Electronic signature for banking: MIF II, DSP2, and KYC 2026 compliance

The banking sector is one of the most regulated in Europe regarding electronic signature and consumer protection. A bank, neo-bank or fintech wishing to digitalise its signature processes (account opening, mortgage credit, consumer credit, account agreement, SEPA mandate) must simultaneously comply with four regulatory frameworks:

• MIF II (Markets in Financial Instruments Directive II, applicable since 2018): requires the preservation of conversations prior to any financial instrument proposal and justification of advice given. The electronic signature of an investment contract must be traceable to these recordings.

• DSP2 (Payment Services Directive 2, transposed into French law in 2018): requires strong authentication (SCA — Strong Customer Authentication) for payment operations and account access. The AES and QES levels of eIDAS are compatible with SCA, SES is not.

• AML / KYC (anti-money laundering, Monetary and Financial Code art. L561-1 et seq.): requires verification of customer identity (face-to-face or equivalent), retention of documents for 5 years after the end of the relationship, and TRACFIN reporting in case of suspicion. Video identification has been explicitly authorised by the ACPR since 2017 and is compatible with AES signature.

• GDPR + banking secrecy: combination of the European regulation on personal data and French banking secrecy (Monetary Code art. L511-33). All processing must be documented, subcontractors governed by DPA, and financial data encrypted at rest and in transit.

This article details the eIDAS signature levels suitable for each banking use case, specific obligations for different products (account, credit, life insurance), and the procedure for integration into a customer journey compliant with supervisory requirements (ACPR for banking, AMF for financial instruments).

A particularly regulated sector

Banks and fintechs handle documents subject to the strictest traceability and identification requirements on the market: account opening, credit, SEPA mandate, various authorisations. Electronic signature has become a standard here, with specific KYC requirements.

Commonly signed documents

• Account opening (account agreement, terms and conditions)

• Credit offer (mortgage, consumer, professional)

• SEPA mandate (standing order)

• Savings contracts (savings accounts, PEL, CEL)

• Online operations (transfer, change of RIB, account closure)

• Banking proxies

• Professional agreements (lease, factoring)

Recommended level

• Account opening: AES minimum, often video KYC in addition

• Mortgage credit: AES mandatory, QES for certain notarial formalities

• SEPA mandate: SES may suffice, AES recommended

ACPR and AML/CFT compliance

Banks are subject to AML/CFT regulations (anti-money laundering) which impose enhanced KYC:

• identity document verification

• liveness test

• cross-checking with sanctions databases (PEP, EU, OFAC)

• retention of documents 10 years

Electronic signature must integrate with the KYC process without degrading customer experience.

Benefits

• 100% online account opening in 10 minutes

• Credit granted quickly: offer signed within 24 hours instead of 2 weeks

• Reduction in operational costs: no registered mail, no physical filing

• Audit compliance: complete traceable records exportable

Common mistakes

• Neglecting the liveness test in KYC

• Failing to archive identity documents in compliance with GDPR

• Using a platform outside the EU for sensitive data

• Losing traceability in case of change of service provider

Concrete case: neo-bank

A neo-bank opens 500 accounts per day. 100% digital journey:

• Entry of personal information

• Upload identity document + proof of residence

• Liveness test (dynamic selfie)

• Cross-checking with sanctions databases

• Signature of account agreement + SEPA mandate in AES

• Card sent within 48 hours

Average subscription time: 8 minutes. Abandonment rate: <15%.

How Certyneo helps you

Certyneo offers a solution for banks and fintechs: AES by default, complete video KYC integration (identity document OCR, liveness, sanctions), ACPR and AML/CFT compliance, 100% EU hosting without Cloud Act dependency, 10-year archival, webhooks for IT system integration.

Discover the Certyneo electronic signature solution

FAQ

Can a credit offer signature be in SES?

No, AES minimum. The Consumer Code requires strong identification.

Does the withdrawal period apply?

Yes, 14 days for consumer credit, 10 days for mortgage credit (from receipt of the offer).

Can minors open an account electronically?

With co-signature of the legal representative.

Retention period?

10 years for banking documents, 30 years for certain deeds.

Does signature protect against fraud?

It significantly reduces risks through strong authentication, without eliminating them. Vigilance against fraud (phishing, KYC deepfake) remains necessary.

Conclusion

Electronic signature is a pillar of digital banking: fast subscription, smooth KYC, native ACPR compliance. Banks that master it dominate customer acquisition.

Try Certyneo to send, sign and track your documents online simply, quickly and securely.