Legal Technology Issues in Electronic Records and Signatures

1
Legal Technology Issues in Electronic Records and
Signatures

• A Mortgage Lenders Perspective on Implementing
  an eMortgage Strategy

2
ESIGN and UETA

• Overlay statutes
• UETA enacted in 48 jurisdictions
• ESIGN and UETA provide solid bases to go
  electronic

3
Federal Preemption

• ESIGN Section 102
• States may modify, limit or supercede ESIGN
  (Section 101) only if state adopts UETA or state
  alternative consistent with ESIGN
• Which Law Applies?
• ESIGN or UETA or both
• Georgia, New York, Illinois, Washington
• California

4
Regulatory Authority

• ESIGN Section 104
• Filing and access
• Authority to interpret ESIGN and UETA
• Limitations
• Performance Standards
• Accuracy,
• Record Integrity, and
• Accessibility
• Retain Paper or Printed form if compelling
  governmental interest relating to law enforcement
  or national security

5
Regulations

• Federal Reserve Board Interim Rules on Electronic
  Communications
• OCC Bulletins on Consumer Disclosures and Record
  Retention
•  
• FFIEC Guidance on Authentication in Online
  Environments

6
Case Law

• Courts have concluded that electronic
  transactions satisfy writing requirements.
• Writings are not limited to ink on paper.
• Signature is a symbol or process coupled with the
  intent of the party to sign the writing.
• Electronic records can be originals and
  printouts are admissible into evidence.

7
Case Law (Continued)

• Significant cases to date
• Arizona Cartridge Remanufacturers Assn Inc. v.
  Lexmark Intl Inc., No. 03-16987 (9th cir. Aug.
  30, 2005)
• Bazak Intl Corp. v. Tarrant Apparel Group,
  S.D.N.Y., No. 04 Civ. 03653 (July 18, 2005) 
• Briceno v. Sprint Spectrum, d/b/a Sprint PCS,
  Fla. Dist. Ct. App., 3d Dist., No. 3D05-144
  (August 30, 2005)
• International Casings Group, Inc. v. Premium
  Standard Farms, Inc., 358 F. Supp. 2d 863 (W.D.
  Mo. 2005) 
• PFT Roberson, Inc. v. Volvo Trucks North America,
  Inc., Nos. 04-3100, 04-3232, 04-3841 and 04-3877
  (7th Cir. September 19, 2005)
• Estate of Engelhardt, 2004 WL 345941 (Ohio Prob.
  Ct. 2004) 
• Haire v. Florida Dept. of Agriculture and
  Consumer Services, 2004 WL 252015 (Fla. 2004)
• Register.com, Inc. v. Verio, Inc.,  356 F.3d 393
  (2d Cir. 2004)
• In re Cafeteria Operators, L.P., 299 B.R. 411
  (N.D. Texas 2003)
• DeJohn v. The .TV Corporation Intl, 245
  F.Supp.2d (C.D.Ill. 2003)
• Medical Self Care, Inc. v. National Broadcasting
  Company, 2003 WL 1622181 (S.D.N.Y. 2003)
• Nomura Securities International, Inc. v. ETrade
  Securities, Inc., 280 F.Supp.2d 184 (S.D.N.Y.
  2003)
• Piranha Inc. v. Newhouse, 83 Fed. Appx. 19, 2003
  WL 22922263 (5th Cir. 2003)
• Roger Edwards, LLC v. Fiddes Son, Ltd., 2003 WL
  342993 (D.Me. 2003)
• SmartText Corp. v. Interland, Inc., 296 F.Supp.2d
  1257 (D.Kan. 2003)
• Zubulake v. UBS Warburg LLC, 217 F.R.D. 309
  (S.D.N.Y. 2003)
• Wells Fargo Co. v.WhenU.com, Inc., 293
  F.Supp.2d 734 (E.D.Mich. 2003)
• Cloud Corp. v. Hasbro, Inc., 314 F.3d 289 (7th
  Cir. 2002)

8
Legal Issues to Consider

• Consumer Consent
• Effective Delivery of Disclosures
• Record Integrity

9
SPeRS (Standards and Procedures for Electronic
Records and Signatures)

• What is it?
• What kind of issues does it cover?
• How do I use it?

10
Introduction

• ESIGN and UETA make it possible to present
  information and sign agreements and other
  documents electronically in circumstances where a
  paper document and a wet signature would have
  been required.
• Design of systems for presenting disclosures or
  signing electronic records requires understanding
  of the interaction between electronic processes
  and legal requirements.
• ESIGN and UETA are self-effectuating that is, no
  regulations are needed in order to use ESIGN or
  UETA to present or sign records.

11
Introduction (Cont.)

• Tension between letting the market develop and
  the need for a clear path forward.
• SPeRS was created to fill that gap.

12
What is SPeRS?

• SPeRS is
• A cross-industry initiative to establish commonly
  understood rules of the road available to all
  parties seeking to take advantage of the powers
  conferred by ESIGN and UETA.
• Founded on the proposition that much of the time
  and effort being invested by companies
  re-inventing the wheel could be avoided if
  cross-industry standards for these elements of
  electronic transactions could be established.

13
What is SPeRS? (Cont.)

• Focused on the behavioral and legal aspects of
  the interaction between parties to the
  transaction, not on technology. SPeRS is
  intended to be technology neutral.
• Standards are not necessarily legal minimums, but
  implementing the standards should enhance
  reliability and sufficiency.

14
The SPeRS Objectives

• SPeRS will
• Permit businesses to establish a common
  understanding with vendors concerning design
  parameters for routine functions, without having
  to develop detailed custom specifications,
• Assist in establishing industry standards for
  commercially reasonable, enforceable structures
  and processes, and
• Provide the customer with a common experience
  across various online transactions, increasing
  the customers comfort level with the
  transactions.

15
System Design Team Concept

• Standards make repeated reference to the System
  Design Team.
• Core principle of group effort.
• System Design Team should be composed of
  personnel from variety of disciplines
• IT
• Corporate Security
• Product Development
• Marketing
• Compliance
• Legal
• SPeRS designed to help make nexus between legal
  process and legal requirements.

16
The SPeRS Structure

• SPeRS is divided into five sections
• Authentication
• Consent
• Agreements, Notices and Disclosures
• Electronic Signatures
• Record Retention
• Each section is composed of an Introduction and
  Outline and a series of Standards with supporting
  materials.

17
The SPeRS Structure (Cont.)

• Introduction and Outline
• Purpose to help orient the system design team
  to the subject covered and its relevance to
  system design.
• Standards and Principles
• Purpose high-level guidance reflecting
  important design parameters.
• Standard is accompanied by statement of
  underlying principle.

18
The SPeRS Structure (Cont.)

• Considerations
• Purpose raise a series of questions, with the
  answers impacting the system design.
• Checklists and Examples
• Purpose detailed, step-by-step guidance and
  assistance for implementing the standards.
• Commentary
• Purpose legal and other support for standards.

19
SPeRS Methodology

• Designed to assist with identification of issues
  related to legal sufficiency.
• Designed to assist with weighing options and
  strategies.
• Intended to prompt questions and systematically
  construct answers.

20
SPeRS Methodology (Cont.)

• Consult SPeRS at the beginning of design cycle
• Identify appropriate members of design team
• Review 30 high-level standards
• For each standard that applies review, identify
  issues, resolve
• Document process

21
Electronic Documents Hot Topics

• Standardization (SISAC)
• Risk Management
• Electronic Discovery

22
Standardization (SISAC)

• Security Identity Services Accreditation
  Corporation
• Goals
• History and Development
• Current Status

23
Security Identity Services Accreditation
Corporation

• Components Based on minimum standards for four
  major components of identity management solution
• Public Key Infrastructure (Identification
  Authentication)
• Issuance
• Validation
• Publication

24
Security Identity Services Accreditation
Corporation

• Components (continued)
• SISAC accreditation certificate
• Federal PKI standards
• Error and Omissions insurance requirement for
  AIAs
• Certificate of Policy Requirements Document (CPRD)

25
Security Identity Services Accreditation
Corporation

• Implementation of SISAC
• Mortgage industry must drive standardization
• Signs of industry acceptance
• MISMO and MERS
• Fannie Mae
• Navy Federal

26
Risk Management

• Cautionary Tales
• LexisNexis
• ChoicePoint
• Microsoft
• FTCs threatened 2.2 trillion fine for security
  flaws

27
Risk Management

• Current Approaches to Security
• Applications with fewer security holes
• Patches
• General security countermeasures
• Firewalls
• Encryption
• Virus protection

28
Risk Management

• Traditional Insurance
• Exclusions
• Tangible vs. Intangible Property
• Accidental vs. Non-Accidental Loss
• Physical Damage vs. Economic Loss
• Impaired Property

29
Risk Management

• Cyber-Insurance
• Scope (non-exhaustive list of available insurance
  policies)
• Security breaches of websites
• Cyber-extortion
• Business interruption
• Cyber-crime
• Asset protection
• Income protection
• Electronic media liability
• ID theft coverage
• Crisis management
• Liability insurance for financial institutions
• Cost
• Availability

30
Electronic Discovery

• Respondents required to obtain or translate
  information through detection devices into
  reasonably usable form. Fed. R. Civ. P. 34(a)
• Must be reasonably accessible. Fed. R. Civ. P.
  26(b)(2) (Proposed)

31
Electronic Discovery

• Preservation Duty (Zubulake v. UBS, 229 F.R.D.
  422 (S.D.N.Y. 2004) (Zubulake V)
• Scope
• Duty to locate materials (litigation hold)
• Duty to monitor and supplement
• Duty to present information in appropriate form

32
Electronic Discovery

• Sanctions
• Entry of judgment (Computer Task Group, Inc. v.
  Brotby, 364 F.3d 1112 (9th Cir. 2004)
  Metropolitan Opera, Inc. v. Local 100, Hotel
  Employees Restaurant Employees Intl Union,
  212 F.R.D. 178 (S.D.N.Y. 2003))
• Adverse inference (Zubulake V)
• Monetary sanctions (U.S. v. Philip Morris USA,
  Inc., 327 F. Supp. 2d 21 (D.D.C. 2004)

33
Electronic Discovery

• Document Retention Plan In-House Counsel
• Formal document retention policy regarding the
  saving and destroying of documents
• Litigation preparedness
• IT department relationship
• 30(b)(6) deposition witness
• Document destruction and back-up tape recycling
• Data storage and retrieval

34
Electronic Discovery

• Document Retention Plan Outside Counsel
• Duties to preserve and produce in regards to
  electronic media
• Familiarity with client information systems
• Minimizing disruption of client operations
• IT department relationship

35
Now That You Have Some Background

• Is it possible to have a fully implemented
  eMortgage?
• What does a lender need to think about before
  implementing an eMortgage strategy?

36
Current eMortgage Legal Infrastructure

• ESIGN and UETA authorize electronic records and
  signatures.
• Uniform Real Property Electronic Recordation Act
  (URPERA) and other state laws authorize
  electronic recording by county clerks and
  recorders.
• These laws allow notaries to use electronic
  signatures for notarization.
• Federal Financial Institution Examination
  Committees (FFIEC) Guidance on Authentication in
  an Internet Banking Environment.
• Federal Reserve Boards (FRB) Interim Final Rules
  on the Electronic Delivery of Disclosures.
• Comptroller of the Currencys (OCC) Advisory
  Letters on Electronic Consumer Disclosures and
  Notices and on Electronic Record Keeping.

37
Current eMortgage Infrastructure

• Most lenders are doing at least one phase of an
  eMortgage transaction.
• Electronic applications.
• Electronic delivery of disclosures and other
  mortgage documents (i.e., appraisals).
• Electronic document retention (imaging).
• Electronic recording in certain counties.
• MERS eRegistry is actively tracking the ownership
  interests and transfer of those interests in
  eNotes.
• Fannie Mae is buying eMortgages and retaining
  eNotes in their eVault.
• Freddie Mac will be releasing an eMortgage
  Handbook.
• MISMO data and document format standards.
• SPeRS Electronic signature and records
  guidelines.
• Vendors Signatures, notarizations,
  authentication systems, SMARTDocs, eVaults or
  electronic document management systems,
  recording, etc.

38
Do a Pilot Project

• Determine what are your goals for going to
  eMortgages.
• Reduce paper.
• Reduce costs of delivery and handling of paper.
• Support lights out processing and quality
  control.
• Improve customer experience.
• Advantages of doing a pilot project.
• Opportunity for informed risk assessment.
• Opportunity to correct problems or improve
  processes.
• More control over expenses.
• Opportunity to change your mind.

39
Create Your eMortgage Team

• As SPeRS recommends, your System Design Team
  should include
• Information technology
• Corporate security
• Product development
• Marketing
• Human Resources
• Compliance and
• Legal.
• If your eMortgage pilot project includes eNotes
  that you intend to sell or securitize on the
  secondary market, you may want to discuss your
  plans with your investors (e.g., Fannie Mae,
  Freddie Mac, etc.).
• Set up any necessary interfaces with MERS.
• You may need the expertise from representatives
  in your origination, warehouse lending,
  secondary, and document custodian departments or
  vendors.

40
Scope Out Your Pilot Project

• Determine what channel.
• Correspondent channel.
• More risk offset available.
• Less control over origination of eMortgages.
• Retail channel.
• More risk exposure.
• More control over origination of eMortgages.
• Determine what loan product and/or geographical
  area.
• Many counties do not accept electronic recording
  of security instruments.
• Determine which part of your mortgage process
  will be electronic.
• Pre-application and application.
• Disclosures.
• Origination.
• Recording.
• Servicing.
• Determine whether these loans will be kept in
  portfolio or sold/securitized.

41
Educate the Project Team

• ESIGN and UETA 101
• Consumer consent to electronic delivery of
  disclosures
• Transferable records requirements
• Privacy and data security requirements
• Electronic recording laws
• URPERA
• Californias Electronic Recording Delivery Act
  (AB 578)
• Status of electronic notarization
• MISMO standards
• SPeRS
• Fannie Mae and Freddie Mac eMortgage
  selling/servicing guidelines.

42
Do a Risk Assessment

• After determining your project scope, do a risk
  assessment of your proposal. Issues to ponder
• Can your company absorb or insure against
  potential risks?
• How will you handle legal and compliance
  requirements in the your eMortgages?
• Will your investors buy these eMortgages?
• Will your title insurers cover these eMortgags?
• What technology would you need to build or buy
  from your vendors?
• What processes will you need to change for
  eMortgages and how may process changes impact
  your loan production?

43
Evaluate Your Vendors

• If a vendor will be providing critical technology
  (e.g. eVaults) for your eMortgage pilot project,
  you should think about
• Vendors understanding of ESIGN and UETA
• Intellectual property issues (e.g., licensing
  issues) and
• Financial condition of your vendor.

44
Servicing and Record Retention Issues

• Servicing If your eMortgage project will
  include an eNote or eMortgage, you may want to
  consider issues that may arise when servicing the
  loan.
• State/county requirements that an original be
  returned to the jurisdiction or to the borrower.
• Foreclosure issues
• Record Retention
• Consumer retention
• Transferable record retention
• Retention under applicable law
• Retention for evidentiary purposes
• Review SPeRS guidance on record retention

45
Final Thoughts

• Have a clear understanding of your goals.
• Have a clear project plan and scope.
• Understand the risks that may come up during the
  project and determine how you will mitigate those
  risks.
• Educate your project team early in the process on
  ESIGN, UETA, URPERA and other applicable laws,
  SPeRS and MISMO standards, and investor
  requirements.
• Keep up-to-date on the changes in regulatory
  requirements and industry standards.

46
Questions?

• Margo Tank
• Buckley Kolar LLP
• mtank_at_buckleykolar.com
• Gerald J. Ferguson
• Baker Hostetler LLP
• gferguson_at_bakerlaw.com
• Grace Powers
• 1st Vice President, Senior Legal Counsel
• Countrywide Financial Corporation
• Grace_Powers_at_Countrywide.com