On Nov. 17, 2020, the U.S. Securities and Exchange Commission (SEC) announced the adoption of final rules amending Rule 302 of Regulation S-T to permit the use of electronic signatures, along with conforming changes to related rules under the Securities Act, Exchange Act and Investment Company Act as well as the EDGAR Filer Manual.
Key Takeaway: Electronic filers can now establish an “initial attestation” document from signatories, manually signed, that authorizes future uses of electronic signatures on documents filed with the SEC. Once established, the signatory can, subject to verification and other requirements below, authorize electronic signatures to be affixed to filings.
Background: Prior to the amendments discussed in this alert, Rule 302(b) of Regulation S-T required that each signatory to an electronic filing manually sign a signature page or other document (a signature authentication document, commonly referred to as a document with a “conformed” signature) before or at the time of such electronic filing. The purpose was to authenticate, acknowledge or otherwise adopt the signature that appears in typed form within the electronic filing. An electronic filer also was required to retain the “wet ink” signature authentication document with respect to each signatory to the electronic filing for a period of five years and to furnish a copy to the SEC upon request. The SEC has cited failure to maintain such manual signatures as part of broader enforcement.
In March 2020, in light of the public health and safety concerns related to COVID-19, the staff of several SEC divisions (including the Division of Corporation Finance) provided some relief from the “wet ink” signature requirements under Rule 302(b). In April, a group of law firms submitted a petition for rulemaking seeking an amendment to Regulation S-T to permit the use of electronic signatures due to their widespread use in connection with board of directors’ authorizations and important corporate transactions. In June, nearly 100 public companies jointly submitted a letter in support of the rulemaking petition.
In the adoption release for the final rules, the SEC noted that “the authentication document requirement in Rule 302(b) ‘was established to provide a satisfactory means by which signatories could authenticate and adopt their typed signatures appearing on filed documents for evidentiary purposes.’ ” In light of the widespread use of electronic signatures and improvements in electronic signature software technology, the SEC re-evaluated the “wet ink” signature requirement and amended Rule 302(b) to permit electronic signatures that follow certain procedures enumerated below.
Effective Date: The amendments were immediately effective upon publication in the Federal Register, which occurred on Dec. 4, 2020. The SEC chose to forego the notice and comment period as it found there was good cause to make the amendments effective upon publication and stated in the final rules release that signatories and electronic filers should have the option of using electronic signatures in signature authentication documents as soon as practicable.
Signature Requirements Under Amended Rule 302(b): The final rules amended 302(b) to permit a signatory to electronically sign a signature authentication document as long as 1) an initial signature authentication document attesting to the use of the signatory’s electronic signature (initial attestation) is manually signed by the applicable signatory and 2) certain procedures are followed when obtaining an electronic signature for each signature authentication document. The requirements under Rule 302(b) to retain the signature authentication document for an electronic filing for a period of five years and to furnish a copy of the signature authentication document upon request by the SEC remain unchanged. In addition, under new Rule 302(b)(3), manually signed documents, including the initial attestation document and any electronic signature authentication document, may be retained and stored by electronic means. There is no need to retain a physical copy of those documents.
Initial Attestation for an Electronic Signature: To validly sign a signature authentication document electronically, the signatory must first manually sign an initial attestation agreeing that the use of an electronic signature in any authentication document constitutes the legal equivalent of such individual’s manual signature for purposes of authenticating the signature to any filing for which it is provided.
The manually signed initial attestation must be retained by the filer for as long as the signatory may use an electronic signature and for a minimum of seven years after the date of the most recently electronically signed signature authentication document. A copy of the document must be furnished to the SEC upon request. Although the SEC has not stated whether the March 2020 guidance also applies to the “wet ink” signature of the initial attestation, it is possible that the manually signed initial attestation may also be subject to the relief with respect to recordkeeping under Rule 302 as long as the March 2020 guidance remains in effect.
Procedures for Electronic Signatures: Once an initial attestation in compliance with the new rules has been established, electronic signatures must be obtained through a signing process that meets the following requirements:
- The signatory must present a physical, logical or digital credential that authenticates the signatory’s individual identity. The EDGAR Filer Manual defines the term “credential” as “an object or data structure exclusively possessed and controlled by an individual to assert identity and provide for authentication,” which would include a driver’s license, passport, passcode or credential chip on an employer-issued ID badge. Commentators have observed that the email address and identity verification protocols employed by the leading electronic signature transaction management programs would qualify as a “credential” for purposes of the new rules.
- The EDGAR Filer Manual defines the term “credential” as “an object or data structure exclusively possessed and controlled by an individual to assert identity and provide for authentication,” which would include a driver’s license, passport, passcode or credential chip on an employer-issued ID badge.
- Commentators have observed that the email address and identity verification protocols employed by the leading electronic signature transaction management programs would qualify as a “credential” for purposes of the new rules.
- The electronic signature is produced in a manner that reasonably provides for non-repudiation of the signature. According to the EDGAR Filer Manual, “non-repudiation” means assurance that an individual cannot falsely deny having performed a particular action. Most electronic signature platforms combine an electronic signature with public key encryption to provide for non-repudiation by enabling the recipient of the electronic signature to validate the source of the electronic signature with a reasonable degree of accuracy, assuming that the signatory’s account with that platform has not been compromised.
- According to the EDGAR Filer Manual, “non-repudiation” means assurance that an individual cannot falsely deny having performed a particular action.
- Most electronic signature platforms combine an electronic signature with public key encryption to provide for non-repudiation by enabling the recipient of the electronic signature to validate the source of the electronic signature with a reasonable degree of accuracy, assuming that the signatory’s account with that platform has not been compromised.
- The signature must be attached, affixed or otherwise logically associated with the signature page or document being signed.
- A time stamp must be included to record the date and time of the signature. Electronic signature transaction management programs, such as DocuSign and Adobe Sign, generate a time stamp when the document is electronically signed.
- Electronic signature transaction management programs, such as DocuSign and Adobe Sign, generate a time stamp when the document is electronically signed.
These requirements are meant to be technologically neutral and allow for different types and forms of electronic signatures as long as the process for obtaining such electronic signature meets the above requirements. However, commentators expect that many companies will satisfy these requirements with third-party software already in use, such as DocuSign and Adobe Sign.
Consistent with the definition of the term in the Federal Electronic Signatures in Global and National Commerce (E-SIGN) Act, the EDGAR Filer Manual defines “electronic signature” as “an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record.” Given the broad definition of “electronic signature,” some commentators suggest it would be possible for a voice mail or an email to serve as an electronic signature, as long as all the requirements are met under Rule 302(b).
Filings Covered By the Amendment: Electronic signatures are now permitted to be used for registration statements under the Securities Act, as well as reports and other documents filed pursuant to the Exchange Act (e.g., Forms 8-A, 8-K, 10, 10-K and 10-Q, as well as beneficial ownership reports filed pursuant to Section 16 (i.e., Forms 3, 4 and 5) and Sections 13(d) and 13(g) and Schedule TO).
In a separate release, the SEC announced changes to the process of applying for EDGAR access contained in the EDGAR Filer Manual, Volume I. Currently, to obtain EDGAR Access a filer must complete Form ID online and have an authorized signatory sign a printed copy of the online application in the presence of a notary. The amendments to EDGAR Filer Manual, Volume I, which will be effective upon publication in the Federal Register, remove the manual signature requirement for Form ID and permit electronic signatures and electronic notarization of Form ID. The amendments also clarify that the electronic signature requirements of Rule 302 discussed above will not apply to Form ID filings.
Next Steps: Electronic filers who want to utilize the new rules should identify those signatories for documents filed on EDGAR and obtain manually signed initial attestations that comply with the requirements of amended Rule 302(b) from each of those signatories.
A process for obtaining electronic signatures on filing documents should be established that complies with the requirements of amended Rule 302(b). One way to approach this task would be to identify the electronic signature transaction management programs (e.g., DocuSign) that meet these requirements; ensure that all signatories utilizing electronic signatures have an account with at least one of the applicable programs; and ensure that the signature authentication document is delivered to the correct record-keeping function for retention purposes.
Electronic filers who have provided others with signature authority through powers of attorney may want to execute an addendum granting such electronic signature authority and may want to review (and revise, if necessary) their form power of attorney to include the required attestation for electronic signatures.
For additional guidance on the information in this alert, please contact any of the authors, any member of McGuireWoods’ securities compliance team or your primary McGuireWoods contact.
McGuireWoods’ securities and compliance team assists private and public companies in capital-raising efforts through private and public offerings, and assists public companies with their reporting obligations under the Securities Exchange Act of 1934, including Forms 10-K, 10-Q and 8-K, Section 16 reports and DEF 14A (proxy statements), as well as with Regulation FD and Regulation G compliance. We prepare insider-trading policies, develop training programs and assist with other aspects of securities transactions engaged in by company officers, directors and significant security holders, including 10b5-1 plans and Rule 144 compliance.