The introduction of the electronic signature represents an important step towards a fully digitalised customer-bank relationship. It enables legally valid signatures from both sides without the customer having to visit the bank branch or sending papers back and forth.
The legal basis for electronic signatures in Switzerland is regulated by ZertES. Three of the signature standards defined therein are relevant for relationships between banks and natural persons: the simple (EES), the advanced (FES) and the qualified electronic signature (QES).
The facsimile signature (reproduction of a handwritten signature, e.g., by means of a digital image) can also be interesting for banks, for example, in communication with clients, but does not correspond to any of these standards. The main distinguishing features of the standards are the required identification of the client and their applicability for signing contracts with a writing requirement, whereby according to the CO only the QES is legally equivalent to a handwritten signature.
Most banks operating in Switzerland use the FES for digital customer opening, i.e., not the highest possible standard. FES is also preferred for supplier contracts that do not exceed a certain order volume. In this blog post, we explain why.
Only a Few Contracts Require The QES
The majority of contracts that exist between the customer and the bank do not have to be concluded in writing from a legal point of view. For instance, the opening of a banking relationship or the withdrawal of cash may in principle be confirmed orally. Even credit card contracts are legally valid with a verbal commitment, as long as no repayment in instalments, the so-called partial repayment option, is provided for. With a partial repayment option, the credit card contract falls under the Consumer Credit Act, which requires the contract to be concluded in writing.
Although a large part of the relevant contracts could be sealed orally according to the law, in today’s practice a handwritten signature is required for almost all bank contracts. This is primarily due to the fact that the banks are imposing stricter compliance guidelines on themselves in order to be able to parry claims more easily in possible lawsuits and that until now there has been no secure alternative to the handwritten signature. The switch to electronic signatures provides the banks with an ideal opportunity to adapt their guidelines and no longer automatically demand the highest possible standard everywhere.
What Makes a Secure Signature?
The properties of a secure signature can be summarised as follows: The signature is exclusively assigned to the holder who has been identified in advance, and subsequent changes to the document are recognisable. The latter property is not fulfilled by a handwritten signature. Furthermore, a secure electronic signature is generated by means under the sole control of the holder. This is typically achieved in the signature process via a one-time SMS password or by scanning a QR code.
Besides the QES, and according to ZertES, the FES must also fulfil all these criteria. Whether these are fulfilled or were fulfilled at the time of the signature can also be determined retrospectively. This ensures that the evidential value of an electronic signature is also guaranteed in the future.
The identification of the signatory is a decisive point in the security considerations. For a QES, identification must always take place on site, but for financial intermediaries the Ordinance on the ZertES also allows identification by video call. For an FES, the requirements are less restrictive; online identification is sufficient here.
Online Identification: Anytime, Fast, Automatic, Affordable
Compared to video identification, which has to be carried out in real time by a trained employee, online identification can be carried out fully automated. A so-called liveness check ensures that the person on the other side is a real person. Due to the automation, online identification is not only cheaper and several minutes faster than video identification, but can also be carried out at any time, whereas identification by video can in practice only be offered during extended business hours. Thus, video identification is at a disadvantage in decisive points, which is why online identification is the better option for both the bank and the customer in many ways.
An FES is Less Expensive Than a QES
Another difference in the two-signature standards FES and QES are the certificate providers, also called trust providers. While any trust provider can provide the certificates for FES, the certificates for QES in Switzerland may only be issued by a trust provider accredited by KPMG. The process (such as a digital contract signature) in which a QES is signed must also be subjected to an external audit.
Due to the increased security requirements for qualified certificates, as well as the additionally required qualified time stamp, which must also be provided by an accredited trust provider for a QES, the costs for a QES are higher than those for an FES by a factor of approximately 2. In addition, the costs for video identification are higher than for online identification, as are the costs for auditing the signature process.
The Opening Process Mitigates The Potential for Fraud, Not The Signature
In digital customer opening, a bank needs a clear concept of how it intends to counter the potential for fraud. This risk is primarily mitigated by the opening process and not by the signature standard. The structure of the entire process with the data query, the security networks, and the subsequent monitoring (e.g., AML) is responsible for minimising the potential for fraud. Whether the signature is ultimately signed with FES or QES has an influence on the evidential value of the signature, but this does not additionally increase or reduce the risk of fraud.
Looking Towards The Future: Will The Introduction of The EID Change Everything?
There is hope that in a few years, QES will also be possible without video identification. The EID, which allows bank customers to identify themselves sufficiently for QES, offers a hand for this. The introduction of the EID, however, has moved a little further away after the people’s “no” vote. Even after its introduction, it will still take a few years until this form of identification has reached a good level of acceptance among the Swiss population.
Hence, Swiss banks are currently well advised to rely on the most customer-friendly method for digitally signing contracts. The success of the Neo-Banks shows that the customer experience during the opening process plays a decisive role in winning new customers. The FES as a signature standard together with online identification makes this positive experience possible and will therefore probably remain the preferred option over QES for several years to come.
Topic Responsibility
