Digital Identity & E-Signatures: Regulatory Frameworks & Issuances

In our prior discussion, we explored how Digital Identity Systems and Electronic Signatures are changing the way modern corporate governance operates in the Philippine context, with attendant benefits such as stronger authentication, reduced fraud risk, and optimized approvals and system integration.

Building on that foundation, we will now shift to the regulatory frameworks that make these innovative technologies binding and valid for business matters. Understanding these regulations is essential for businesses aiming to modernize while staying compliant.

Indeed, as the Philippines steps up towards digitalization, Digital Identity Systems and E-signatures are becoming fundamental to government processes, corporate compliance, and financial transactions. Ensuring that these innovative ways are adapted responsibly requires a solid regulatory backbone – and with that, we will break those down.

Republic Act No. 8792 (E-Commerce Act of 2000)

The E-commerce Act of 2000 remains the foundational law on electronic transactions. Notably, Section 8 of this law expressly grants electronic signatures to have the same legal effect and enforceability as traditional handwritten signatures, provided that the e-signature used meets the criteria defined to ensure security and integrity.

The law requires that e-signatures must:

Authenticate the Signer’s Identity – must be reliable and capable of being verified that such an e-signature was created by the person who is deemed to be. This can be done through a wide range of technologies, such as digital certificates issued by accredited authorities, biometric verification, or multi-factor authentication.
Indication of the Signer’s Intention – must clearly show the signer’s intention to sign the document or a transaction. This is crucial, as it indicates consent and agreement in the provided document.
Ensure the integrity of the document – must guarantee that the document has not been changed or tampered with after signing it.

Hence, this statutory provision led the way for nationwide adoption of digital identity and e-signature platforms, especially in regulated industries that require high-assurance authentication.

SEC Memorandum Circular No. 10, Series of 2020

The Securities and Exchange Commission also issued a landmark rule in 2020, during the pandemic, to modernize corporate compliance by authorizing the use of e-signatures for reports, notices, and document submissions. Additionally, Electronic Filing and Digital Authentication of Documents may also be done to the SEC.

The said issuance also formally recognized digital identity verification systems as valid means of authentication, reducing the need for manual signatures, additional paper documentation, and face-to-face interaction – which can be considered one of the pivoting shifts for corporations or businesses adapting to conduct remote or hybrid operations.

Further, by enabling secure digital signing workflows, the circular facilitates faster processing times and enhances data integrity and confidentiality. This contributes to improved corporate governance and regulatory compliance. It remains one of the most widely referenced frameworks for companies implementing secure digital signing workflows.

The Role of eSECURE ID in SEC Compliance

Along with the SEC’s authorization of e-signatures and electronic document filing, the demand for secure digital identity verification grew further, leading to the introduction of eSECURE ID, its official digital identity and authentication platform. This system ensures that all digital signatories are correctly verified and that electronically submitted corporate filings are secure, traceable, legally valid, and authenticated.

Following the SEC’s authorization of electronic signatures and electronic document submissions, the demand for secure digital identity verification grew rapidly among corporations. To operationalize the intent behind MC 10 s.2020, platforms like eSECURE ID emerged as practical tools for ensuring that digital signatories are properly authenticated.

As part of the SEC’s own digital infrastructure, eSECURE ID directly implements the standards outlined in MC 10 for electronic signing, which provides:

Verified Digital Identity – as MC 10 requires that electronic signatures must be attributable to a person, eSECURE ID provides Identity proofing, Account-specific digital credentials, and Authentication logs. This ensures every digital signature has a traceable, verifiable identity.
Tamper-Proof and Integrity-Protected Documents – eSECURE ID supports file integrity checks, hashing mechanisms, and audit trails. These are consistent with regulatory expectations for secure electronic submissions.

Digital Authentication Without Manual Signing – One of MC 10’s practical goals is to reduce reliance on physical signatures. eSECURE ID enables fully digital signing workflows, remote execution of documents, and paperless transactions, all aligned with the SEC’s modernization directives.

Corporate Governance and Compliance Alignment – Because corporate documents often require multi-party approval, eSECURE ID’s identity verification and multi-signer workflows support compliance for General Information Sheets, Financial statements, Notices, Certifications, Directors’ approvals, and other SEC-regulated filings

BSP Circular No. 1163, Series of 2022

The Bangko Sentral ng Pilipinas (BSP) has formally accepted the use of e-signatures for bank transactions, amending the Miscellaneous Rules on Deposits. With this, banks and other financial institutions are authorized to accept e-signatures, which aligns with the provisions of the E-commerce Act.

This circular reinforces three major principles:

E-signatures are legally binding in banking transactions – This assurance removes any ambiguity about their acceptance in financial dealings, thereby fostering greater confidence among banks and clients.

The use of Digital Authentication solutions – can also be used for KYC, onboarding, account updates, and client instructions, all of which are crucial to banking processes.

Security and Compliance Measures – For safeguard and integrity purposes, the technology must meet industry standards and BSP technical requirements.

For banks and other financial institutions, the issuance by the BSP provides regulatory clarity, enabling the complete digitization of processes previously restricted to paper-based signatures.

A.M. No. 24-10-14-SC: Rules on Electronic Notarization

In a modernizing shift, the Supreme Court promulgated the Rules on Electronic Notarization (E-Notarization) and the Guidelines on the Accreditation of Electronic Notarization Facility Providers. This reform addresses challenges in document notarization accessibility and the territorial limitations imposed by the previous 2004 Rules on Notarial Practice.

The key features of the New E-Notarization Framework are the following:

Two Kinds of Electronic Notarization:

- In-Person Electronic Notarization – In this method, the parties are physically present before the Electronic Notary Public (ENP), but the notarization is conducted electronically. This method is a combination of the traditional interaction with the empowerment of digital technology for efficiency and security.

- Remote Electronic Notarization – This innovative method allows principals and witnesses to appear remotely via secured video conference technology before an accredited ENP. This is beneficial for individuals who are geographically isolated or in underserved areas, as well as for Filipinos abroad.

Security Requirements – To ensure the authenticity, integrity, and non-repudiation of electronic notarizations, the system must incorporate advanced security measures, including: Multi-Factor Authentication (MFA), Facial recognition, Biometrics, One-time passwords (OTP), Secure Electronic Notarial Books, and Accredited Electronic Notarization Facilities (ENFs).

Document Format Requirements – the E-Notarization applies only to electronic documents in PDF/A format, a standardized format suitable for long-term preservation. Traditional paper documents and those with handwritten signatures continue to be governed by the 2004 Notarial Rules.

Thus, this reformed framework provides individuals nationwide, especially those in remote communities, with the opportunity to access notarial services without traveling in person.

Joint Administrative Order No. 24-03 (2024): IRR of the Internet Transactions Act (RA 11967)

The Joint Administrative Order No. 24-03, issued in 2024, serves as the Implementing Rules and Regulations (IRR) for the Internet Transactions Act (RA No. 11967), a reforming provision that strengthens the regulatory framework for digital transactions, consumer protection, and the operation of online platforms in the Philippines.

The key provisions and clarifications under the IRR include:

Electronic Signatures — It provides clear standards and guidelines for the use and acceptance of e-signatures in online transactions, ensuring their legal validity and enforceability to protect the parties involved.
Digital Identity Validation — It establishes requirements for digital identity verification processes to ensure parties are accurately identified. This includes procedures for identity proofing, authentication, and the use of digital identity providers.
Trust Services for Online Transactions — It governs trust services, such as certification authorities, timestamping, and electronic seals, that underscore the security and reliability of electronic documents and online transactions.
Authentication and Record-Keeping — It also mandates standards for the authentication of electronic transactions and the proper safekeeping of electronic records. This ensures that transaction data is securely stored, accessible for audits or dispute resolution, and remains aligned with the Data Privacy Act.

By integrating e-signatures and digital identity processes into the vast digital commerce, the IRR fosters secure, efficient, and legally compliant online transactions. It supports seamless interactions among consumers, sellers, and digital intermediaries, promoting confidence and growth towards modernization.

Why These Issuances Matter

Collectively, these regulatory frameworks form a uniform digital trust platform by ensuring that e-signatures have legal and enforceable weight, allowing banks, corporations, and other businesses to shift entirely towards digital workflows. Also, it modernizes notarial services for the general public, especially in remote and rural areas, and ultimately protects consumers and businesses when conducting online transactions by enabling secure digital authentication without the need for manual signatures.

The complementarity of these laws and issuances is building a national framework for digital identity, fostering secure onboarding, faster transactions, and greater accessibility across both the public and private sectors.

Strengthening Digital Trust Through Regulation

As the Philippines continues to digitalize major sectors such as finance, corporate compliance, legal services, and e-commerce, understanding these regulatory frameworks becomes essential. Indeed, compliance is not just a legal requirement but a strategic advantage for organizations investing in digital transformation.

If your business is transitioning to e-signatures, digital identity solutions, or remote operations, now is the perfect time to strengthen your frameworks. Babylon2k offers consultation services on digital identity solutions, e-signature compliance, and regulatory modernization. You may book a consultation or reach out to us at [email protected]. For quick inquiries, ask our BETH AI for support on accounting, tax, and business-related concerns.

Disclaimer: Information shared for educational purposes only.