10.10.1 IRS Electronic Signature (e-Signature) Program

Manual Transmittal

October 17, 2023

Purpose

(1) This transmits revised IRM 10.10.1, Identity Assurance, IRS Electronic Signature (e-Signature) Program.

Material Changes

(1) IRM 10.10.1.1, Program Scope and Objectives- Updated to accurately reflect Internal Management Document (IMD) administration: 10.10.1.1(1), Purpose- Updated to provide clarity for the reader. Added “Note” to clarify exclusions of this IRM; 10.10.1.1(2), Audience- Updated to clarify the intended audience; and 10.10.1.1(3), Policy Owner, 10.10.1.1.(4), Program Owner, 10.10.1.1(5), Primary Stakeholder, 10.10.1.1(6), Program Goals, 10.10.1.1(7), Contact Information- Added to accurately reflect IMD administration.

(2) IRM 10.10.1.1.1, Background- Removed reference to IRC 6061.

(3) IRM 10.10.1.1.2, Authority- Added reference to IRC 6061, updated for plain language and added e-Signature mailbox address.

(4) IRM 10.10.1.1.3, Roles and Responsibilities- Added to accurately reflect IMD administration.

(5) IRM 10.10.1.1.4, Program Management and Review- Added to accurately reflect IMD administration.

(6) IRM 10.10.1.1.5, Terms and Acronyms- Merged terms and acronyms into one table. Moved table to Exhibit 10.10.1-3, Glossary and Acronyms, because the table extends beyond one page.

(7) IRM 10.10.1.2, Introduction to IRS e-Signature Policy- Added “policy” to title, streamlined paragraphs to provide clarity for audience, removed paragraphs about risks and NIST to IRM subsection on oversight as the guidance does not align with the introduction of the e-Signature policy.

(8) IRM 10.10.1.3, Electronic Signatures- Streamlined paragraphs to differentiate between electronic signature externally and an IRS compliant signature. Added reference to new subsection which incorporates two interim guidance memos.

(9) IRM 10.10.1.3.1.1, Acceptable Forms of Electronic Signatures- Reordered to nest within IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures, Added language to indicate the forms of electronic signature are not technology specific. Added two additional forms of electronic signature methods to the list.

(10) IRM 10.10.1.3.1.2, Intent to Sign the Electronic Record- Reordered to nest within IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures.

(11) IRM 10.10.1.3.1.2.1, Confirming Intent to Sign the Electronic Record- Reordered based on changes in IRM 10.10.1.3.1.2, Intent to Sign the Electronic Record.

(12) IRM 10.10.1.3.1.3, Attachment or Association of the Electronic Signature with the Electronic Record- Reordered to nest within IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures. Removed reference to storing the electronic signing process” as it is better aligned with the subsection on storage.

(13) IRM 10.10.1.3.1.3.1, Embedding or Associating the Integrity of the Signature- Reordered based on changes in IRM 10.10.1.3.1.3, Attachment or Association of the Electronic Signature with the Electronic Record.

(14) IRM 10.10.1.3.1.4, Identifying and Authenticating the Signer- Reordered to nest within IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures. Removed language about multifactor authentication and ID proofing as it is outside the scope of this IRM. Added reference to IRM 10.10.1.7, Oversight Procedure, to expand on the risk assessment process.

(15) IRM 10.10.1.3.1.5, Preserving the Integrity of the Signed Electronic Record- Reordered based on changes in IRM 10.10.1.3.1.4, Identifying and Authenticating the Signer.

(16) IRM 10.10.1.4, Secure Storage- Updated information about storing the electronic signing process. This consolidates storage guidelines into one subsection for the audience. Updated references and citations.

(17) IRM 10.10.1.5, Complying with the e-Signature Policy Requirement- Updated title for clarity. IA is not responsible for implementation of e-Signature but provides the guidelines for business units to comply with the IRM.

(18) IRM 10.10.1.6, Deviating from the e-Signature Policy Requirement- Added subsection to acknowledge and clarify existing e-Signature deviations.

(19) IRM 10.10.1.6.1, Accepting Images of Signatures and Digital Signatures in Certain Taxpayer Interactions- Added to partially incorporate interim guidance memorandum, NHQ-01-1121-0004, Approval to Accept Images of Signatures and Digital Signatures, Approval to Receive Documents and Transmit Encrypted Documents by Email, dated 11/18/2021.

(20) IRM 10.10.1.6.2, Accepting Electronic or Digital Signatures in lieu of Handwritten Signatures for Limited List of Tax Forms- Added to fully incorporate interim guidance memorandum, NHQ-10-1121-0005,Temporary Deviation from Handwritten Signature Requirement for Limited List of Tax Forms, dated 11/18/2021.

(21) IRM 10.10.1.6.3, Accepting Provisional Signatures on Other Forms- Added to provide a process for form owners to request temporary deviations from the signature requirements listed in this IRM.

(22) IRM 10.10.1.7, Oversight Procedure- Clarified the role of DIRA. Added references to NIST.

(23) Exhibit 10.10.1-2, Deviation from Handwritten Signature requirement for Limited List of Tax Forms Memorandum - Added exhibit to list forms from interim guidance memorandum NHQ-10-1121-0005, Temporary Deviation from Handwritten Signature Requirement for Limited List of Tax Forms, dated 11/18/2021.

(24) Exhibit 10.10.1-3, Glossary and Acronyms- Added to list terms, acronyms and definitions used in this IRM.

Effect on Other Documents

During the 2020 COVID-19 Pandemic, the IRS offered some digital flexibilities to allow taxpayers the ability to electronically sign and submit certain documents. This allows the IRS to execute on critical duties until solutions that facilitate a compliant e-Signature are available. The following interim guidance memorandums are incorporated into this IRM:

Interim guidance memorandum NHQ-01-1121-0004, Approval to Accept Images of Signatures and Digital Signatures, Approval to Receive Documents and Transmit Encrypted Documents by Email is partially incorporated into this IRM.


Interim guidance memorandum NHQ-10-1121-0005, Temporary Deviation from Handwritten Signature Requirement for Limited List of Tax Forms is fully incorporated into this IRM.

Audience

The intended audience are IRS employees responsible for determining policy, related to the receipt of electronic documents or digital transactions with e-Signatures.

Effective Date

(10-17-2023)



Angela R. Gartland
Director, Identity Assurance Office

Program Scope and Objectives

  1. Purpose: This IRM covers Servicewide e-Signature policies and procedures, defines e-Signature terms and IRS e-Signature principles. Additional provisions in this IRM include:

    • Establishing minimum baseline requirements for all taxpayer-related forms, documents and web applications requiring taxpayer signatures.

    • Adopting an e-Signature signing process.

    • Ensuring all e-Signatures have the appropriate risk and authentication requirements in place to ensure compliance with relevant federal government policies.

    • Complying with the e-Signature policy, to provide business and form owners a resource for information regarding e-Signature solutions.

    • Assigning roles and responsibilities for all key stakeholders to implement e-Signature solutions, identify and mitigate risks, and ensure compliance with e-Signature requirements.

    • Performing oversight functions and compliance functions within the e-Signature program.

      Note:

      This IRM does not address the following:
      Electronic signature requirements for internal use IRS documents.
      Taxpayer signatures received through Enterprise Electronic Fax (EEFax).

  2. Audience: The intended audience is IRS employees responsible for determining policy, related to the receipt of electronic documents or digital transactions with e-Signatures.

  3. Policy Owner: The director of Identity Assurance (IA), under Privacy, Governmental Liaison and Disclosure (PGLD).

  4. Program Owner: IA within PGLD is the program office responsible for providing e-Signature guidance and support. Each business unit is responsible for applying the guidelines in this IRM.

  5. Primary Stakeholder: All organizations and business units who receive taxpayer documentation electronically that include e-Signatures.

  6. Program Goals: The goal of this IRM is to define uniform standards for the acceptance of taxpayer signatures appearing in electronic form and ensure compliance with federal requirements and policies.

  7. Contact Information: To recommend changes or make any other suggestions to this IRM section, email the IA office at *PGLD IA eSignature.

Background

  1. Electronic signatures are governed by laws and guidance specified in IRM 10.10.1.1.2, Authority.

Authority

  1. Section 2003(a) of the Internal Revenue Service Restructuring and Reform Act of 1998 (RRA 98) amended IRC 6061 , to direct the Secretary of the Treasury to “develop procedures for acceptance of signatures in electronic form.” It further states that in the interim, “the Secretary may waive the requirement of a signature on an electronically filed tax return or provide for alternative methods of signing.”

  2. The IRS’s e-Signature policy implements relevant authentication laws, mandates, and compliance policies.

  3. Relevant Federal Government guidelines include:

    1. Government Paperwork Elimination Act (GPEA) - a federal law enacted in 1998 that is applicable to governmental transactions and other transactions involving certain federal organizations.

    2. Electronic Signatures in Global and National Commerce Act (E-SIGN) - a federal law enacted in 2000 that largely preempts inconsistent state law (although in certain cases state law may still control) and that is applicable to commercial, consumer, or business transactions involving federal organizations.

    3. Uniform Electronic Transactions Act (UETA) - a uniform state law that was finalized by the National Conference of Commissioners on Uniform State Laws (NCCUSL) in 1999 and subsequently adopted by 47 states, and which may be applicable to commercial, consumer, or governmental affairs transactions involving federal organizations in certain cases.

      Note:

      The goal of these e-signature laws is to specify criteria which, once met by an electronic signature, enable such electronic signature to enjoy the same level of legal recognition as a corresponding handwritten signature. IRC 6061, specifically addresses the signing of returns and other documents required under internal revenue tax laws and regulations.

    4. NIST Special Publication (SP) 800-53 (Rev. 5), Appendix C - outlines security and privacy controls designed within an effective risk management framework, to implement fundamental safeguards and countermeasures necessary to protect information during processing, while in storage, and during transmission.

    5. NIST Digital Identity Guidelines (SP 800-63-3) - applies to all federal agencies implementing digital identity services. NIST SP 800-63-3 guidance outlines technical ID Proofing and authentication requirements. The separation into categories provides agencies flexibility in choosing identity solutions and increases the ability to include privacy-enhancing techniques as fundamental elements of identity systems at any assurance level.

    6. Office of Management and Budget (OMB) Memorandum (M) 19-17,, Enabling Mission Delivery through Improved Identity, Credential and Access Management or successor documents.

    7. Use of Electronic Signatures in Federal Organizations Transactions, Version 1.0 issued January 25, 2013.

    8. Public Law No: 115-336,21st Century Integrated Digital Experience Act, enacted on December 20, 2018, that requires executive agencies to submit a “plan to accelerate the use of electronic signature standards established under the Electronic Signatures in Global and National Commerce Act (15 U.S.C. 7001 et seq).”

Roles and Responsibilities

  1. IA's role is to strengthen the IRS authentication posture by enhancing visibility and coordination for:

    • Identity proofing

    • Authentication

    • Authorization

    • Access strategies, processes controls and capabilities

  2. IA assists in ensuring that an electronic signature complies with federal laws and regulations.

  3. The director of IA is responsible for the e-Signature policy guidance.

  4. Organization executives and management officials who lead programs described in this policy are responsible for these guidelines, specifically to ensure that electronic signatures conform to the policy in this IRM.

  5. Each IRS organization is responsible for establishing internal processes for implementing e-Signature solutions based upon this guidance.

  6. IA provides e-Signature policy guidance and subject matter expertise on both procedural issues and complex legal issues. Before seeking our assistance, you as the form or transaction owner needs to consult with Counsel to determine if an electronic signature can be used on your form.

  7. IA is responsible for the e-Signature policy. To meet this responsibility, IA personnel must be kept informed of the problems and questions that the IRS functions encounter regarding e-Signature.

Program Management and Review

  1. IA works closely with business units to ensure that the requirements of this IRM are reflected in e-Signature technical planning, capability development, and implementations. Additional control information can be found in the business unit IRM where the program/procedure resides.

Terms and Acronyms

  1. Exhibit 10.10.1-3, Glossary and Acronyms contains a table of terms, acronyms, and definitions.

Related Resources

  1. IRC 6061 (b)

  2. 26 CFR 301.6061-1

  3. IRM 10.5.1, Privacy Policy

Introduction to IRS e-Signature Policy

  1. IRS modernization efforts to enable digital transactions includes expanding e-Signature capabilities. Increasing digitalization will streamline processes, improve access to digital data and lessen the IRS’s environmental impact. A form or transaction needs to be digitized before the IRS can collect an e-Signature.

  2. The IRS e-Signature principles and federally mandated authentication controls describe how the IRS protects an individual’s identity and assures that only authorized signers are completing the transaction.

  3. Adherence to IRS e-Signature principles and requirements is mandatory to preserve the integrity of the signed IRS record.

  4. IRS e-Signature requirements form the basis for implementing technology and security controls.

  5. This IRM provides a framework for applying e-Signature consistently across the IRS. It will guide how the IRS executes electronic transactions and will be an essential component of an IRS online authorization capability.

Electronic Signatures

  1. “Electronic signature” is the term used in all E-transaction laws for the electronic equivalent of a handwritten signature. It is a generic, technology neutral term that refers to the universe of all the various methods by which one can “sign” an electronic record.

  2. A compliant IRS electronic signature is one which meets the core requirements outlined in IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures.

  3. See IRM 10.10.1.6, Deviating from the e-Signature Policy Requirement for alternative methods to sign an IRS document electronically.

Requirements for Legally Binding Electronic Signatures

  1. Each permitted electronic signing process must satisfy each of the following five requirements:

    1. The signer(s) must use an acceptable form of electronic signature(s) described in IRM 10.10.1.3.1.1, Acceptable Forms of Electronic Signatures.

    2. The electronic signature(s) must be executed or adopted by a person(s) in a manner that meets IRM 10.10.1.3.1.2, Intent to Sign the Electronic Record, that demonstrates the intent of the person(s) to sign the electronic record.

    3. The electronic signature(s) must be attached to or associated with the electronic record being signed in accordance with IRM 10.10.1.3.1.3, Attachment or Association of the Electronic Signature with the Electronic Record.

    4. There is a means to identify and authenticate a person(s) as the signer(s) in accordance with IRM 10.10.1.3.1.4, Identifying and Authenticating the Signer, and the signer must be authorized to execute the document.

    5. There is a means to preserve the integrity of the signed electronic record in accordance with IRM 10.10.1.3.1.5, Preserving the Integrity of the Signed Electronic Record.

Acceptable Forms of Electronic Signatures
  1. Electronic signatures can take many forms and can be created by many different technologies. No specific technology or form of signature is required.

  2. Any electronic sound, symbol, or process can be used as the form of electronic signature provided the form of electronic signature is permitted for use on the specific IRS document by IRS guidance.

  3. If permitted by IRS guidance on the specific IRS document, the following forms of electronic signature are currently permissible for use:

    1. A typed name that is typed within or at the end of an electronic record, such as typed into a signature block.

    2. A scanned or digitized image of a handwritten signature that is attached to an electronic record.

    3. A shared secret, such as a code, password, or PIN.

    4. A unique biometric-based identifier, such as a fingerprint, voice print, or a retinal scan.

    5. A handwritten signature input onto an electronic signature pad.

    6. A handwritten signature, mark, or command input on a display screen by means of a stylus device.

    7. A selected checkbox on an electronic device such as a computer or tablet.

    8. A signature created by a third party software.

      Note:

      See Exhibit 10.10.1-1, Current Approved Methods, for a complete listing of approved signature methods and their related forms.

Intent to Sign the Electronic Record
  1. An electronic signature must be executed or adopted by the signer with the intent to sign the electronic record.

  2. Intent to sign can be inferred from a signer’s approval of the reason for signing the electronic record as stated in the text of the record being signed or elsewhere in the signing process.

Confirming Intent to Sign the Electronic Record
  1. Each permitted electronic signing process will require that the context in which an electronic signature is applied or the process by which a person applies an electronic signature to the record includes a step where the signer confirms intent to sign the record.

  2. The signer must establish the intent to sign through a clear and conspicuous notice that a document is being signed with an electronic signature. The notice must include:

    • A description of the signing process.

    • A clear statement of the purpose for the electronic signature.

    • A statement that the completed signing process will constitute the signer’s legally binding signature.

  3. The purpose for signing with an electronic signature must be described in the text of the document being signed. Examples are:

    1. Requesting confirmation of the signer’s electronic signature whereby the signer must acknowledge the signer’s electronic signature and then providing the option to cancel.

    2. Continuing, or adding a submission step following the signature step whereby the signed records are not effective until submitted.

  4. Each permitted electronic signing process must include requirements that minimize the risk that signers could:

    • Disavow their electronic signature.

    • Claim they did not understand the legal significance of the electronic signature.

    • Claim they did not understand the reason for signing.

    • Claim they did not intend to sign.

Attachment or Association of the Electronic Signature with the Electronic Record
  1. The electronic signature must be attached to or associated with the electronic record in a manner that establishes that an electronic signature was applied to a specific electronic record. The signing process must:

    1. Apply the electronic signature to a document that the signer can perceive and review in a manner that makes clear to the signer exactly what is being signed.

    2. Attach or associate the electronic signature to the electronic record by linking the electronic signature and making it a part of the electronic record being signed.

  2. The permitted electronic signing process must be clear so that the signer knows exactly what IRS document is being signed.

Embedding or Associating the Integrity of the Signature
  1. Each permitted electronic signing process will require that the electronic signature be associated with the electronic record being signed. After the electronic record has been signed, the electronic record must be tamper-proof to ensure that the signature(s) applied to or associated with one record is not applied to or associated with another record and to prevent the contents of the record to which the signature(s) applied from being altered.

  2. Alternatively, the permitted electronic signing process will require the data representing the electronic signature to be stored separately from the electronic record being signed, provided a demonstrably reliable and provable process is in place which will include a relational database or a digital signature algorithm to associate the electronic signature with the electronic record.

Identifying and Authenticating the Signer
  1. The electronic signing process must identify and authenticate a person as the signer and source of the electronic document or message.

  2. The electronic signing process must be able to generate evidence of the person to whom the electronic signature belongs and generate evidence that the identified person is associated with the electronic record.

  3. The level at which to identify the signer should be based on a risk assessment of the digital transaction or form. See IRM 10.10.1.7, Oversight Procedure.

  4. If there is more than one signer required for the electronic record, the electronic signing process must be designed to separately identify and authenticate each signer.

Preserving the Integrity of the Signed Electronic Record
  1. Electronic signatures must be linked to their respective electronic records to ensure that the signatures cannot be excised, copied, or otherwise transferred to falsify an electronic record.

  2. After the electronic record has been signed, the electronic record must be tamper-proof to ensure that the signature(s) applied to or associated with one document is not applied to or associated with another document and to prevent the contents of the document to which the signature(s) applied from being altered.

Secure Storage

  1. Each electronic signing process permitted for use on a specific IRS document by IRS guidance will require that the data constituting the electronic signature be stored in a manner that permanently attaches or associates the electronic signature with the electronic record that was signed.

  2. An electronic signature created using a set of actions, steps, and elements, requires the generation of a specific data element that indicates completion of the electronic signing process. The data element or procedure must be permanently attached to or associated with the electronic record that was signed.

  3. Each permitted electronic signing process requires techniques to lock the electronic record and prevent it from being modified.

  4. Storage systems require secure access control to ensure that the electronic records cannot be modified.

    Note:

    See IRM 1.15.6.5, Creation, Use, and Maintenance of Structured Electronic Data, for guidance on ensuring electronic information systems that produce, use, or store data have disposition instructions incorporated into the system design. The National Archives and Records Administration (NARA) is responsible for issuing standards for management of federal records created or received on electronic systems.

  5. Storage systems require an indexed retrieval system and the ability to reproduce legible and readable hard copies of electronic records, including for inspection by an authorized IRS employee.

  6. All IRS employees and contractors are responsible for ensuring IRS records (hard copy and electronic) are appropriately managed, retained, and archived in accordance with IRM 1.15, Records and Information Management, on records retention and disposition requirements before documents can be destroyed. The electronic records retention period includes the period by which the record may be material for tax administration purposes. Refer to Document 12990, IRS Records Control Schedules (RCS), for the NARA-approved IRS records disposition to prevent unauthorized/unlawful destruction of records. Refer to Document 12829, General Records Schedules (GRS), for the NARA-issued disposal authorizations for temporary administrative records common to all Federal agencies. The IRS has issued guidance to taxpayers that maintain books and records using an electronic storage system, including guidance on when these records will constitute records within the meaning of IRC 6001. See Rev. Proc. 97-22 , 1997-1 C. B. 652 (Guidelines for Electronic Storage of Documents by Taxpayers).

    Note:

    On January 10, 2023, Rev. Proc. 97-22 was posted in the Federal Register for comment and eventual update. No changes are made to the Revenue Procedure at this time.

Complying with the e-Signature Policy Requirements

  1. IA provides consultation, best practices and subject matter expertise. Business operating division and functional operating division (BOD/FOD) owners and form owners are responsible for implementing an e-Signature.

  2. IA facilitates conversations between parties, (e.g., BOD/FOD owners and IT) providing Authentication, Authorization, and Access (A3) compliance knowledge and ensuring all appropriate stakeholders participate to identify and implement the e-Signature policy based on the form owners requirements.

  3. BOD/FOD owners/form owners who require subject matter expertise on the e-Signature process should contact IA through the e-Signature mailbox, *PGLD IA eSignature, to request assistance.

  4. If the BOD/FOD owner is unable to meet the requirements stated in IRM 10.10.1, Identity Assurance, IRS Electronic Signature (e-Signature) Program, to comply with the e-Signature policy, they may explore a deviation from the e-Signature requirements. A request must be sent to the e-Signature mailbox *PGLD IA eSignature. Once supported or approved, the deviation will remain in place until the forms meet the requirements stated in IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures.

Deviating from the e-Signature Policy Requirements

  1. IRC 6061(b), provides that until procedures are in place for the acceptance of signatures in digital or other electronic form, the Secretary may develop procedures for alternative methods of signing returns, declarations, statements, or other documents. It also states that, any IRS document signed under an approved alternative method will be treated for all purposes as an original signature.

  2. Until the procedures for implementing the signature policies described in this IRM are in place for the scenarios described in IRM 10.10.1.6.1, Accepting Images of Signatures and Digital Signatures in Certain Taxpayer Interactions and IRM 10.10.1.6.2, Accepting Electronic or Digital Signatures in lieu of Handwritten Signatures for Limited List of Tax Forms, the IRS will accept certain alternative electronic signature methods in those scenarios.

    Caution:

    The signature deviations permitted in this subsection do not establish a precedent for acceptable use of alternative signatures in other circumstances.

Accepting Images of Signatures and Digital Signatures in Certain Taxpayer Interactions

  1. Applicable taxpayer interactions are authenticated, recurring interactions of IRS personnel working person-to-person with taxpayers to address or resolve issues (specifically field compliance, Appeals, Counsel, and Taxpayer Advocate Service personnel).

  2. Employees may accept images of signatures and digital signatures on documents related to the determination or collection of a tax liability or to the settlement of tax controversies.

  3. This applies to any statement or form traditionally exchanged between IRS personnel and taxpayers during these taxpayer interactions outside of standard filing procedures.

    Caution:

    Returns which are not yet due to be filed (i.e., not delinquent), including extensions, must be filed in accordance with the instructions for the respective form.

  4. Before accepting a document with an electronic signature from a taxpayer, employees must authenticate the taxpayer or representative by phone or in-person to ensure they are authorized to sign the document in question. See IRM 11.3.2.3.2, Requirements for Verbal or Electronic Requests.

  5. The following are acceptable signatures:

    1. Images of documents with original signatures (scanned or photographed) in any common file type such as JPEG, TIFF, PDF, etc.

    2. Digital signatures that use encryption techniques that provide proof of original and unmodified documentation when transmitted by an approved secure messaging or file transfer system.

     

    Note:

    Transmission and receipt of these forms are subject to IRS procedures Refer to IRM 10.5.1.6.8, Email and IRM 10.5.1.6.9, Other Forms of Transmission.

Accepting Electronic or Digital Signatures in lieu of Handwritten Signatures for Limited List of Tax Forms

  1. Taxpayers and representatives may use electronic or digital signatures when signing certain forms that currently require a handwritten signature and that cannot be filed using IRS e-file.

  2. See Exhibit 10.10.1-2, for a list of forms where such electronic or digital signatures are permitted.

Accepting Provisional Signatures on Other Forms

  1. Form or transaction owners may request temporary deviations from the signature requirements described in IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures.

  2. IA together with the form or transaction owner, may conduct a risk assessment to determine if a 'non-compliant' electronic signature is possible. The identified risks, mitigations and decisions must be documented in a Form 14675, Decision Making Framework Risk Acceptance Form and Tool (RAFT).

  3. Form or transaction owners will be responsible for completing e-Signature risk assessments.

  4. Any IRS document that is signed using the permitted electronic signing process will be treated for all purposes (both civil and criminal, including penalties for perjury) in the same manner as though signed with a handwritten signature. See IRM 10.10.1.7, Oversight Procedure.

    Note:

    The deviations above will no longer be acceptable once e-Signatures that comply with IRM 10.10.1, Identity Assurance, IRS Electronic Signature (e-Signature) Program can be received.

Oversight Procedure

  1. The IRS requires all electronic customer facing applications that require authentication to complete a risk assessment process.

  2. e-Signatures are electronic transactions by definition and require a risk assessment.

  3. The IRS uses the Digital Identity Risk Assessment (DIRA) framework to assess risks associated with electronic transactions.

  4. IA together with the business owner will use the DIRA to determine the appropriate identity proofing and authentication protocol in addition to completing an e-Signature risk assessment to determine the appropriate signing process. See IRM 10.10.1.3.1.4, Identifying and Authenticating the Signer.

  5. The e-Signature risk assessment process is used to assess risks associated with the likelihood of a successful challenge to the validity of an electronic signature.

  6. Per the Use of Electronic Signatures in Federal Organization Transactions (UESFOT), the risks related to enforceability of an electronic signature analysis must include:

    1. The likelihood of a successful challenge to the validity of the electronic signature.

    2. The monetary loss, or other adverse impact, that will result from such a successful challenge to the enforceability of the electronic signature.

  7. The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 (Rev. 5), Appendix C, outlines security and privacy controls designed, within an effective risk management framework, to implement fundamental safeguards and countermeasures necessary to protect information during processing, while in storage, and during transmission.

Current Approved Methods

The following signature methods have been approved in earlier IRS regulations, publications, or other documents and continue to be accepted by the IRS under current IRS guidance:

Signature Method Applicable IRS Form
Selecting a checkbox on an electronic device such as a computer or tablet
  • Form 8655, Reporting Agent Authorization

Inputting a Personal Identification Number
  • Form 720, Quarterly Federal Excise Tax Return

  • Form 940, Employer's Annual Federal Unemployment (FUTA) Tax Return

  • Form 941, Employer's Quarterly Federal Tax Return

  • Form 990, Return of Organization Exempt From Income Tax

  • Form 1040, U.S. Individual Income Tax Return

  • Form 1065, U.S. Return of Partnership Income

  • Form 1120, U.S. Corporation Income Tax Return

  • Form 2290, Heavy Highway Vehicle Use Tax Return

  • Form 4506-T, Request for Transcript of Tax Return

  • Form 8849, Claim for Refund of Excise Taxes

  • Form 8878, IRS e-file Signature Authorization for Form 4868 or Form 2350; and those forms in the Form 8878 family

  • Form 8879, IRS e-file Signature Authorization; and those forms in the Form 8879 family

Inputting a Security Code and an Authorization Code
  • Form 720-CS, Carrier Summary Report

  • Form 720-TO, Terminal Operator Report

Using an electronic signature pad
  • Form 8878, IRS e-file Signature Authorization for Form 4868 or Form 2350, and those forms in the Form 8878 family

  • Form 8879, IRS e-file Signature Authorization; and those forms in the Form 8879 family.

Using a stylus device
  • Form 4506-T, Request for Transcript of Tax Return

  • Form 8655, Reporting Agent Authorization

  • ACH Direct Pay

Using voice signature technologies
  • Form 8850, Pre-Screening Notice and Certification Request for the Work Opportunity Credit

Using a scanned or digitized image of a handwritten signature
  • Form 8879-F, IRS e-file Signature Authorization for Form 1041

Deviation from Handwritten Signature Requirement for Limited List of Tax Forms Memorandum

The forms to which this flexibility applies are listed below. These forms must be signed and postmarked on August 28, 2020, or later. Electronic and digital signatures appear in many forms when printed and may be created by many different technologies. No specific technology is required for these forms.

  • Form 11-C, Occupational Tax and Registration Return for Wagering.

  • Form 637, Application for Registration (For Certain Excise Tax Activities).

  • Form 706, U.S. Estate Tax Return.

  • Form 706-A, United States Additional Estate Tax Return.

  • Form 706-GS (D), Generation-Skipping Transfer Tax Return for Distributions.

  • Form 706-GS (D-1), Notification of Distribution from a Generation-Skipping Trust.

  • Form 706-GS (T), Generation-Skipping Transfer Tax Return for Terminations.

  • Form 706-QDT, U.S. Estate Tax Return for Qualified Domestic Trusts.

  • Form 706 SCHEDULE R-1, Generation-Skipping Transfer Tax.

  • Form 706-NA, U.S. Estate (and Generation-Skipping Transfer) Tax Return.

  • Form 709, United States Gift (and Generation-Skipping Transfer) Tax Return.

  • Form 730, Monthly Tax Return for Wagers.

  • Form 1042, Annual Withholding Tax Return for U.S. Source Income of Foreign Persons.

  • Form 1066, U.S. Real Estate Mortgage Investment Conduit (REMIC) Income Tax Return.

  • Form 1120-C, U.S. Income Tax Return for Cooperative Associations.

  • Form 1120-FSC, U.S. Income Tax Return of a Foreign Sales Corporation.

  • Form 1120-H, U.S. Income Tax Return for Homeowners Associations.

  • Form 1120-IC DISC, Interest Charge Domestic International Sales – Corporation Return.

  • Form 1120-L, U.S. Life Insurance Company Income Tax Return.

  • Form 1120-ND, Return for Nuclear Decommissioning Funds and Certain Related Persons.

  • Form 1120-PC, U.S. Property and Casualty Insurance Company Income Tax Return.

  • Form 1120-REIT, U.S. Income Tax Return for Real Estate Investment Trusts.

  • Form 1120-RIC, U.S. Income Tax Return for Regulated Investment Companies.

  • Form 1120-SF, U.S. Income Tax Return for Settlement Funds (Under Section 468B).

  • Form 1127, Application for Extension of Time for Payment of Tax Due to Undue Hardship.

  • Form 1128, Application to Adopt, Change or Retain a Tax Year.

  • Form 2678, Employer/Payer Appointment of Agent.

  • Form 3115, Application for Change in Accounting Method.

  • Form 3520, Annual Return to Report Transactions with Foreign Trusts and Receipt of Certain Foreign Gifts.

  • Form 3520-A, Annual Return of Foreign Trust with a U.S. Owner.

  • Form 4421, Declaration – Executor’s Commissions and Attorney’s Fees.

  • Form 4768, Application for Extension of Time to File a Return and/or Pay U.S. Estate (and Generation-Skipping Transfer) Taxes.

  • Form 8038, Information Return for Tax-Exempt Private Activity Bond Issues.

  • Form 8038-G, Information Return for Government Purpose Tax-Exempt Bond Issues.

  • Form 8038-GC; Information Return for Small Tax-Exempt Governmental Bond Issues, Leases, and Installment Sales.

  • Form 8283, Noncash Charitable Contributions.

  • Form 8453 series, Form 8878 series, and Form 8879 series regarding IRS e-file Signature Authorization Forms.

  • Form 8802, Application for United States Residency Certification.

  • Form 8832, Entity Classification Election.

  • Form 8971, Information Regarding Beneficiaries Acquiring Property from a Decedent.

  • Form 8973, Certified Professional Employer Organization/Customer Reporting Agreement.

  • Elections made pursuant to Internal Revenue Code Section 83(b).

Glossary and Acronyms

The following table contains key terms, acronyms and definitions used in this IRM.

Term Definition
Alternative Signature A signature other than original, handwritten signature affixed on the relevant document, including:
  • Electronic signatures

  • Personal Identification Numbers

  • Passwords

  • Signature stamps

  • Faxed copies of signatures

  • Photocopies of signatures

  • Signature documents such as Form 8879, IRS e-Signature Authorization

Authentication The process of establishing or confirming that someone is the previously identified person they claim to be.
BOD Business Operating Division
Compliant e-Signature An electronic signature which meets the five core requirements outlined in IRM 10.10.1.3.1, Requirements for Legally Binding Electronic Signatures:
  • Acceptable forms of electronic signature

  • Intent to sign the electronic record

  • Attachment or association of the electronic signature with the electronic record

  • Identifying and authenticating the signer

  • Preserving the integrity of the signed electronic record

Digital Signature A type of electronic signature that uses advanced features and encryption to validate the authenticity and validity of an electronic record.
Digitalization The process of converting (i.e., scanning) original source materials in analog, or physical format (e.g., paper) to an electronic or digital format of the record. The digitalization process includes planning, assessing, preparing, digitizing, documenting metadata, running quality control checks, validating, storing and managing the digitized records.
Digitized Signature A digitized image of a handwritten signature.
DIRA Digital Identity Risk Assessment
EEFax Enterprise Electronic Fax
Electronic Record A record created, generated, sent, communicated, or stored by electronic means.
Electronic Signature Pad An electronic device with a touch sensitive screen that allows users to acquire and register a signature, or any other physical signature capture device that captures and converts a signature into an electronic format.
Electronic Signing Process The overall set of actions, steps, and elements used to create a valid and enforceable electronic signature. It includes:
  • The application to an electronic record of a form of signature (i.e., the sound, symbol, or process) to be used as the electronic signature.

  • One or more processes or security procedures to address the other signature requirements identified in IRM 10.10.1.3.1.4, Identifying and Authenticating the Signer.

Electronic Transaction The transfer of one or several documents between an external customer and the IRS using computer- mediated networks.
E-SIGN Electronic Signatures in Global and National Commerce Act
FOD Functional Operating Division
GPEA Government Paperwork Elimination Act
IA Identity Assurance
Identity Proofing The process of providing sufficient information (e.g., identity history, credentials, documents) to establish an identity.
IRC Internal Revenue Code
IRS Document Any return, statement, or other document made under any provision of the Internal Revenue Code, published guidance, publications, forms, instructions, online applications, or on the IRS website.
NCCUSL National Conference of Commissioners on Uniform State Laws
NIST National Institute of Standards and Technology
OMB Office of Management and Budget
Password A secret word or string of characters that is used for authentication, to prove identity, or gain access to a resource.
PGLD Privacy, Governmental Liaison and Disclosure
Stylus Device A device used on a display screen to input commands or handwritten text.
UESFOT Use of Electronic Signatures in Federal Organization Transactions
UETA Uniform Electronic Transactions Act