SEC Modernizes Filing Signature Requirements by Permitting Electronic Signatures

On March 29, 2020, we reported on the SEC’s COVID-19 relief from its manual signature requirements for SEC filings. In that blog entry, we observed that, entirely aside from the pandemic emergency, the requirement in Rule 302(b) of the SEC’s Regulation S-T for original ‘wet ink’ signatures to SEC filings seemed somewhat dated in view of the proliferation of electronic signatures in business, including web-based digital signature software like DocuSign, Adobe Sign and others (as well as ‘board portal’ software that integrates digital signatures). Subsequently, in April 2020, the SEC received a rulemaking petition similarly urging the SEC to adopt electronic signatures as a valid method of signing SEC filings. In June 2020, nearly 100 public companies jointly submitted a letter in support of the rulemaking petition.

On November 17, 2020, the SEC adopted final rules (foregoing the normal proposed rule/notice-and-comment process) adopting electronic signatures for SEC filings, albeit with some procedural requirements summarized below. The rules will be effective as soon as they are published in the Federal Register, but the Staff has published guidance stating that they won’t recommend enforcement action if companies start relying on the new rules immediately.

The requirements for a valid electronic signature set forth in the EDGAR Filer Manual will specify that, when a signatory signs with an electronic signature, the signing process must:

  • Require the signatory to present a physical, logical or digital “credential” that authenticates the signatory’s individual identity—presumably, using one’s login credentials for web-based digital signature software will qualify;

  • Reasonably provide for “non-repudiation” of the signature—meaning that there are precautions against the signer falsely denying having signed;

  • Provide that the signature be attached, affixed, or otherwise logically associated with the signature page or document being signed; and

  • Include a timestamp to record the date and time of the signature.

One important caveat—before the company can rely on the electronic signature alternative, the signer must manually sign an initial document attesting that, when using electronic signatures, the signatory agrees that the use of such electronic signature constitutes the legal equivalent of such individual’s manual signature for purposes of authenticating the signature to any filing for which it is provided. So before companies can use electronic signatures, they will need to obtain at least one last manual signature. This document must be retained for at least seven years after the signer’s last electronically signed SEC filing.

The procedures may have a few more hoops for companies and signers to jump through than electronic signatures in other contexts. For example: if a signer receives an email invitation to sign a document through web-based digital signature software, but is not required to either establish an account with the digital signature provider or sign in to their existing account in order to sign, has the signer presented the SEC-required “credential” authenticating their individual identity? (In this regard, we note that it is our understanding that at least some web-based digital signature providers have security settings that can, among other things, require signers to login to or establish accounts before signing a document.)

Companies need to retain the electronic signatures for the same five years that manual signatures must currently be retained. Electronic signatures are not required—you can still do it the old-fashioned way (by obtaining manual signatures).

Actions for companies to take now: (1) Obtain the manually signed attestation from your directors and officers authorizing electronic signatures (contact us for a form); and (2) consider whether any digital signature platforms you are currently using comply with the SEC’s procedural requirements. We are available to consult of course.




Latest Thinking

View more Insights
Insights Center
Knowledge assets are defined in the study as confidential information critical to the development, performance and marketing of a company’s core business, other than personal information that would trigger notice requirements under law. For example,
The new study shows dramatic increases in threats and awareness of threats to these “crown jewels,” as well as dramatic improvements in addressing those threats by the highest performing organizations. Awareness of the risk to knowledge assets increased as more respondents acknowledged that their