Most of us can probably agree that legality and security are incredibly complex topics. To help everyone grasp a better understanding of how both apply to electronic documents, DocuSign presented a partner webinar last week on July 16th. The key presenters of this webinar are Miles Kelly, Senior Director of Product Marketing at DocuSign; Steve Bisbee, Co-Inventor and President/CEO of eOriginal; and Margo Tank, Partner of BuckleySandler LLP.
Miss the webinar, or looking for highlights? Here’s an overview of the top 5 things you need to know to keep your electronic documents legal and secure:
1) Know the Law
Electronic signatures are legal! The adoption of the Uniform Electronic Transactions Act (UETA) at the state level and the passage of Electronic Signatures in Global and National Commerce Act (ESIGN) at the national level in 2000 solidified the legal landscape for use of electronic records and electronic signatures in commerce.
Common myths of eSignature Law include that “UETA only covers sales and leasing” and “ESIGN only covers consumer transactions”. Despite the myths, they are just that. As stated in the webinar, UETA and ESIGN both cover most business-to-business, business-to-consumer, consumer-to-consumer, and business-to-government commercial transactions.
2) Require the Highest Level of Security in Your Document Ecosystem
One of the ways to ensure your documents are secure electronically is to make sure your electronic signature platform provider uses the highest level of security possible.
DocuSign is the only eSignature company that is ISO 27001 certified as an information security management system (ISMS), which is the highest level of global information security assurance available today and the emerging standard for technology vendors. It’s a very stringent set of standards and requires external auditing. More specifically, this certification requires that management:
- Systematically examine the organization’s information security risks, taking account of the threats, vulnerabilities, and impacts
- Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment
- Adopt an overarching management process to ensure that the information security controls continue to meet the organization’s information security needs on an ongoing basis
3) Understand Electronic Chattel Paper
It is quite ironic to have electronic and paper in the same term, however, it is important to understand that electronic chattel paper has the same power as a paper contract.
If the contract is “chattel” paper, then the lender may make changes by either filing or by taking possession of the contract –with possession taking priority of the security interest. If a contract is created electronically, then it may be an “electronic” chattel paper, and changes are made in the same way as a paper contract.
Under Article 9-105 of the UCC, a secured party has “control” of electronic chattel paper if the record of the chattel paper is created, stored and assigned in such a manner that each of following six criteria are met:
1) A single authoritative copy of the record exists that is unique, identifiable, and, except as provided below (in 4, 5 and 6), has not been altered
2) The authoritative copy identifies the secured party as the assignee of the record or records;
3) The authoritative copy is communicated to and maintained by the secured party or its custodian;
4) Copies or revisions that add or change the identified assignee of the authoritative copy can only be made with the participation of the secured party;
5) Each copy of the authoritative copy (or any copy of a copy) is readily identifiable as a copy that is not the authoritative copy; and
6) Any revision of the authoritative copy is readily identifiable as an authorized or unauthorized revision.
As of July 1, 2013, satisfaction of the above six criteria is required to meet the Article 9 -105 amendment: “if a system employed for evidencing the transfer of interests in the chattel paper reliably establishes the secured party as the person to which the chattel paper was assigned.”
Complying with the requirements of Article 9-105 creates an additional comfort level for any subsequent buyer of those electronic leases or contracts- so be sure not to overlook them!
4) Understand eTransaction Management
Any workflow environment needs a level of management to remain secure. Facilitating the post-closing environment includes integrity checks, evidentiary packages, and audited control of access. Integrity checks are useful to ensure financial assets can be verified at any point in its life cycle. It is also important to establish control, transfer control and restrict important actions among various documents. Keep in mind that it is important to have the capability to maintain eTransactions over time, especially as technology evolves.
Below is an example diagram of a pledging as collateral eTransaction from the webinar. The collateral control agreement maintains a three-way relationship between eOriginal, the originator of the document, and the different funding sources. It is common to have multiple funders, but it is important to keep these sources under control. Control can also be maintained by the originator or transferred to custodians.
5) Implement Best Practices
After grasping a better understanding of the legality and security of electronic documents, what should you do now? The webinar presents best practices and tips to help get you going, starting with the first recommended step of implementation: getting the internal team prepared to go electronic. Overcoming tradition in an industry based on tradition can be difficult. However, it is very possible to obtain both an internal and external buy-in after developing an understanding of all the benefits, cost savings, and efficiency of using electronic documents. By bringing all team members together, including the legal team, the design team, IT and more, the decision to go electronic will be much easier and integration much faster across all departments.