerg Lenz, Kofax Product Marketing Manager as they discuss this new regulation and the impact it has on business within the European community.

Participants of this webinar will be the first to be given access to download a copy of the new AIIM Whitepaper titled “E-Signatures in Europe: Understanding Legal Regulations for Proof of Intent”.