Contract Management
November 29, 2022

Are electronic signatures legal? eIDAS regulation 101

Jenny Hall

Everything you need to know about eIDAs, the EU regulations on electronic signature, and how to choose your e-signing provider for your business needs when it comes to contract management.

Electronic signatures are an integral part of the modern contracting process. Not only do they provide a new level of simplicity and speed, but they are in many ways more trustworthy. Nevertheless, there are still doubts out there on their legality and validity.

At the end of the day, a signature in any shape and form has one common purpose: prove that something was agreed upon, and who agreed on it. To gain trust in the signature, the question that needs to be answered is: How do we ensure that the right person signed and had the intention to sign?

What is the eIDAS regulation?

eIDAS is an EU regulation adopted in 2014. It stands for "Electronic Identification, Authentication and Trust Services" and the goal of the regulation is to achieve more efficient and secure electronic interactions in all EU countries. By means of that, eIDAS is your go-to reference for the validity of e-signatures.

What is an electronic signature?

According to eIDAS, an electronic signature is data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign. An electronic signature can therefore be as simple as signing off an email. However, depending on the sensitivity of the document, you may want to further verify the signature.

To achieve a common standard and trust in electronic signatures, eIDAS defines three levels: simple, advanced, and qualified. For a broader introduction to what electronic signatures are and how they work, see What is an Electronic Signature?

The three levels of electronic signatures

Simple Electronic Signature (SES)

The simplest and most common form. Includes typed names, scanned signatures, and click-to-sign mechanisms. Suitable for low-risk agreements where identity verification is less critical.

Advanced Electronic Signature (AES)

Uniquely linked to the signatory, capable of identifying the signatory, created using data under the signatory's sole control, and linked to signed data in a way that detects any subsequent changes. Requires an identity verification step before signing.

Qualified Electronic Signature (QES)

The highest level. Equivalent to a handwritten signature in all EU member states. Created using a qualified electronic signature creation device and based on a qualified certificate. Required for certain regulated documents and high-risk agreements.

Practical tips when choosing an e-signing provider

When selecting an e-signature tool, consider: which signature level your agreement types require, how signing integrates with your contract management workflow, whether the provider holds relevant certifications, and what audit trail and evidence package the provider generates.

For organizations using a CLM platform, the most important question is how well the e-signature tool connects to it. Standalone signing creates manual steps and metadata gaps. See eSignature Integrations for Contract Lifecycle Management for a practical overview of how providers connect to lifecycle systems, and How eSignatures Fit Into Contract Lifecycle Management for guidance on embedding signing within a governed workflow.

Continue reading
contract_governance_what_control_in_clm_actually_means_precisely_contracts
Contract Governance
Contract Governance: What Control in CLM Actually Means

You may be wondering...

Are electronic signatures legally valid in the EU?
Yes. Under the eIDAS regulation, electronic signatures are legally valid throughout the EU. The regulation defines three levels — simple, advanced, and qualified — each with different technical requirements and legal weight. Choosing the right level depends on the agreement type and the risk profile of the parties.
What is the difference between simple, advanced, and qualified electronic signatures?
A simple electronic signature is any electronic indication of intent. An advanced electronic signature is uniquely linked to the signatory and detects subsequent document changes. A qualified electronic signature is the highest level, created using a qualified certificate — it carries the same legal effect as a handwritten signature across the EU.
Can electronic signatures be challenged in court?
Electronic signatures can be challenged, but a well-implemented advanced or qualified electronic signature creates a strong evidentiary record. The audit trail — identifying who signed, when, from what device, and using what authentication — makes a credible challenge difficult.
What is eIDAS and what does it regulate?
eIDAS (Electronic Identification, Authentication and Trust Services) is an EU regulation adopted in 2014. It establishes a legal framework for electronic signatures, seals, timestamps, and trust services across EU member states — ensuring a valid electronic signature from one EU country is recognised in all others.
Which type of electronic signature should organisations use for contracts?
For most commercial contracts, advanced electronic signatures provide sufficient legal weight and security. Qualified electronic signatures are required for specific high-stakes documents where regulations mandate this level of assurance. Simple electronic signatures are appropriate for low-risk, informal agreements.
If you have any further questions or just want to reach our team, click the button below.
Contact us
Contact us