FDIC Guidelines for Electronic Signatures
FEDERAL DEPOSIT INSURANCE CORPORATION (FDIC)
The Federal Deposit Insurance Corporation (FDIC) preserves and promotes
public confidence in the U.S. financial system by insuring deposits in
banks and thrift institutions for up to $100,000; by identifying,
monitoring and addressing risks to the deposit insurance funds; and by
limiting the effect on the economy and the financial system when a bank
or thrift institution fails. An independent agency of the federal
government, the FDIC was created in 1933 in response to the thousands
of bank failures that occurred in the 1920s and early 1930s.
The FDIC directly examines and supervises about 5,300 banks and
savings banks, more than half of the institutions in the banking
system. Banks can be chartered by the states or by the federal
government. Banks chartered by states also have the choice of whether
to join the Federal Reserve System. The FDIC is the primary federal
regulator of banks that are chartered by the states that do not join
the Federal Reserve System. In addition, the FDIC is the back-up
supervisor for the remaining insured banks and thrift institutions.
FDIC LAW, REGULATIONS, RELATED ACTS (online here)
2000 - FDIC Rules and Regulations
§ 335.801 (b) Electronic filings. (7) Signatures. sub-parts (i), (ii) and (iii) all define electronic signatures as valid documents for submission to the FDIC.
(i) Required signatures to, or within, any electronic
submission must be in typed form. When used in connection with an
electronic filing, the term "signature" means an electronic entry or
other form of computer data compilation of any letters or series of
letters or characters comprising a name, executed, adopted or
authorized as a signature.
(ii) Each signatory to an electronic
filing shall manually sign a signature page or other document
authenticating, acknowledging or otherwise adopting his or her signature
{{8-31-05 p.2423}}that appears in typed form within the electronic
filing. Such document shall be executed before or at the time the
electronic filing is made and shall be retained by the filer for a
period of five years. Upon request, an electronic filer shall furnish
to the FDIC a copy of any or all documents retained pursuant to this
section.Each company filing to the FDIC must have a physical copy of a physical signature from each signatory on file.
When the company submits the required documents to the FDIC a copy of the physical signature should accompany any materials that have been electronically signed through an esign system.
(iii) Where the FDIC's rules require a filer to furnish to
a national securities exchange, a national securities association, or a
bank, paper copies of a document filed with the FDIC in electronic
format, signatures to such paper copies may be in typed form.
ESIGN solutions can allow businesses to comply with the requirement found in sub-section (a) that electronic signatures "must be in typed form rather than manual format". The electronic signature capturing process must create a kind of Signature Confirmation Receipt that is presented in "typed form" as a formatted file.
6500 - FDIC Consumer Protection
§ 202.16 Requirements for electronic communication.
(a) Definition. Electronic communication means a message
transmitted electronically between a creditor and an applicant in a
format that allows visual text to be displayed on equipment, for
example, a personal computer monitor.
(b) General rule. In
accordance with the Electronic Signatures in Global and National
Commerce Act (the E-Sign Act) (15 U.S.C. 7001 et seq.) and the rules
set forth in this regulation, a creditor may provide by electronic
communication any disclosure required by this regulation to be in
writing. Disclosures provided by electronic communication must be
provided in a clear and conspicuous manner and in a form the applicant
may retain.For detailed references please see my Main Laws page
(c) When consent is required. For disclosures required by
this regulation to be in writing, a creditor shall obtain an
applicant's affirmative consent in accordance with the requirements of
the E-Sign Act. Disclosures under §§ 202.9(a)(3)(i)(B), 202.13(a) and
202.14(a)(2)(i) are not subject to this requirement if provided on or
with the application.
A good system should provide a multi-step approach to “Consumer
Consent ”. First, by providing a text area in the message to the
recipient the sender can disclose all relevant information regarding
the specific transaction. PrivaSign provides a second disclosure
notification when the recipient clicks the "Sign It" button. Once again
Full disclosure can be given as pertains to this specific transaction.
Acknowledgement of this disclosure is captured as proof that the
consumer was informed, and did accept to use an electronic process.Sub-section (d) discusses the how the creditor should "(1) Send the disclosure to the applicant's electronic address" or "(2) Make the disclosure available at another location such as an Internet web site". PrivaSign allows for verified email disclosure with confirmation and signature receipts.
In compliance with (2)(ii) the service should be available to anyone with internet access and an email address.
(2)(ii) Make the disclosure available for at least 90 days
During the time the files are available online, both sender and
recipient may download the file so that they may be in compliance with
any applicable laws. This downloaded file can be saved to their
computer, saved to a portable medium (CD, DVD or others) or even
printed to paper. PrivaSign captures file integrity hashes so that all
parties can verify the integrity of saved files.
§ 202.16 (f) Electronic signatures. An electronic
signature as defined under the E-Sign Act satisfies any requirement
under this part for an applicant's signature or initials.[Codified to 12 C.F.R. § 202.16]
Supplement I to Part 202—Official Staff Interpretations
16(f) Electronic Signatures.
1. Relationship to the
E-Sign Act. The E-Sign Act provides that electronic signatures have the
same validity as handwritten signatures. Section 106 of the E-Sign Act
(15 U.S.C. 7006) defines an electronic signature. To comply with the
E-Sign Act, an electronic signature must be executed or adopted by an
applicant with the intent to sign the record. Accordingly, regardless
of the technology used to meet this requirement, the process must
evidence the applicant's identity.Section 205.10 (b) Written Authorization for Preauthorized Transfers From Consumer's Account
5. Similarly authenticated. The similarly authenticated standard permits signed, written authorizations to be provided electronically.
The writing and signature requirements of this section are satisfied by
complying with the Electronic Signatures in Global and National
Commerce Act, 15 U.S.C. 7001 et seq., which defines electronic records
and electronic signatures. Examples of electronic signatures include,
but are not limited to, digital signatures and security codes. A
security code need not originate with the account-holding institution.
The authorization process should evidence the consumer's identity and
assent to the authorization. The person that obtains the authorization
must provide a copy of the terms of the authorization to the consumer
either electronically or in paper form. Only the consumer may authorize
the transfer and not, for example, a third-party merchant on behalf of
the consumer.Section 226.36--Requirements for Electronic Communication
36(b) General Rule
1. Relationship to the E-Sign Act. The
E-Sign Act authorizes the use of electronic disclosures. It does not
affect any requirement imposed under this part other than a requirement
that disclosures be in paper form, and it does not affect the content
or timing of disclosures. Electronic disclosures are subject to the
regulation's format, timing, and retainability rules and the clear and
conspicuous standard. For example, to satisfy the clear and conspicuous
standard for disclosures, electronic disclosures must use visual text.
2. Clear and conspicuous standard. A creditor must provide electronic
disclosures using a clear and conspicuous format. Also, in accordance
with the E-Sign Act:
i. The creditor must disclose the requirements for accessing and retaining disclosures in that format;
ii. The consumer must demonstrate the ability to access the information
electronically and affirmatively consent to electronic delivery; and
iii. The creditor must provide the disclosures in accordance with the specified requirements.Customized disclosures need to be integrated into the signature
process of each transaction. Individual businesses may always comply
with (b)(2) by posting the disclosure on their personal website.
5. Retainability of disclosures. Creditors satisfy the
requirement that disclosures be in a form that the consumer may keep if
electronic disclosures are delivered in a format that is capable of
being retained (such as by printing or storing electronically). The
format must also be consistent with the information required to be
provided under section 101(c)(1)(C)(i) of the E-Sign Act (15 U.S.C.
7001(c)(1)(C)(i)) about the hardware and software requirements for
accessing and retaining electronic disclosures.Signing a file is just half of the task. All parties involved are
going to need access to this 'signed' document, both immediately and in
the future. "Retainability" addresses this issue. Notice that no hard
set rules are set. It is left up to the users to determine this
requirement. You should think about the industry and the needs of your
signatorees. While people can always download and store them on their
own, there must be enough time to access the files.
6. Disclosures provided on creditor's equipment. A creditor
that controls the equipment providing electronic disclosures to
consumers (for example, a computer terminal in a creditor's lobby or an
automated loan machine at a public kiosk) must ensure that the
equipment satisfies the regulation's requirements to provide timely
disclosures in a clear and conspicuous format and in a form that the
consumer may keep. For example, if disclosures are required at the time
of an on-line transaction, the disclosures must be sent to the
consumer's e-mail address or must be made available at another location
such as the creditor's Internet web site, unless the creditor provides
a printer that automatically prints the disclosures.
36(d) Address or Location to Receive Electronic CommunicationParagraph 36(d)(1)
1. Electronic address. A
consumer's electronic address is an e-mail address that is not limited
to receiving communications transmitted solely by the creditor.Paragraph 36(d)(2)
1. Identifying account involved.
A creditor may identify a specific account in a variety of ways and is
not required to identify an account by reference to the account number.
For example, where the consumer has only one credit card account, and
no confusion would result, the card issuer may refer to "your credit
card account." If the consumer has two credit card accounts, the card
issuer may, for example, differentiate accounts based on the card
program or by using a truncated account number.
2. 90-day rule.
The actual disclosures provided to consumer must be available for at
least 90 days, but the creditor has discretion to determine whether
they should be available at the same location for the entire period.36(e) Redelivery
1. E-mail returned as undeliverable.
If an e-mail to the consumer (containing an alert notice or other
disclosure) is returned as undeliverable, the redelivery requirement is
satisfied if, for example, the creditor sends the disclosure to a
different e-mail address or postal address that the creditor has on
file for the consumer. Sending the disclosures a second time to the
same electronic address is not sufficient if the creditor has a
different address for the consumer on file.
{{4-30-04 p.6982.02-E}}36(f) Electronic Signatures
1. Relationship to E-Sign Act.
The E-Sign Act provides that electronic signatures have the same
validity as handwritten signatures. Section 106 of the E-Sign Act (15
U.S.C. 7006) defines an electronic signature. To comply with the E-Sign
Act, an electronic signature must be executed or adopted by a consumer
with the intent to sign the record. Regardless of the technology used
to meet this requirement, the process must evidence the consumer's
identity.For detailed references to the E-SIGN Act please see my Main Laws page