I see the biggest risk in knowing who you sent your card to, that it was sent unactivated, and to understand what is required to activate it.
As Crowman noted, signatures are up to you. If you require them in the branch, ask why. If it is a necessity, how will you mitigate the risks online of having only an e-request? If logon credentials to your IB site are needed, you have some assurance of your customer's ID. If these are new accounts, I'm interested in hearing about your CIP and risk mitigation methods too.
_________________________
AndyZ CRCM
My opinions are not necessarily my employers.
R+R-R=R+R
Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell