Share this article:

When a governing body signs a board document, that signature is the official record of a decision. It needs to be clear, accurate, and traceable to the right person.

As public sector organisations are moving to digital board operations, electronic signing is now common practice. But a digital signature only works if you can confirm who signed it. That is where identity authentication comes in.

What is identity authentication?

Identity authentication checks who someone is before they can sign a document. In the past, a witness or a handwritten signature was enough. In a digital environment, boards need a more deliberate approach.

Before a board member applies a digital signature, an authentication method confirms their identity. Common methods include a one-time passcode sent to a registered device or an app-based check. Multi-factor authentication (MFA) combines two or more of these steps. MFA makes it much harder for anyone to gain access without permission.

The method you choose affects how strong the signature record is. A basic electronic signature with no verification offers little protection. A signature backed by MFA produces a record that stands up to scrutiny.

Why it matters for good governance

Good governance means decisions are documented, attributed, and traceable. This applies to any governing body, whether it operates in the public sector or among private companies.

For public sector boards, the Nolan Principles of Standards in Public Life require holders of public office to be accountable and open. For company directors in the private sector, the UK Corporate Governance Code and the Companies Act set the same expectations.

When a board member’s identity is verified before they sign, the record is stronger. You can see who approved a decision, when they did, and how their identity was confirmed. This creates documentation that supports effective board oversight.

Identity authentication also supports risk management. Boards that cannot show proper authorisation of decisions are open to regulatory scrutiny or legal challenge. Authentication changes that.

Protecting against fraud

A board document signed without proper identity verification is more vulnerable than it looks. If a portal uses a password alone, a stolen or shared credential is enough for someone to gain access and sign on another person’s behalf.

MFA removes that risk. Even if someone obtains login credentials, they cannot complete the signing step without the second verification. For boards that authorise significant public spending, this protection is essential.

Conflicts of interest are another consideration. When board members declare interests and step back from certain votes, the signing record needs to reflect exactly who approved a document. Clear authentication makes that record unambiguous.

The audit trail benefit

Electronic signatures are legally recognised in the UK under the Electronic Communications Act 2000 and UK eIDAS, which is the retained version of the European Union eIDAS Regulation. English courts treat electronic signatures as binding where an intention to authenticate can be shown.

Authentication creates a detailed signing record. When a board member signs following a verified authentication step, the system logs the authentication method used, the time and date, and the device involved.

This results in a timestamped record that goes further than a scanned signature page. For public sector organisations, this supports the governance statement required in annual resource accounts. For private companies, it provides clear evidence of board decision-making if a dispute or review arises.

Identity authentication for central government departments and executive agencies

Central government departments and executive agencies follow the code of good practice for corporate governance in central government departments, issued jointly by HM Treasury and the Cabinet Office. This requires a governance statement in annual resource accounts and clear accountability through the accounting officer structure.

Authenticated e-signing helps governance professionals show that board decisions followed proper process and that board members were correctly identified at every stage.

Identity authentication for local government and combined authorities in England

Central government departments and executive agencies follow the code of good practice for corporate governance in central government departments, issued jointly by HM Treasury and the Cabinet Office. This requires a governance statement in annual resource accounts and clear accountability through the accounting officer structure.

Authenticated e-signing helps governance professionals show that board decisions followed proper process and that board members were correctly identified at every stage.

Conclusion

Identity authentication before e-signing is a practical step toward better public sector governance. It supports accountability, builds a reliable audit trail, reduces fraud risk, and gives digital signatures the legal weight they need.

Choosing board technology with built-in authentication is one of the simplest things a governing body can do to support more effective board management.

How Convene supports public sector board e-signing

Convene is a board portal used by governance professionals across the UK public sector, including NHS organisations, local authorities, and arm’s length bodies. The platform builds identity verification into the e-signing workflow and produces a detailed authentication record for every signature.

To see how Convene can support your board’s e-signing process, book a demo with the team today.

FAQs

What does Convene Board Portal audit trail record?

Convene Board Portal automatically logs every action taken within the platform, including board pack access, document downloads, annotations, votes and resolution approvals. Every entry records the user role and the date and time of the action in real time. Governance professionals and company secretaries can access this audit log at any time without any manual input from their team.

How does Convene Board Portal help governance professionals meet regulatory requirements?

Convene Board Portal gives governance professionals and company secretaries a secure, auditable record of all board activity. This supports regulatory requirements across the UK public and voluntary sectors. Whether your organisation is preparing for an inspection from the Regulator of Social Housing, responding to the Office for Students or evidencing compliance for the Charity Commission, Convene’s audit log holds the information your team needs, already structured and ready to produce.

How secure is Convene Board Portal?

Convene Board Portal uses AES 256-bit encryption and role-based access control to protect sensitive governance documents, financial reports and board resolutions. The platform is ISO 27001 certified, hosted on AWS and fully compliant with UK GDPR. This makes Convene a trusted board portal for NHS trusts, housing associations, universities, charities and public sector organisations across the UK.


Share this article:

Aika Cabales
Aika Cabales

  • Connect:
  • Email Account

Subscribe to the Convene blog

Get regular updates on Governance and Digital Transformation!

(+44) *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.