By April, new guidelines are expected from the Office of the Comptroller of the Currency for national banks entering the digital certification business.
The OCC wants to address the risks inherent in what many think is a potentially lucrative new business for banks: certifying the identity of participants in Internet transactions.
Compliance would be voluntary, but examiners will expect an explanation if banks stray from the guidelines.
In an interview this week, Clifford A. Wilke, the OCC's director of bank technology, said the agency wants banks to take advantage of developing technologies without jeopardizing their financial health. The agency has a "responsibility to maintain safety and soundness, but I don't want to restrict the marketplace," he said.
A pioneering, bank-affiliated participant in the digital signature business said the guidelines are a good idea.
"We think it's necessary," said Scott Lowry, president and chief executive officer of Digital Signature Trust Co., a subsidiary of Zions First National Bank of Salt Lake City. "I don't think they'll be Draconian."
Mr. Lowry said the Comptroller's Office has a responsibility to understand the issue and "make sure some banks aren't running off half- cocked."
Certification is roughly analogous to notarizing a document. A derivative of data encryption technology, it also ensures privacy by assuring that only authorized parties can see a transaction.
Banks, which have long provided notarizations, signature verifications, and other safekeeping services, see digital certificates as a logical next step in electronic commerce. Banks "are probably the only guys out there who, through the regulatory process, are required to know our customers," Mr. Lowry said.
In January 1998, Digital Signature Trust, known as DST, became the first bank operating subsidiary permitted to offer cybercertification. In September, it was chosen to be lead technology supplier to the American Bankers Association's new digital certificate subsidiary, ABAecom.
ABAecom is offering the services of a certificate authority-the issuer and manager of credentials-to banks and other financial service companies, which in turn could sell certification to customers.
Thomas J. Greco, president of ABAecom, likened the business to the ABA's existing practice of administering routing and registration numbers for check and securities clearing.
In another sign of banks' entry into the field, affiliates of Citigroup, Chase Manhattan Corp., BankAmerica Corp., and Bankers Trust Corp. are co- owners of a multinational venture announced last year and known informally as the global trust organization.
"The question is going to become, what role do banks play?" said Thomas P. Vartanian, managing partner of the Washington office of the Fried, Frank, Harris, Shriver & Jacobson law firm. .. the nonfinancial planners can reach the customer directly and circumvent the need for banks."He said nonbank competitors could "circumvent the need for banks."
Mr. Wilke is also working on guidelines for on-line and Internet banking, also due out this year. He took over the OCC's technology supervision division in August, succeeding Mark L. O'Dell, who was promoted to director of year-2000 supervision.
Mr. Wilke, 40, came to the agency after working on alternative payment systems for Mobil Oil Credit Corp., including the SpeedPass, which lets customers pay by waving a small transponder device near the pump.