Are You Able to Prove Compliance to External Auditors?
When regulated companies undergo a compliance audit, they are often asked to prove the exact business process they followed. This applies to both customer-facing transactions and internal controls. As part of this, auditors also look for a record of every time key documents were touched, when and by whom.
Whether you are a pharmaceutical company tracking controlled substances, a government agency undergoing a financial audit or a mortgage lender, there is increasing pressure to fully document your processes and decisions. If your company has not systematically tracked and recorded all actions and maintained reliable records, you risk not being able to demonstrate compliance.
OneSpan Sign provides an extra layer of built-in audit trail protection precisely for this purpose. It gives you an audit trail of the exact process used to capture signatures.
In fact, OneSpan Sign captures all the digital fingerprints that customers and employees leave as they go through a digital signing process. This helps strengthen your legal and compliance position.
The document’s audit trail contains the digital certificate used to sign, as well as the signature block image, time stamp and unique signer identification information. The document and the e-signatures it contains are tamper-sealed with a digital signature to guarantee the integrity and authenticity of the e-signed record. Especially relevant in a multi-signer process, OneSpan Sign independently time stamps and locks down each signature and any data entered by each signer independently of the others. So when you review the audit trail even years later, it is clear who signed what, in what order, at what time, etc. In fact, American Banker reported that, "banks must be able to demonstrate that customer documents are protected, and that they can't be changed after they're signed. They also need to be able to demonstrate the process, down to the specific screenshots the customer sees, for putting an electronic signature on a document."
Our e-signature solution resonates well with the legal and compliance people we speak to because it provides them direct visibility into when and how the transaction took place – something that simply isn’t possible in the paper world.
OneSpan Sign's ability to capture a full record of the signing process differentiates from other solutions. With OneSpan Sign, all actions taken by each signer are recorded, including moving to the next document or web page; clicking on a button; applying a signature; and downloading completed copies of documents after the fact. The date and time is recorded for each action and it also captures IP addresses. Audit trails are included with our e-signature service at no additional charge – think of it as a free insurance policy for your audit and compliance needs.
What your peers are saying
One way business process managers are evaluating the strength of a solution’s audit and evidence capabilities is through users’ posts on business software review sites like G2 Crowd. Here is a sample of what users, business process managers and executives say about OneSpan Sign:
- "We like the complete forensic data capture of signing event. […] We looked at both DocuSign and OneSpan Sign. We chose OneSpan based upon the reasons above." (Executive sponsor in fiserv)
- "Legal, privacy and security concerns are non-issues with the OneSpan Sign technology. Separate reviews by these teams in our organization concluded the integrity of OneSpan's systems were unmatched." (Executive sponsor in insurance)
- "OneSpan's compliance and regulatory support is top-notch." (Martha S., Spokane Teachers Credit Union)
- To hear the U.S. Joint Chiefs of Staff’s CFO, Mr. Dennis Savage, speak about the impact of e-signatures on auditability, watch this webcast.
OneSpan Sign helps mitigate risk of non-compliance by enforcing business and workflow rules, and capturing the strongest and most comprehensive audit trails in the market. To see how your compliance officers can re-create the signing process during audits, book a personal demo or download this white paper: Why ESIGN Is Not Enough: How to Reduce Legal and Compliance Risk with E-Signatures.