True end-to-end digitalisation of the investment management customer and transaction lifecycle demands a small yet critical ingredient: a secure, digitalised way to sign documents. Taking the right approach to solving the signature problem is therefore vital.
Two form-signing solutions now exist: digital and electronic signatures.
In a recent snap poll we conducted on LinkedIn, half the respondents said they don’t know the difference between an e-signature and a digital one. And 13% thought they were the same thing.
So what is the difference? And why is it important?
Digitalisation needs to be signed off
The investment management industry is awash with thousands of legal documents and other forms. They are a key part of every activity at every stage, from onboarding and offboarding clients to subscriptions/redemptions, updating personal details and maintaining tax records.
Today’s online portals can serve as convenient digital repositories for the downloading and re-uploading of those documents, removing the need to create, mail and complete paper forms. Seamless integration to the transfer agency platform even allows form fields to be pre-populated with available stored data to save time, manual effort and the associated risk of errors and delays.
Yet without a secure form-signing capability at the end, documents still have to be printed, signed (and in some cases notarised), scanned and re-sent – undoing much of the benefit that comes from that seamless digitalisation.
The US federal Electronic Signatures in Global and National Commerce Act (ESIGN Act) was introduced in 2000 to allow the use of electronic records and electronic signatures in interstate and foreign commerce. The Act states that a contract or signature “may not be denied legal effect, validity, or enforceability solely because it is in electronic form”.
This statement was a vital enabler of digitalisation, because it stipulated that electronic signatures and records have equal legal standing to paper ones. Since then though the technology – and associated cyberthreats – have moved on.
Electronic signature weakness
An electronic signature typically takes the form of a drawn representation of a person’s handwritten signature, as if they had signed manually with a pen.
Electronic signatures are fairly simple to create and use. They enable documents to be signed online, making them a popular tool for many business transactions.
They also come with a weakness: as with signed paper-based documents, you cannot 100% verify that the signature is valid and hasn’t been forged. Replicating the image of someone’s signature is relatively straightforward, creating trust and security vulnerability concerns that call into question the levels of assurance the electronic signatures are supposed to provide.
A digital signature delivers that much-needed security and the resulting guarantee of authenticity.
Digital signature security
A digital signature is almost like a personal seal embedded in the metadata of the document itself.
A trusted third-party Certificate Authority vets and verifies a person’s identity, and binds it to a digital certificate. That certificate-based digital ID allows the person to create a digital signature locally using a token or remotely through a cloud-based signing platform, guaranteeing the signature’s authenticity. Cryptography ties the digital certificate to the data being signed to create “one unique fingerprint” that cannot be imitated or changed.
As Will Cannon, founder of electronic and digital signature technology provider Signaturely, observed, the high-end encryption used to create digital signatures makes them “resilient not just to third-party access or tampering but to [computer] viruses and malware. The only way to open a secured digital document and inject malicious software is if you have access to a unique private key that is only meant for the recipient.”
As such, they cannot be forged or stolen, making digital signatures the most secure choice for the multitude of digital documents firms now create.
Can you afford anything less?
dpInk, Deep Pool’s automated form completion tool, makes paper forms and manual signatures obsolete. With dpInk, users can fill out, sign and submit any form you need to create online. And its industry-leading digital signature technology uses legally-binding, certificate-based digital IDs to guarantee each signature’s authenticity, minimising fraud vulnerabilities and bolstering trust.
ABOUT DEEP POOL
Deep Pool is the #1 investor servicing and compliance solutions supplier, providing cutting-edge software and consulting services to the world’s leading fund administrators and asset managers. Our flexible solution suite, developed by an experienced team of accountants, business analysts and software engineers, supports offshore and onshore hedge funds, partnerships, private equity vehicles, retail funds and regulated financial firms. Deep Pool is a global organisation with offices in Dublin, Ireland, the United States, the Cayman Islands and Slovakia. For more information, visit: www.deep-pool.com.