December 17, 2014

Best Practices: SBA Electronic Signature Requirements – A Primer

by Ethan W. Smith

On October 21, 2014, SBA released Procedural Notice 5000-1323 which sets forth the SBA’s requirements for the use of electronic signatures in connection with SBA loan programs.  Although these requirements take effect on January 1, 2015, the use of electronic signatures remains optional for lenders, at least for now.  As of January 1, 2015, all SBA 7a loan programs and the 504 program will be eligible to use electronic signatures on all documents related to the program, from application, to closing, to servicing and liquidation, through guaranty purchase.  The only documents excluded from electronic signature eligibility are documents which require a “wet” signature for valid recording.  According to Docusign, the SBA’s e-signature partner for the SBAOne initiative, approximately 70% of recordings occur in jurisdictions that accept electronically signed documents. This percentage is likely to grow over the next few years.

Many lenders approach the concept of electronically signed documents with trepidation because they are concerned about the potential for fraud if the borrower is not sitting at the closing table to execute loan documents.  However, an examination of the requirements to create a valid electronic signature and the SBA’s mandates for identification and authentication of the signer will likely put many of these concerns to rest.

There are four (4) basic requirements that need to be met to create a valid electronic signature pursuant to the federal Electronic Signatures in Global and National Commerce (“ESIGN”) Act.

The first requirement is that the signature must be in the proper form.  Electronic signatures may be any type of electronic symbol (such as a typewritten name, a scanned image, or a username and password) or an electronic process (such as the use of digital encryption technology with a private key or the real time scanning of a fingerprint).

The second requirement is establishing the signer’s intentto sign the document.  Establishing intent is the burden of the lender, and without it, the document is unenforceable.  Intent can be established by establishing: i.) the signer’s reason for signing the document; ii.) the conduct that will signify the intent to sign; iii.) what documents are being signed; and iv.) notice that the signature will be applied to the document.  These factors can be established through the use of online dialog boxes advising that continuing will result in an electronic signature, or requesting confirmation of the electronic signature already applied, or similar methods.

The third requirement is the association of the signature to a particular document or documents.  Subsumed within this requirement is the necessity to initially confirm the identity of the individual signer and then authenticating such identity at the time the signature is made.  This requirement has several distinct subparts, which require the identity of the signer to be initially proven, for the identity to be confirmed at the time the document is signed through various methods such as “out of band” and “out of wallet” verification techniques, and other knowledge-based authentication protocols and techniques to minimize the likelihood of identity theft, code scripts or hacks.

The fourth and final requirement is that the integrity of the signed record must be maintained for the life of the loan.  This requires that the document be tamper sealed, or otherwise “locked”, that an audit trail be maintained to record the date, time, and identity of anyone making changes to the document, and that it be protected with “industry standard” encryption technology.

Lenders looking at these technical e-signature requirements may find them to be somewhat daunting.   Concerns about lenders having to implement technical solutions to meet these requirements are largely misplaced.  Most of the requirements will likely be outsourced to third party technology providers.  Delegating those technical responsibilities to a vendor will not relieve lenders of their compliance obligations however.  The Lender remains liable to SBA for compliance with these requirements and must maintain adequate supervision of its vendors for compliance and quality control purposes.

By effectively implementing and managing e-signature technology, lenders can increase their efficiency by streamlining their application and closing processes without exposing themselves to an increased risk of fraud in their SBA lending programs.

For more information regarding SBA’s e-signature requirements, contact Ethan at 267-470-1186 or at