How to verify a counterparty’s signature on a document and what to keep for verification

Electronic documents are signed quickly today: an act or contract can be received, signed, and recorded within minutes. But before accepting a document for processing, it’s important to make sure the counterparty’s electronic signature is valid.

Signature validity is usually checked by an accountant, lawyer, or EDM administrator. These roles are responsible for ensuring the document can be safely used in accounting or contractual work.

The check takes 1–2 minutes, but it helps avoid issues during audits or disputes. If the signature turns out to be invalid or applied by an unauthorized person, the document may be rejected in accounting, expenses may not be confirmed, and the contract may be challenged.

In this article, we’ll cover:

• how to verify signatures in different document formats (PDF and p7s);
• what to do if the signature was applied by an unauthorized person;
• which files should be stored with the document to confirm the signature during an audit.

What exactly to verify in a counterparty’s electronic signature

In practice, checking a signature is much simpler than it may seem. There are a few key things to verify every time:

1️⃣ Who exactly signed the document

Full name of the signer, company name, and company registration code. This must match your counterparty — not another legal entity and not an unrelated individual.

In practice, mistakes happen more often than expected: a document may be signed by an accountant, manager, or another person without signing authority.

2️⃣ Whether this person has signing authority

Even if the signature belongs to the correct company, it’s important to confirm whether this specific person has the right to sign.

Typically, this is:

• a director;
• an authorized representative under a power of attorney;
• a signer appointed by an internal order.

If it’s not the director, you should verify a document confirming their authority — a power of attorney, internal order, or similar.

3️⃣ When the signature was applied

The date and time of signing matter. This is important for reporting periods, deadlines, and disputes where you need to prove the document was signed on time.

4️⃣ Whether the document was changed after signing

An electronic signature is tied to a specific file. If the document is modified even slightly after signing, the signature becomes invalid. So it’s important to make sure the file you’re viewing is exactly the one that was signed.

5️⃣ Signature chain

If multiple parties sign the document, you need to see the full picture: who signed, in what order, and whether all parties have signed.

A common situation: one party has already signed, while the other hasn’t, but the document is already being processed.

For example, the supplier has signed, but the buyer hasn’t — in this case, the document cannot be considered fully agreed.

This checklist allows you to quickly and confidently verify a counterparty’s QES without unnecessary steps.

Where and how to verify a counterparty’s signature on a document

Once you understand what to check, the next question is where to do it. The verification method depends on the document format.

🔍 How to verify an electronic signature in a PDF

If the signature is embedded in a PDF, most services display its status immediately. In particular, in Vchasno.EDM and when verifying via Vchasno.QES, you can see:

• whether the signature is valid;
• who signed the document;
• the signing time;
• whether the certificate was valid.

This makes it easy to determine whether the document can be safely accepted into accounting.

The first thing to check: whether there is a warning that the document was modified after signing. If the file was changed, the signature is considered invalid. The document must be re-approved and signed again.

🔑 How to verify a p7s signature

The p7s format means the signature is stored as a separate file. To verify it, you need both the document and the signature file.

This format is often used when exchanging documents via email or government services, so it’s important to keep both files together.

A common mistake is verifying the p7s file without checking which document it is linked to.

🌐 How to verify a QES online without additional software

In many cases, you can verify a QES online without installing separate software — via web services or EDM systems. This is especially convenient for accountants handling a large volume of documents.

For example, in Vchasno.EDM, signature verification is performed directly in the document interface: you can see who signed the file with a QES, when it happened, whether the certificate was valid, and whether the document was modified after signing.

The signature chain and statuses are stored with the document, so verification results are not lost and can easily be used as evidence during audits or inspections.

What to do if the signature belongs to the wrong person

A common situation: the document was accepted, but later it turns out it was signed by an unauthorized person.

What to do:

• first, do not accept the document into accounting without clarification;
• request confirmation of authority or re-signing;
• keep confirmation from the counterparty if the issue was resolved via email or messenger.

⚠️ What to do if the QES certificate has expired

An expired certificate is one of the most common audit concerns.

However, it’s important to understand: what matters is the certificate’s status at the time of signing.

If the certificate was valid at the time of signing but expired later, the signature remains valid. If it was already expired at the time of signing, the signature may technically exist but will be invalid and fail verification.

In this case, the certificate must be renewed and the document re-signed.

What to keep for verification: the minimum “evidence package”

In practice, during audits no one asks whether you checked the signature. They ask what proof you have. That’s why it’s important to define in advance the minimum set of materials stored with the document.

• The original signed electronic document — the exact file that was signed and recorded in accounting. This is the baseline for any verification.
• The signature file or container, if the signature is stored separately. Without it, it’s difficult to prove correctness, especially months later.
• The signature verification result (screen, tab, or report): who signed the document, date and time, and signature status (valid / invalid). This is what auditors most often request.
• The document ID in the EDM system, if signing or exchange was done via an electronic document management system. It helps quickly locate the document and all related actions.
  The signature log or history, if available: who signed, when, and in what sequence.

Common mistakes and how to avoid them

In practice, the same issues tend to repeat:

• a document is accepted into accounting, but later it turns out it was signed by an unauthorized person, requiring clarification or re-signing;
• the file was modified after signing, making the signature invalid and the document problematic;
• files or signatures are mixed up, especially with large volumes of incoming documents;
• the signature verification result is not saved, so during an audit the events have to be reconstructed retroactively.

In all these cases, the issue is not the signature itself, but the document workflow.

When a company does not have a clear process for verification and storage, these errors become systemic and repeat over time.

Conclusion

Verifying a counterparty’s electronic signature takes only a few minutes but helps avoid many disputes. It is enough to confirm who signed the document, whether the certificate was valid at the time of signing, and whether the file was modified afterward.

If you store the verification result and signing history together with the document, your company will always have proof of proper electronic document management.

Vchasno.QES and Vchasno.EDM allow you to verify signatures, store signing history, and work with documents in a way that ensures all necessary evidence is always available.