Electronic Signatures In Singapore: What Businesses Need To Know

Individuals, companies, and other organizations increasingly use electronic signatures, or e-signatures, to sign contracts and complete other transactions in Singapore.

While e-signatures have been gaining popularity for years, their usage has exploded due to COVID-19, as many companies have shifted to remote or hybrid work models and conduct most of their business electronically.

Due to cybersecurity concerns and the potential for forgery, the Singaporean government has specific regulations governing the use of e-signatures. Considering the growing ubiquity of e-signatures, the government updated its regulations in March 2021 to align with international best practices.

In this article, we look at how Singapore regulates e-signatures, and what steps companies should take when using them to complete contracts.

What Constitutes An E-signature?

One of the most important laws regulating e-signatures in Singapore is the Electronic Transactions Act (Cap. 88) (the “Act”). Singaporean authorities first enacted the Act in 1998 to provide a legal foundation for electronic transactions and create an environment promoting their use.

According to Singapore’s Infocomm Media Development Authority (IDMA), an e-signature is “An acknowledgment provided in an electronic format that a business can use to demonstrate the intention of a party (for example, acceptance) and that can electronically be used to authenticate the party involved.”

An e-signature can take several forms. Per the IDMA, these include:

• Pasting a digitized image of a manuscript signature;
• Signing using a stylus or finger on a touch screen;
• Ticking a check box or clicking ‘I accept’ on an online form; and
• Selecting an option in an electronic signature software.

This list of e-signature formats is not exhaustive, and other forms may be accepted, such as a scanned copy of a page signed with ink.

The IDMA also notes recognized e-signature software, though their use does not automatically make an e-signature valid, and users are free to use other software. Examples provided by the IDMA include Adobe Sign, DocuSign, GlobalSign, MiSign, and Netrust.

What Is A Secure Electronic Signature?

Companies should take into account that Singaporean authorities differentiate between an “electronic signature” and a “secure electronic signature”.

According to the Act, to be considered a “secure electronic signature”, the signature must be protected by a unique certificate from a trusted service provider and meet various other requirements.

Standard e-signatures must meet the following conditions to be valid:

• Have reliable assurance about the integrity of information in the electronic record, from the time of its creation to its final form;
• Displayable to a person when the electronic record is being provided to them; and
• Compliant with additional electronic records requirements in accordance with the relevant supervising or regulatory agency.

Secure e-signatures, in contrast, need to meet additional requirements. Such signatures must be able to verify that they are:

• Unique to the signatory;
• Capable of identifying the signatory;
• Created in a manner under the sole control of the signatory; and
• Linked to an electronic record that would invalidate the signature if altered.

In addition to these requirements, secure e-signatures must meet certain standards when applied to electronic records like a certificate or document:

• The signature must be created during the operational period of a valid certificate and verifiable by reference to the public key listed in the certificate; and
• The certificate must be trustworthy, meaning it was issued by an accredited certification authority, a recognized certification authority, or a public agency approved to act as a certification authority or the parties to signing expressly agreed to use an e-signature verified by reference to the signatory’s public key.

Both standard and secure e-signatures are enforceable by law, but the latter carries the same presumption of enforceability as a “wet ink” signature in legal proceedings.

To facilitate the use of secure e-signatures, in November 2020, the Singaporean government launched the “Sign with SingPass” feature. This feature, which is available in a mobile app, allows users to sign documents electronically through a government-created system that meets the standards of a secure e-signature.

What Transactions Can Be Completed With An E-signature?

The Act and other relevant regulations enable the use of e-signatures for almost all business transactions, making no difference with traditional “wet ink” signatures. This includes signatures for sales, procurement and sourcing, human resources, and finance and accounts.

Authorities amended the Act most recently in March 2021 to keep it up to date with international best practices, by considering developments in technology and international trade laws. This update incorporated the UNCITRAL Model Law on Electronic Transferable Records (MLETR), which allows for the use of electronic bills of lading for import-export procedures.

E-signatures cannot be used for a limited number of documents and transactions, such as wills, several real-estate documents, and declarations of trusts, and powers of attorney, among others.

Digitizing Singapore’s Business Environment

Singapore’s government has consciously created a business environment that seeks to seamlessly integrate digital processes with minimal red tape. The government’s regulation of e-signatures falls in line with this priority, creating a legal environment that encourages the use of electronic transactions. These policies are part of the government’s larger National Digital Identity Smart Nation initiative, which aims to build an ecosystem of trusted digital identification for businesses, individuals, and other entities.

Although e-signatures are readily usable in Singapore, businesses should take measures to ensure they are used properly and securely. This includes security measures to prevent outside actors from accessing copies of e-signatures, as well as internal controls to prevent employees from misusing other employees’ e-signatures. Moreover, businesses should take steps to create records of electronically signed forms in the event a digital form is altered by another entity.