All eSignatures aren’t Equal: Interview with a Legal Expert

The eSign team was delighted to host our first webinar, featuring corporate legal expert Jayne Croft, a Senior Associate at Glenville Walker, and Luke Garrett, eSign’s Director of Product.

Jayne has over 10 years of experience in corporate law, with strong experience in start-up companies to multimillion-turnover companies, both in the UK and internationally. Her experience spans various industries from professional services, finance, education, to distribution and technology. 

During the session, we explored some key topics:

• Differences between Simple, Advanced and Qualified eSignatures
• Important regulations and compliance considerations
• Recommended use cases for each eSignature type
• Legal risks of a signature being challenged
• The importance of UK-based data storage

Jayne and Luke tackled the dynamic Q&A session, discussing some of the most common questions we get asked as an electronic signature provider. 

What are the UK e-signature regulations?

Jayne: The main regulation to be aware of is the EU legislation eIDAS, which stands for Electronic Identification, Authentication and Trust Services. The UK adopted an equivalent version of this post-Brexit. eIDAS recognises 3 types of signatures: Simple, Advanced, and Qualified. The Electronic Communications Act 2000 is also relevant to the use of e-signatures.

Types of e-signatures explained

Luke: Simple electronic signatures (SES) are basic, such as a tick box or typed name, and offer minimal verification or audit trails, making them less secure.

Advanced electronic signatures (AES) are more secure, meeting criteria like being uniquely linked to the signer, able to verify identity, created securely, and encrypted to detect tampering. These are better suited for important or high-risk documents.

Qualified electronic signatures (QES) are the most secure and legally recognised, requiring identity verification by a trusted authority. They’re considered the legal equivalent of handwritten signatures in the UK and EU.

Many providers only offer simple signatures by default, so it’s essential to check what you’re using. Advanced or qualified options may come at an extra cost with some providers.

eSign’s Buyer’s Guide helps organisations understand which type of signature they need and why, supporting a more informed procurement process.

Real-world examples for each signature type

Jayne: Simple signatures should only be used for low-risk, internal documents or low-value B2B contracts.

For higher-risk transactions, it’s best to use at least an advanced, or even a qualified signature to ensure clear proof of identity.

Use advanced or qualified signatures when:

• You’re in a regulated industry (e.g. financial services) and need a solid audit trail

• Signing loan agreements or financial documents

• Dealing across jurisdictions, where simple signatures may not be recognised

• Handling property transactions, where QES is required (e.g. under Practice Guide 82 for the Land Registry)

When shouldn’t an e-signature be used?

Jayne: Certain documents, as it stands at the moment, can’t be executed in that way with an eSignature; an example of this is a will, which still requires a wet ink signature for a witness. That may change in the future, it’s always being looked at, but as it stands, wills are the main ones, and also certain powers of attorney. The last one is banks, so if you’re getting any bank funding for anything, sometimes the bank will still ask for a wet ink signature.

Why should e-signature data be stored in the UK?

Jayne: GDPR compliance is essential, and some sectors, like the NHS or financial services, also require data to be stored within the UK due to specific regulations and audits.

Storing data locally is a commercial benefit, as clients often prefer it. However, storing data abroad (e.g. in the U.S.) can raise legal jurisdiction issues due to laws like the Cloud Act, which differ from GDPR.

Even if your data is UK-based, security isn’t guaranteed. Your eSignature provider should still have strong encryption, access controls, and clear data processing agreements in place.

What makes an e-signature legal in a contract dispute?

Jayne: There are quite a few things we would look for in this scenario:

1. Intention to sign, did the signer intend to authenticate the document? e.g clicking I agree, typing their name in, or using a platform like eSign
2. Agreement between the parties – e.g is there an email trail? Prior use of a platform or specific clause in the contract that says the document can be executed electronically
3. ID of signatory – email records, IP address, 2-factor authentication.

The stronger the ID verification, the harder it is to challenge the signature – that’s why the advanced and qualified methods are preferred over SES.

What happens if a signature is challenged?

Jayne: The main thing is that the court could decide that the document is unenforceable and declare the whole contract void. This is problematic in a larger deal with various documents, as it could unravel the whole transaction. Particularly if the contract involves payment of money, such as a loan agreement, you might never get that money back. 

Where the allegation is of forged signatures, this can escalate into fraud and then injunction/damages territory, which will be expensive and could affect the reputation of the business. As well as being expensive, litigation takes you away from the day-to-day running of the business and could affect other contracts and regulatory approval in those sectors where it is needed.

Considerations when procuring an e-signature solution

Luke: Before choosing an electronic signature solution, it’s essential to understand your specific needs, what you’re looking for, why you need it, where it will be used in your business, and how you want it to function. This could range from a standalone web app to something fully integrated into your systems or tailored for certain processes.

You should also consider your broader goals. Are you aiming to streamline workflows, support remote collaboration, reduce paper-related costs, or assess the cost difference between digital solutions?

As Jayne mentioned, compliance is critical. Depending on your industry and jurisdiction, there may be legal and regulatory requirements you must follow during procurement. These are important discussions to have with any potential vendor.

Jayne: As users of eSign ourselves, it’s important to assess the risk level associated with the signatures you’re using, rather than focusing solely on your industry.

For instance, property transfers carry higher legal risks, so you may require advanced electronic signatures that comply with specific regulations, like Practice Guide 82, which makes such signatures legally acceptable in certain scenarios. If that’s what you need, it’s essential to confirm that your eSignature provider can support those specific requirements.

Thanks to Jayne and Luke for taking the time to answer some key questions around e-signature legality. If you have any specific questions around this topic or want to discuss your e-signature requirements with eSign, don’t hesitate to contact us today.