How E-Signatures Reduce Risk
eSignLive regularly hosts webcasts with legal and compliance experts on topics such as how to reduce risk and increase enforceability of electronic records. If you missed it, or don't have an hour to sit through a webcast, here is a 5-minute summary of one of this year's most popular webcasts, How E-Signatures Reduce Risk and Strengthen Enforceability of Signed Records, featuring Patrick Hatfield of Locke Lord LLP.
Electronic signatures are used across all industries on pretty much any type of contract and document that requires a signature. When it comes to e-contracting, the ultimate question is:
"Will our e-signed/e-delivered documents be as enforceable as our paper contracts?"
Enter Patrick Hatfield, a partner at the Austin, Texas offices of Locke Lord LLP.
Patrick is a co-author of the Six Point Framework for Assessing Risk in Electronic Signature and E-Contracting Processes and has helped many clients design and implement effective and compliant electronic signature and electronic delivery processes.
According to Patrick:
A reasonably well-designed e-contracting process, supported by solid technology, can reduce risk, relative to a traditional paper-based process and provide a company with better evidence to enforce its contracts.
It’s more about process than it is about technology, but technology plays important role. Hear Patrick discuss how e-signatures reduce risk and learn about the legal framework and best practices for mitigating risk with e-signature.
Six Point Risk Framework
Patrick's six-point framework enables multi-disciplinary teams within companies to have a common language for how they assess risk and match mitigation strategy with the right risk. Developed over time from risks identified by clients, Patrick’s framework applies to contracts, delivery of consumer disclosures, and how promissory notes or special transferable records are handled.
Here are the six risks:
- Authentication Risk
How do you authenticate the identity of the person signing?
- Repudiation Risk
How do you ensure documents are not tampered with or altered after they are signed?
- Admissibility Risk
How can a contract signed electronically be enforced in court?
- Compliance Risk
Can you show that you adhered to the correct process?
- Adoption Risk
How do you make the e-contracting process user friendly enough?
- Relative Risk
Is your e-contracting process as safe and enforceable (if not more enforceable than) as the traditional process?
Of these six, Patrick’s webcast presentation focuses on the three related to proving and enforcing an e-record: authentication, repudiation and admissibility.
The Authentication Risk is the risk of a forger. This is important because if you want to enforce a contract against an individual (let’s say, John Doe), your e-sign process should have evidence that you verified and authenticated the identity of the person claiming to be John Doe.
Note: As part of a digital transaction, the signer can be authenticated a number of ways depending on transaction risk. Learn about the options for validating the identity of signers in this paper: User Authentication for E-Signature Transactions.
The Repudiation Risk is the risk that a person claims a document they e-signed was altered after they signed it. They therefore reject the validity of the content of the document. This risk can be mitigated in several ways:
- After the document has been e-signed, it should be encrypted with digital signature technology to make it tamper evident. Think of this as the seal on a bottle – it doesn’t prevent tampering, but reveals when the bottle has been tampered with. (Note: At eSignLive, we believe the most secure way to address this risk is to digitally sign the document’s contents each time someone e-signs. This creates a distinct tamper seal for each signer, to ensure the audit trail is accurate and that there is no confusion as to who signed, in what order and when. This approach also ensures that if a change is made to the document between signers, it will be detected.)
- An e-signed document needs to have an audit trail/audit log to prevent ‘he said, she said’ situations. All the activities comprising the audit trail become evidence of how you show what John Doe did on a given day – that you verified the real John Doe and that the real John Doe received and e-signed the documents, etc. This audit trail should also be encrypted and tamper evident.
If you are going to court to enforce an e-signed contract, you want to ensure it is admissible to evidence. If you have a reasonably designated e-contracting process (the individual is authenticated; the document is encrypted; workflow rules enforce the exact steps and sequence of who sees and signs what documents in what order; etc.), your custodian can get this information admitted into evidence and feel confident of its admissibility. This makes the evidence more persuasive than it would likely otherwise be.
Patrick offers a wealth of tips and guidance in this practical session. Hear him discuss how e-signatures reduce risk and share any outstanding questions so we can be sure to answer them in our next legal webcast.