FSCA Guidance on the Use of Electronic Signatures and Prepopulated Documents

FSCA COMMUNICATION 12 OF 2021 (FAIS) Use of Electronic Signatures and Prepopulated Documents

1. BACKGROUND AND PURPOSE 1.1 It has come to the attention of the Financial Sector Conduct Authority (“FSCA”) that, as a result of the lockdown regulations imposed due to the COVID-19 pandemic, there are Financial Services Providers (“FSPs”) who use electronic signatures of clients when rendering financial services (with or without consent). 1.2 The purpose of this Communication is to provide guidance to FSPs and their representatives regarding the – (a) use of electronic signatures in the course of rendering financial services; (b) the use or prepopulated forms or documents; and (c) the FSCA’s views on this practice
2. USE OF ELECTRONIC SIGNATURES AND PREPOPULATED DOCUMENTS 2.1 When considering the question whether the use of electronic signatures is permissible, it is apposite to draw a distinction between the scenario where the - (a) client is the originator of the signature; and (b) FSP uses an electronic signature on behalf of the client. Client is the originator of the signature 2.2 Sections 12 and 13 of the Electronic Communications and Transactions Act, No. 25 of 2002 (“ECT Act”) distinguishes between instances where the law requires a particular document (information) to be in writing with a signature and those where the parties to a transaction impose this obligation upon themselves (which is a factual question). 2.3 When considering the question whether the parties imposed upon themselves the obligation that the transaction be in writing and signed (electronically) it is important to note who the relevant parties are: (a) In respect of documents signed for purposes of the relationship between the client and the FSP (e.g. the mandate to the FSP), the relevant parties are the client and the FSP (NOT the client and a representative of the FSP); and (b) in respect of documents signed for the purposes of the acquisition of a financial product (e.g. product supplier issued application form), the relevant parties are the client and the product supplier (NOT the client and FSP or a representative of the FSP).

2 2.4 Unless a particular provision of the applicable legislation requires differently, the parties are free to decide whether they are desirous to conclude a transaction by way of conventional means or via electronic means requiring an electronic signature. Should they agree on the latter, an electronic signature is legally permissible. 2.5 In instances where FSP’s allow clients to make use of electronic signatures, they must take reasonable steps to ensure that the electronic signature in use is reliable and appropriate. For example: (a) Using a dedicated organisation domain name that clearly identifies the company to which the signatory belongs; (b) having the signatory (client) send the signed document directly to the recipient (FSP / representative), minimising the use of intermediaries; (c) ensuring strict compliance with signature formalities that may be specified; and (d) utilising a service provider in order to authenticate the identity of the signatory as well as the time and date of signature. FSP uses an electronic signature on behalf of the client 2.6 It has come to the attention of the FSCA that FSPs utilise scanned images of handwritten signatures of clients to “sign” documentation on behalf of clients. 2.7 In the view of the FSCA, a scanned image of a handwritten signature embedded into a document does qualify as an electronic signature as defined in the ECT Act. 2.8 However, the use of the electronic signature of a client by an FSP should not be looked at from the perspective of the ECT Act only. Instead, the following questions should be posed: (a) what are the effects of doing so; and (b) is this in contravention of existing subordinate legislation administered by the FSCA. 2.9 In terms of section 7(2) of the General Code of Conduct for Authorised Financial Services Providers and Representatives, 2009 (“General Code”), no provider may in the course of the rendering of a financial services request any client to sign a written or printed form or document unless all details required to be inserted thereon by the client or on behalf of the client have already been inserted. This requirement therefore means that an FSP - (a) may not request a client to sign a blank or partially completed document; (b) may complete documents on behalf of the client; (c) must request a client’s signature only after all the relevant details have been inserted by the client, or on behalf of the client to enable the client to apply his/her mind to what they are binding themselves to. 2.10 In addition, in the insurance framework, Rule 9 of both the Long-Term and Short-Term Policyholder Protection Rules provides that - “No insurer or intermediary may in connection with any transaction relating to a policy require, permit or allow a policyholder, potential policyholder, member of a group scheme or potential member of a group scheme or claimant or potential claimant to sign any blank or partially completed form necessary for the purpose of the transaction, where another person will be required, permitted or allowed to fill in other required detail, or conclude any such transaction where any such signing and providing of detail have occurred.”

3 2.11 In circumstances where an FSP affixes an electronic signature to a client’s application for a financial product for example, it cannot be assumed that the signature is affixed to an already completed form, a partially completed form or a blank form. What can be assumed is that the signature is affixed under circumstances where the client is not present at the time this is done and not privy to the contents of the form at the time the signature is affixed. This goes against the spirit and intent of section 7(2) of the General Code and Rule 9 of the Long-Term and Short-Term Policyholder Protection Rules. 2.12 The aforementioned provisions go beyond merely saying that a client may not sign a blank document. It is aimed at ensuring that a client is fully appraised of the contents of a document. More than this, it implies that although a FSP can complete documents in relation to the rendering of financial services on the client’s behalf, the FSP must request the client’s signature. 2.13 Stated simply, the client must sign the document (not the FSP using the client’s electronic signature as if the FSP is the client). 2.14 An FSP’s role is that of an intermediary between its clients and product providers and is not ordinarily clothed with authority to enter into contracts on behalf of its clients. Therefore, an FSP should not sign agreements on client’s behalf, even by electronic means. 2.15 It should be noted that a Power of Attorney (“POA”) cannot be provided in circumstances in which it is expected that the holder must personally apply his/her mind to the matter at hand (for example the mandate to the FSP, disclosure documents, etcetera). Also, in instances where it is conceivable that an FSP acts under a POA, the FSP must clearly sign documents on behalf of a client, and not as if the client actually signed the document. 3. CONCLUSION 3.1 The FSCA is not opposed to the use of electronic signatures by clients to conclude an agreement with a product supplier. 3.2 The FSCA is concerned that the use of electronic signatures of clients by the FSPs has the potential to expose clients to the risk of fraud, forgery and theft of client assets that would arise from possible unauthorised transactions entered into ostensibly on their behalf. 3.3 In light of the above, the FSCA strongly recommends that FSPs refrain from the practice of using an electronic signature of a client, even with the consent of that client. 3.4 FSPs and their representatives are reminded of the duty to, at all times, comply with all requirements of the relevant legislation and subordinate legislation and to render financial services honestly, fairly, with due skill, care and diligence, and in the interests of the clients and the integrity of the financial services industry.

4 4. ENQUIRIES For more information regarding this Communication contact the Conduct of Business Supervision Department of the FSCA at Charene.nortier@fsca.co.za or Dimakatso.zililo@fsca.co.za or Mpho.Mashashane-Masango@fsca.co.za. KS Dikokwe Divisional Executive: Conduct of Business Supervision Financial Sector Conduct Authority Date of publication: 5 July 2021