Thread Options
#1451501 - 10/04/10 11:47 PM eStatements Consent
Zuki Offline
New Poster
Zuki
Joined: Jul 2009
Posts: 13
Pacific Northwest
Is there a regulatory requirement to maintain evidence of each customer's consent to sign up for eStatements? I'm thinking that evidence of the process we use to obtain demonstrable consent should be adequate...

Return to Top
eBanking / Technology
#1452106 - 10/06/10 12:03 PM Re: eStatements Consent [Re: Zuki]
Richard Insley Offline
Power Poster
Richard Insley
Joined: Oct 2000
Posts: 9,761
Toano, VA
There's no ESIGN regulatory requirement (because ESIGN prohibits implementing regulations) and the ESIGN Act is silent about record retention. That's never given me any comfort. How would you defend against consumer "I never consented to tree-free delivery of my Reg. E disclosures" claims?

Section 205.13(b) of Reg. E states that "Any person subject to the act and this part shall retain evidence of compliance with the requirements imposed by the act and this part for a period of not less than two years from the date disclosures are required to be made or action is required to be taken."

Section 205.4(a)(1) states that "Disclosures required under this part shall be clear and readily understandable, in writing, and in a form the consumer may keep. The disclosures required by this part may be provided to the consumer in electronic form, subject to compliance with the consumer consent and other applicable provisions of the Electronic Signatures in Global and National Commerce Act (E-Sign Act)."

Taken together, these provisions of Reg. E clearly require you to maintain evidence that you have provided all Reg. E disclosures "in writing." ESIGN outlines the procedure you must follow in order for your e-delivered documents to have the same legal effect as documents printed on paper.

You can easily show a sample of the pre-consent disclosures (hardware, software, how-it-works, etc.), but what kind of evidence will prove that each e-delivery customer took and passed your opt-in "test?"

There's not much you can capture and retain, but I'd feel more comfortable if I had:
1. screenshots of all the steps in your disclosure/consent process.
2. date and time each e-deliveree opted in.
3. email address provided by the customer.
4. PIN or other key the consumer used to demonstrate technological capability to use your system. If your "test" involves unique opt-in PINs, this creates better evidence than a one-size-fits-all code word or number.
_________________________
...gone fishing.

Return to Top
#1452372 - 10/06/10 04:40 PM Re: eStatements Consent [Re: Richard Insley]
Zuki Offline
New Poster
Zuki
Joined: Jul 2009
Posts: 13
Pacific Northwest
Thank you for your comprehensive response, it is very helpful!

Return to Top

Moderated by:  Andy_Z