You're looking at this the wrong way. Focus on risk. ESIGN poses no risk because it is optional and entirely permissive. The actual risk comes from the OTHER laws and regulations that require you to deliver documents, disclose certain information, deliver copies of appraisals, etc. In the case you describe, those "other laws/regs" include Regs. B and Z, and RESPA. In order to determine if your bank is at risk of civil and criminal penalties and liability, you must determine 1) what these "other laws/regs" require, and 2) whether you have done it.
What constitutes a "commercial loan officer" can vary, but to simplify this analysis, let's say that these bank employees handle nothing but the banking needs of business organizations (down to and including sole proprietorships and DBAs.) As you know, federal banking laws/regs have very little control over commercial transactions and services. There can be risk of legal penalties when there is coverage, but not when the transactions, services, and relationships are exempt from the "other law/reg" in question.
Must your current practices be changed in order to avoid penalties? To answer that question, you must first catalog the types of documents, disclosures, appraisals, and other items that are being emailed. Next, you must determine which (if any) of the items on your list are covered by one or more of the "other laws/regs." (If none are covered, there can be no penalty risk and your current practices require no change.) Next, you must determine that any covered item is being handled in full compliance with the "other law/reg" that required the item. This is where ESIGN can become an issue.
When an "other law/reg" requires you to deliver something (such as a document, disclosure, or appraisal) "in writing," you have two choices. Delivery on paper always counts. Delivery in electronic form can count, but only if you obtain the customer's consent in the ESIGN-prescribed manner. When you are dealing with consumers, the prescribed manner is very specific--but when you are dealing with non-consumers, ESIGN is silent.
The entire purpose of getting your customer's ESIGN-enabled consent is to satisfy the part of the Reg. B, Reg. Z, or RESPA requirement that a document or disclosure delivery must be "in writing." If your commercial loan officers are not trying to email "covered" items, then there's no blood & no foul!
_________________________
...gone fishing.