Updated: Apr 24
When a face-to-face meeting is impossible, paperless signatures are a practical option for your business in Malaysia. They are fast, convenient and environmentally friendly.
However, you need to carefully consider the legal implications of using digital or electronic signatures over the traditional ‘wet-ink’ variety. While the terms ‘electronic’ and ‘digital’ are often used interchangeably to refer to paperless signatures, each one is a separate legal concept under Malaysian law.
An electronic signature is broadly defined under the Electronic Commerce Act 2006 (“ECA”) as “any letter, character, number, sound or any other symbol or any combination thereof created in an electronic form adopted by a person as a signature”.
to fulfill the legal effect and enforceability of information contained in electronic messages (such as emails and SMS), and
the facilitate commercial transactions through electronic means
To be considered ‘reliable’, electronic signatures must also fulfill these ECA requirements:
the means of creating the electronic signature is linked to, and under the control of, that person only;
any alteration made to the electronic signature after signing is detectable; and
any alteration made to that document after signing is detectable.
There has not been much in the form of case law expanding on the practical meaning of each of the above ECA tests in the event of a dispute. Some grey areas surround these requirements as they have largely been untested in Malaysia Courts.
Digital signatures are considered a subset of electronic signatures in Malaysia and are governed by the Digital Signatures Act 1997 (“DSA“). A digital signature is defined by the DSA as “a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer’s public key can accurately determine:
whether the transformation was created using the private key that corresponds to the signer’s public key; and
whether the message had been altered since the transformation was made.”
Currently, there are no foreign certification authorities recognised in Malaysia. Digital signatures can only be validated with one of the following certification authorities licensed by Malaysian Communications and Multimedia Commission (“MCMC”):
Post Digicert Sdn Bhd;
MSC Trustgate.com Sdn Bhd;
Telekom Applied Business Sdn Bhd; or
Rafcomm Technologies Sdn Bhd.
E-Signature vs Digital Signature
The 2 separate acts reflect the fact that ‘electronic signatures’ and ‘digital signatures’ are not exactly the same thing, even though many use the two terms interchangeably. Digital signatures embed a unique digital ‘fingerprint’ into documents and the signer is required to possess a certificate-based digital ID (a digital certificate) in order to link the signer and document. Digital signatures also offer tamper evidence and tend to be subject to stricter regulations in many countries around the world. In summary, digital signatures can be understood as a type of electronic signature that offers higher security and protection from fraud than other types of electronic signatures.
In summary, differences of E-signature and Digital Signature
Electronic Commerce Act 2006
Digital Signatures Act 1997
Certification authorities licensed by MCMC only
Documents are attached with email
Documents are uploaded to secured system withpassword protection
Need to proof the creation of e-signature is linked to, and under the control of that signer only.
A system that embed a unique digital ‘fingerprint’ into documents and the signer
Need to proof alteration made to the electronic signature and document after signing is detectable
No alteration is allowed for digital signature and document after signing.
Some transactions and documents are clearly and expressly exempted from the scope of the ECA and DSA. These are:
Power of Attorney documents;
Wills, codicils and trusts;
Negotiable instruments, bills of exchange, and promissory notes;
Any instrument dealing with properties under the Malaysian National Land Code; and
Statutory Declarations under the Statutory Declarations Act 1960.
iComSec Adopts Digital Signatures
iComSec had signed a collaborative agreement with MSC Trustgate.com Sdn Bhd to support the Digital Signature platform since 19 August 2020. We are proud to be the first professional firm in Malaysia that engaged a secure digital signature. Digital signature is an example of a technology that can aid a business' corporate secretarial operations. Using this technology, where the local legislation allows, removes the need for a face-to-face meeting to sign documents. This can make the corporate filings faster and bring efficiency to iComSec. This has enabled the use of digital signature across its internal processes, business associates and for our clients.
Documents such as board resolutions and minutes that have traditionally been printed out and signed manually can now be accepted digitally to ensure that businesses continue as normal even during lockdowns deriving from Covid-19 pandemic.