Auditing and Financial Management:

Bank Regulators' Evaluation of Electronic Signature Systems

GAO-01-129R: Published: Nov 8, 2000. Publicly Released: Nov 8, 2000.

Additional Materials:


Richard J. Hillman
(202) 512-3000


Office of Public Affairs
(202) 512-4800

This report discusses bank regulators' evaluation of electronic signature systems. Financial institutions use signature systems to verify or authenticate the identity of customers conducting financial and nonfinancial transactions over the Internet and other open electronic networks. Officials at the Office of the Comptroller of the Currency (OCC) and the Federal Reserve told GAO that they are developing an examination strategy for Identrus LLC, which is an entity that provides services to financial institutions to authenticate electronic signatures. OCCofficials have not determined what role they will play in assessing Identrus' operations, but they believe that financial institutions should take an active role in assessing the risks associated with electronic signatures.

Recommendation for Executive Action

  1. Status: Closed - Implemented

    Comments: In August 2001, the Federal Financial Institutions Examination Council released the guidance "Authentication in an Electronic Banking Environment" which addresses the verification of new customers and the authentication of existing customers. It applies to both retail and commercial customers and provides criteria for an effective authentication program.

    Recommendation: Given that the importance of electronic signature systems is likely to grow, banking regulators need a consistent methodology for assessing the risks and appropriateness of internal controls surrounding such systems. The Chairman, Board of Governors of the Federal Reserve System, and the Comptroller of the Currency, should work through the Federal Financial Institutions Examination Council to develop guidance that includes criteria for evaluating electronic signature systems in order to provide reasonable assurance that electronic signatures generated by the system are valid.

    Agency Affected: Federal Reserve System: Board of Governors


Explore the full database of GAO's Open Recommendations »

Mar 27, 2015

Mar 16, 2015

Feb 27, 2015

Feb 26, 2015

Feb 12, 2015

Dec 23, 2014

Dec 9, 2014

Nov 17, 2014

Looking for more? Browse all our products here