Common Mistakes & Solutions When Adopting E-Signatures in Business
With the rapid digitalisation and evolution (thanks to the COVID-19 pandemic), wet inked signatures on a dotted line are still common place, but are gradually being phased out. Many businesses have now turned towards implementing electronic signature (or “e-signature” in short) technologies, with hopes to streamline signing of documentation, increase efficiency and ease of doing business.
If your business wants to switch to E-Signatures, here are some things that you should know.
What are E-Signatures?
An E-Signature is a digital equivalent of a classic pen and ink signature, signifying a person’s consent or approval of the contents of a document.
Under Malaysian laws, ‘electronic signature’ is defined as “any letter, character, number, sound or any other symbol or any combination thereof created in an electronic form adopted by a person as a signature.”
A common mistake is to confuse E-signatures with Digital Signatures, which are quite different things. Read about the differences here
Why do we use E-Signatures?
Just like traditional signatures, E-Signatures bear many functions, such as to confirm the identity of the signatory, to demonstrate the contracting parties’ intention to be contractually bound by the agreement, to witness an event or meeting of a person, and also acknowledging receipt.
What are the legal requirements to satisfy when using E-Signatures?
For an E-Signature to be valid in Malaysia, the E-Signature must meet the 3 requirements set out under the Electronic Commerce Act 2006 (“ECA”):
- It is attached to, or is logically associated with the electronic message;
- It adequately identifies the person and adequately indicates the person’s approval of the information to which the signature relates; and
- It is reliable as is appropriate given the purpose for which, and the circumstances in which, the signature is required (ie, the ‘reliability test’).
However, there are 3 further requirements to fulfill the reliability test above:
- whether the means of creating the E-Signature is linked to and under the control of the signer only;
- whether any changes to the E-Signature post-signing are detectable; and
- whether any changes to the document post-signing are detectable.
The ‘reliability test’ requires good judgment to determine whether e-signatures should be used given the specific circumstances. The general lack of knowledge or experience of an employee or individual user could present risks to an organization when using e-signatures for important business documents.
Can E-Signatures be used on all documents?
No, using E-Signatures on certain instruments and documents are prohibited by the ECA will cause invalidation and can be challengeable in court as inadmissible or even invalid.
Caution should also be exercised when using e-signatures for documents that are submitted to government authorities, certain statutory documents, or documents which are signed outside of Malaysia.
For more information, visit here.
How should I store my E-signed documents?
A common mistake in using e-signatures, being so convenient and fast, would be signing and forgetting about properly storing it!
The ECA prescribes specific retention requirements, where the electronic message must be:
- Retained in the original format generated, sent, or received;
- Accessible, intelligible, reproduceable for subsequent reference; and
- Identifies the origin and destination of the electronic message and also the date and time of sending or receipt.
Therefore, before signing important documents electronically, it is critical to use a reliable and readily accessible online or cloud storage services (and continue to pay for them!). Some basic steps to take include:
- Retaining or transferring documents there were e-signed in individual email inboxes into a centralized document management system,
- Saving the audit trail of when the e-signed document was sent or received,
- Using a reliable E-Signature service provider that has a high chance of longevity.
Can E-Signatures be used to sign cross-border agreements?
The ECA is silent on the recognition of foreign e-signatures or documents executed via e-signatures outside Malaysia. A common mistake is using e-signing outside of Malaysia without checking the laws of the foreign country. Most countries have laws similar to the ECA recognizing the validity of e-signatures. However, some of these countries have different legal requirements to fulfil compared to the ECA’s.
Before using E-Signatures for cross border agreements, it would be best to consult with a trained professional.
What can my business do to adopt E-signatures properly and methodically?
Set a proper “E-Signing Policy” customized to your organization’s frequently used documents and processes. This can help to:
-
- Identify the specific types of documents that E-Signing can or cannot be used.
- Reduce fraud or any unauthorized use of E-Signing, introducing additional security measures for important documents or specific situations, proportionate to the assessed risk.
- Streamline work process and authorization process to maximise efficiency while also ensuring legality.
- Set best practices tailored to the specific risks and needs of an organization, big or small.
- Reduce the risks of the validity of E-Signature being challenged in court.
Do contact us for assistance in customizing and setting your own E-Signature Policy.