Electronic signature for banking: MIF II, DSP2, and KYC 2026 compliance

The banking sector is one of Europe's most regulated when it comes to electronic signatures and consumer protection. A bank, neobank or fintech wishing to digitise its signature workflows (account opening, mortgage credit, consumer credit, account agreement, SEPA mandate) must simultaneously comply with four regulatory frameworks:

• MIF II (Markets in Financial Instruments Directive II, applicable since 2018): requires preservation of conversations prior to any financial instrument proposal and justification of advice given. The electronic signature of an investment contract must be traceable to these recordings.

• DSP2 (Directive on Payment Services 2, transposed into French law in 2018): requires strong authentication (SCA — Strong Customer Authentication) for payment operations and account access. The AES and QES levels of eIDAS are SCA-compatible; SES is not.

• AML / KYC (anti-money laundering, Monetary and Financial Code art. L561-1 et seq.): requires customer identity verification (face-to-face or equivalent), preservation of supporting documents for 5 years after the end of the relationship, and TRACFIN declaration in case of suspicion. Video identification has been explicitly authorised by the ACPR since 2017 and is compatible with AES signature.

• GDPR + banking secrecy: combination of the European personal data regulation and French banking secrecy (Monetary Code art. L511-33). All processing must be documented, sub-processors governed by DPA, and financial data encrypted at rest and in transit.

This article details the eIDAS signature levels suited to each banking use case, the specific obligations for different products (account, credit, life insurance), and the integration procedure in a customer journey compliant with supervisory requirements (ACPR for banking, AMF for financial instruments).

A particularly regulated sector

Banks and fintechs handle documents subject to some of the market's strictest traceability and identification requirements: account opening, credit, SEPA mandate, various authorisations. Electronic signature has become a standard, with specific KYC requirements.

Commonly signed documents

• Account opening (account agreement, T&C)

• Credit offer (mortgage, consumer, professional)

• SEPA mandate (direct debit)

• Savings contracts (savings accounts, PEL, CEL)

• Online operations (transfer, RIB change, account closure)

• Banking proxies

• Professional agreements (leasing, factoring)

Recommended level

• Account opening: AES minimum, often video KYC as additional measure

• Mortgage credit: AES mandatory, QES for certain notarial formalities

• SEPA mandate: SES may suffice, AES recommended

ACPR and AML/CFT compliance

Banks are subject to AML/CFT regulations (anti-money laundering and combating the financing of terrorism) which impose enhanced KYC:

• identity document verification

• liveness test

• cross-checking against sanctions lists (PEP, EU, OFAC)

• document retention for 10 years

Electronic signature must integrate with the KYC journey without degrading customer experience.

Benefits

• 100% online account opening in 10 minutes

• Credit approved quickly: offer signed in 24 hours instead of 2 weeks

• Reduction in operating costs: no registered mail, no physical filing

• Audit compliance: complete exportable traceability

Common mistakes

• Neglecting liveness test in KYC

• Failing to archive identity documents in compliance with GDPR

• Using a platform outside the EU for sensitive data

• Losing traceability when changing service provider

Concrete example: neobank

A neobank opens 500 accounts per day. 100% digital journey:

• Entry of personal information

• Upload identity document + proof of address

• Liveness test (dynamic selfie)

• Cross-checking against sanctions lists

• Signature of account agreement + SEPA mandate in AES

• Card sent within 48 hours

Average subscription time: 8 minutes. Abandonment rate: <15%.

How Certyneo helps you

Certyneo offers a solution for banks and fintechs: AES by default, complete video KYC integration (ID OCR, liveness, sanctions), ACPR and AML/CFT compliance, 100% EU hosting with no Cloud Act dependency, 10-year archiving, webhooks for IT integration.

Discover Certyneo's electronic signature solution

FAQ

Can the signature of a credit offer be in SES?

No, AES minimum. The Consumer Code requires strong identification.

Does the withdrawal period apply?

Yes, 14 days for consumer credit, 10 days for mortgage credit (from receipt of the offer).

Can minors open an account electronically?

With co-signature of the legal representative.

Retention period?

10 years for banking documents, 30 years for certain deeds.

Does the signature protect against fraud?

It significantly reduces risks through strong authentication without eliminating them. Vigilance against fraud (phishing, KYC deepfake) remains necessary.

Conclusion

Electronic signature is a pillar of digital banking: quick subscription, seamless KYC, native ACPR compliance. Banks that master it dominate customer acquisition.

Try Certyneo to send, sign and track your documents online simply, quickly and securely.