Electronic Signature Act

X. Other — Electronic Signatures in Global and National Commerce Act
FDIC Consumer Compliance Examination Manual — January 2014 X–3.1
The Electronic Signatures in Global and National
Commerce Act (E-Sign Act)
Introduction
The Electronic Signatures in Global and National Commerce
Act (E-Sign Act), 1 signed into law on June 30, 2000, provides
a general rule of validity for electronic records and signatures
for transactions in or affecting interstate or foreign commerce.
The E-Sign Act allows the use of electronic records to satisfy
any statute, regulation, or rule of law requiring that such
information be provided in writing, if the consumer has
affirmatively consented to such use and has not withdrawn
such consent.
Subject to certain exceptions, the substantive provisions of the
law were effective on October 1, 2000. Record retention
requirements became effective on March 1, 2001. The E-Sign
Act grandfathers existing agreements between a consumer and
an institution to deliver information electronically. However,
agreements made on or after October 1, 2000, are subject to
the requirements of the E-Sign Act.
Summary of Major Provisions
Consumer Disclosures
Prior Consent, Notice of Availability of Paper Records
Prior to obtaining their consent, financial institutions must
provide the consumer, a clear and conspicuous statement
informing the consumer:
• of any right or option to have the record provided or made
available on paper or in a non electronic form, and the
right to withdraw consent, including any conditions,
consequences, and fees in the event of such withdrawal;
• whether the consent applies only to the particular
transaction that triggered the disclosure or to identified
categories of records that may be provided during the
course of the parties’ relationship;
• describing the procedures the consumer must use to
withdraw consent and to update information needed to
contact the consumer electronically; and
• informing the consumer how the consumer may
nonetheless request a paper copy of a record and whether
any fee will be charged for that copy.
See Section 101(c)(1)(B).

1 Public Law 106-229, June 30, 2000.
Hardware and Software Requirements; Notice of Changes
Prior to consenting to the use of an electronic record, a
consumer must be provided with a statement of the hardware
and software requirements for access to and retention of
electronic records. See Section 101(c)(1)(i).
If the consumer consents electronically, or confirms his or her
consent electronically, it must be in a manner that reasonably
demonstrates the consumer can access information in the
electronic form that will be used to provide the information
that is the subject of the consent. See Section 101(c)(1)(C)(ii).
If a change in the hardware or software requirements need to
access or retain electronic records creates a material risk that
the consumer will not be able to access or retain subsequent
electronic records subject to the consent, a financial institution
must:
• provide the consumer with a statement of (a) the revised
hardware and software requirements for access to and
retention of electronic records, and (b) the right to
withdraw consent without the imposition of any condition,
consequence, or fee for such withdrawal; and
• again comply with the requirements of subparagraph (c) of
this section.
See Section 101(c)(1)(D).
Oral communications or a recording of an oral communication
shall not qualify as an electronic record. See Section 101(c)(6).
Record Retention
The E-Sign Act requires a financial institution to maintain
electronic records accurately reflecting the information
contained in applicable contracts, notices or disclosures and
that they remain accessible to all persons who are legally
entitled to access for the period required by law in a form that
is capable of being accurately reproduced for later reference.
See Section 101(d).
Agreements reached with consumers prior to October 1, 2000,
to deliver information electronically are exempt from the
requirements of Section 101(d). However, for any agreements
made with new or existing customers on or after October 1,
2000, the requirements of Section 101(c)(1) will supersede all
other consumer consent procedures relating to the use of
electronic disclosures set forth in other regulations.
Regulatory and Other Actions
The consumer consent provisions in the E-Sign Act became
effective October 1, 2000, and did not require implementing
regulations. Nonetheless, on March 30, 2001, the Federal
Reserve Board (FRB) adopted interim final rules (Interim
Final Rules) and on November 9, 2007, the FRB adopted final
rules (Final Rules) establishing uniform standards for the
X. Other — Electronic Signatures in Global and National Commerce Act
X–3.2 FDIC Consumer Compliance Examination Manual — January 2014
electronic delivery of federally mandated disclosures for five
consumer protection regulations: Regulation B, Equal Credit
Opportunity; Regulation E, Electronic Fund Transfers;
Regulation M, Consumer Leasing; Regulation Z, Truth in
Lending, and Regulation DD, Truth in Savings.
The Final Rules provided guidance on the timing and delivery of
electronic disclosures. Pursuant to the Final Rules, electronic
disclosures should be made using a method best suited to the
particular type of disclosure. If the consumer uses electronic
means to open an account or request a service, the disclosures
must be provided before the account is opened or the service is
requested. In response to a consumer request, disclosures should
be made available in a reasonable amount of time and may be
electronic if the consumer agrees. There are exceptions to the
consumer consent requirement for electronically providing certain
types of disclosures when the consumer is using electronic means
such as a home computer. Disclosures should be maintained on
the website for a reasonable amount of time for consumers to
access, view, and retain the disclosures. The mandatory
compliance date was October 1, 2008.
Definitions
“Consumer” – The term “consumer” means an individual who
obtains, through a transaction, products or services which are
used primarily for personal, family, or household purposes,
and also means the legal representative of such an individual.
“Electronic” – The term “electronic” means relating to
technology having electrical, digital, magnetic, wireless,
optical, electromagnetic, or similar capabilities.
“Electronic Agent” – The term “electronic agent” means a
computer program or an electronic or other automated means
used independently to initiate an action to respond to
electronic records or performances in whole or in part without
review or action by an individual at the time or the action or
response.
“Electronic Record” – The term “electronic record” means a
contract or other record created, generated, sent,
communicated, received, or stored by electronic means.
“Electronic Signature” – The term “electronic signature”
means an electronic sound, symbol, or process, attached to or
logically associated with a contract or other record and
executed or adopted by a person with the intent to sign the
record.
“Federal Regulatory Agency” – The term “Federal regulatory
agency” means an agency as that term is defined in section
552(f) of Title 5, United States code.
“Information” – The term “information” means data, text,
images, sounds, codes, computer programs, software,
databases, or the like.
“Person” – The term “person” means an individual,
corporation, business trust, estate, trust, partnership, limited
liability company, association, joint venture, governmental
agency, public corporation or any other legal or commercial
entity.
“Record” – The term “record” means information, that is
inscribed on a tangible medium or that is stored in an
electronic or other medium and is retrievable in perceivable
form.
“Requirement” – The term “requirement” includes a
prohibition.
“Self-Regulatory Organization” – The term “self-regulatory
organization” means an organization or entity that is not a
Federal regulatory agency or a State, but that is under the
supervision of a Federal regulatory agency and is authorized
under Federal law to adopt and administer rules applicable to
its members that are enforced by such organization or entity,
by a Federal regulatory agency, or by another self-regulatory
organization.
“State” – The term “State” includes the District of Columbia
and the territories and possessions of the United States.
“Transaction” – the term “transaction” means an action or set
of actions relating to the conduct of business, consumer, or
commercial affairs between two or more persons, including
any of the following types of conduct:
1. the sale, lease, exchange, licensing, or other disposition of
(i) personal property, including goods and intangibles, (ii)
services, and (iii) any combination thereof; and
2. the sale, lease, exchange, or other disposition of any
interest in real property, or any combination thereof.
Examination Procedures
1. Determine if and to what extent the financial institution
electronically delivers compliance-related notices or
disclosures subject to the consumer consent provisions of
the Act.
2. Determine if the financial institution has established
procedures to ensure compliance with the provisions of
this Act.
3. Determine that the consumer, prior to consenting, is
provided with a clear and conspicuous statement
informing the consumer of any right or option to have the
record provided or made available on paper or in nonelectronic form, and the right to withdraw the consent,
including any conditions, consequences, or fees in the
event of such withdrawal. Verify that the statement
contains the following:
a. informs the consumer whether the consent applies
only to the particular transaction that triggered the
X. Other — Electronic Signatures in Global and National Commerce Act
FDIC Consumer Compliance Examination Manual — January 2014 X–3.3
disclosure or to identified categories of records that
may be provided during the course of the parties’
relationship;
b. describes the procedures the consumer must use to
withdraw consent and to update information needed to
contact the consumer electronically; and
c. informs the consumer how the consumer may
nonetheless request a paper copy of a record and
whether any fee will be charged for that copy.
4. Determine that the consumer, prior to consenting, is
provided with a statement of the hardware and software
requirements for access to and retention of electronic
records.
5. Determine that the consumer provides affirmative consent
electronically, or confirms his or her consent
electronically, in a manner that reasonably demonstrates
the consumer can access information in the electronic
form that will be used to provide the information that is
the subject of the consent.
NOTE: Oral communications shall not qualify as an electronic
record.
6. If a change in the hardware or software requirements
needed to access or retain electronic records creates a
material risk that the consumer will not be able to access
or retain subsequent electronic records subject to the
consent, verify that the financial institution provides the
consumer with the following:
a. statement of the revised hardware and software
requirements for access to and retention of electronic
records;
b. the right to withdraw consent without the imposition
of any condition, consequence, or fee for such
withdrawal; and
c. the consumer provides a new affirmative consent as
previously outlined.
7. Determine that the financial institution maintains a single
“authoritative” copy of any transferable record relating to
a loan secured by real property. Such record must be
“unique”, “identifiable”, and “unalterable”.
8. Determine that the financial institution maintains
electronic records accurately reflecting the information
contained in applicable contracts, notices, or disclosures
and that they remain accessible to all persons who are
legally entitled to access for the period required by law in
a form that is capable of being accurately reproduced for
later reference.
References
FIL 79-98: Interagency Guidance on Electronic Financial
Services and Consumer Compliance
Guidance Attachment
FIL 72-2000: Notice of Consumer Consent Requirements
Applicable to the Electronic Delivery of Consumer
Disclosures
FIL 70-2001: FDIC Seeks Comment on Study of Banking
Regulations Regarding the Online Delivery of Banking
Services
FIL 30-2003: Federal Bank and Credit Union Regulatory