Auditing and Financial Management:

Bank Regulators' Evaluation of Electronic Signature Systems

GAO-01-129R: Published: Nov 8, 2000. Publicly Released: Nov 8, 2000.

Additional Materials:

Contact:

Richard J. Hillman
(202) 512-3000
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

This report discusses bank regulators' evaluation of electronic signature systems. Financial institutions use signature systems to verify or authenticate the identity of customers conducting financial and nonfinancial transactions over the Internet and other open electronic networks. Officials at the Office of the Comptroller of the Currency (OCC) and the Federal Reserve told GAO that they are developing an examination strategy for Identrus LLC, which is an entity that provides services to financial institutions to authenticate electronic signatures. OCCofficials have not determined what role they will play in assessing Identrus' operations, but they believe that financial institutions should take an active role in assessing the risks associated with electronic signatures.

Recommendation for Executive Action

  1. Status: Closed - Implemented

    Comments: In August 2001, the Federal Financial Institutions Examination Council released the guidance "Authentication in an Electronic Banking Environment" which addresses the verification of new customers and the authentication of existing customers. It applies to both retail and commercial customers and provides criteria for an effective authentication program.

    Recommendation: Given that the importance of electronic signature systems is likely to grow, banking regulators need a consistent methodology for assessing the risks and appropriateness of internal controls surrounding such systems. The Chairman, Board of Governors of the Federal Reserve System, and the Comptroller of the Currency, should work through the Federal Financial Institutions Examination Council to develop guidance that includes criteria for evaluating electronic signature systems in order to provide reasonable assurance that electronic signatures generated by the system are valid.

    Agency Affected: Federal Reserve System: Board of Governors

 

Explore the full database of GAO's Open Recommendations »

Sep 22, 2014

Jul 9, 2014

Jun 19, 2014

May 30, 2014

May 15, 2014

May 13, 2014

May 12, 2014

May 2, 2014

Mar 27, 2014

Looking for more? Browse all our products here