Consumer Compliance Outlook
Moving from Paper to Electronics: Consumer Compliance Under the E-Sign Act
The world of electronic banking (e-banking) has been evolving for the past 40 years. It started in the 1970s with the introduction of automated teller machines (ATMs), which provided basic services, including access to cash and balance information. In the 1980s, as customers demanded remote services, we witnessed the development of in-home banking using a terminal, keyboard, television, and telephone lines for accessing deposit account information and transferring funds between accounts. In the 1990s, the emergence of the Internet had a significant impact on e-banking because of the widespread adoption of personal computers with Internet capabilities.
To facilitate and encourage electronic commerce, Congress enacted the Electronic Signatures in Global and National Commerce Act1 (E-Sign Act) on June 30, 2000.2 The E-Sign Act states that the validity or enforceability of a contract, electronic record, or signature for a transaction affecting interstate commerce cannot be challenged solely because it is in electronic form or because an electronic signature or record was used in the formation of the contract.3 This article provides an overview of the E-Sign Act's consumer compliance requirements.
E-SIGN ACT COMPLIANCE REQUIREMENTS
When businesses are legally required to make information available to a consumer in writing, the information can be delivered electronically as long as there is prior compliance with the E-Sign Act's consumer consent requirements. The requirements, which are discussed below, are fairly detailed to ensure that consumers receive the necessary protections in the electronic information (e.g., Truth in Lending disclosures).
Six-Step Consumer Consent Process
Step 1 - Availability of Paper Delivery or Paper Copies
Before seeking a consumer's consent to use electronic records, institutions must inform the consumer in a clear and conspicuous statement of any right or option to have the record provided in nonelectronic form, the right to withdraw that consent, the consequences of withdrawing consent (including terminating the relationship), and any fees imposed in the event of withdrawal. Institutions must also inform consumers of their right to request a paper copy of an electronic record and whether any fees apply.
Step 2 - Consent Choices
Before seeking a consumer's consent to the use of electronic records, a financial institution must inform the consumer in a clear and conspicuous statement whether consent relates to a particular transaction only or whether consent relates to broader categories of information. Most financial institutions choose a product-by-product consent process.
Step 3 - Consumer Actions
Financial institutions must disclose to consumers the procedures to withdraw consent at a later date and to update the consumer's contact information, such as notifying the financial institution when the consumer's e-mail address changes.
Step 4 - Hardware/Software Requirements
Financial institutions must provide consumers with a statement detailing the hardware and software requirements to access and retain electronic records.
Step 5 - Affirmatively Consent
To ensure a consumer can communicate electronically with the financial institution to which consent has been provided, the E-Sign Act requires that the consumer provide consent electronically "in a manner that reasonably demonstrates that the consumer can access information in the electronic form that will be used to provide the information that is the subject of the consent."4
Step 6 - "After Consent" Disclosure
To ensure continued electronic access, financial institutions must provide consumers with a statement detailing any revised hardware and software requirements for access to and retention of electronic records, and the right to withdraw consent without the imposition of any fees for such withdrawal and without the imposition of any condition or consequence that was not disclosed. After providing this statement, institutions must again obtain consumers' affirmative consent as in Step 5. The procedures in Step 6 must be followed when the changes in hardware and software requirements create a material risk that consumers will not be able to access or retain electronic records.
The most difficult part of the E-Sign Act's rules involves the correct method for consumers to "demonstrate" that they can access the required information electronically (Step 5). To ensure compliance with this requirement, financial institutions are encouraged to develop procedures to ensure they maintain records of the consumer's consent process. A financial institution's failure to obtain consumer consent properly can significantly affect its compliance with consumer laws and regulations such as Regulation E's error resolution procedure. Under Regulation E, the customer generally has 60 days from receiving a periodic statement to claim an error.5 If the statements are sent only electronically and the e-sign consent requirement was not obtained properly, the error period could be extended until a paper statement that includes the error is provided.
RELATIONSHIP OF E-SIGN ACT AND BOARD'S REGULATIONS
In 2007, the Board of Governors of the Federal Reserve System (Board) adopted amendments to five of its regulations (Regulations B, E, M, Z, and DD) providing that certain disclosures may be provided to consumers in electronic form, rather than on paper, without obtaining consent under the E-Sign Act.6 The amendments apply to the situation in which, for example, a consumer accesses an application or advertisement for credit or other financial services on the Internet. The Board stated that it believed that applying the consumer consent provisions in such situations could impose substantial burdens on electronic commerce and make it more difficult for consumers to gather information and shop for credit.
It is important to emphasize that these special provisions apply only to the specific sections of the regulations affected by the amendments (i.e., primarily disclosures affecting applications, solicitations, and advertising). For other disclosures — for example, under Regulation Z, account-opening disclosures, periodic statements, and change-in-terms notices — creditors are required to obtain the consumer's consent, in accordance with the E-Sign Act, to provide such disclosures in electronic form, or else provide disclosures in paper form. Also, the E-Sign Act does not affect the regulatory requirements for the timing, content, and format of consumer notices and disclosures. For example, §226.5a of Regulation Z requires that credit card solicitation and application disclosures of the annual percentage rate for credit card purchase transactions must appear in a tabular format and be in a specified minimum font size. Creditors providing credit card solicitation and application disclosures electronically would still be required to adhere to these requirements.
Record Retention Issues
Retention by Financial Institutions. Under the E-Sign Act, if a financial institution is legally required to maintain copies of a contract or other records of a transaction, the institution may rely on an electronic record of the information that accurately reflects the information in the contract or other record, and that remains accessible to all persons who are legally entitled to access the information in a form that can later be reproduced.7
Retainable Form for Consumers. The Board stated in the Federal Register preamble to the November 2007 final rule that financial institutions satisfy the requirement to provide electronic disclosures in a form that the consumer can retain if the disclosures are provided in a standard electronic format that can be downloaded and saved or printed on a typical home personal computer.8
OTHER CONSUMER LAWS AND REGULATIONS
This article discussed certain E-Sign Act compliance issues in relation to Federal Reserve consumer protection regulations. However, other consumer laws and regulations are also subject to the E-Sign Act and may be silent about electronic communications or may address E-Sign Act compliance through a general reference to the E-Sign Act. It is not necessary for a specific law or regulation to address compliance with the E-Sign Act because the act states that electronic documents and electronic signatures have the same validity as paper documents and handwritten signatures, notwithstanding any statute, regulation, or other rule of law generally. Therefore, documents such as the Department of Housing and Urban Development's HUD-1 and the good faith estimate forms required by the Real Estate Settlement Procedures Act can be provided in electronic formats.
As e-banking becomes increasingly more popular, it is important for financial institutions to become familiar with the requirements of the E-Sign Act. This article provided an overview of the E-Sign Act's general compliance requirements. Specific issues and questions should be raised with the consumer compliance contact at your Reserve Bank or with your primary regulator.