SEC / NASD / FINRA
The Securities and Exchange Commission (SEC) Rules focus on dictating electronic transaction record and business data preservation, emphasizing on Email communication. How and where the data is stored and indexed as well as an audit system to track results. The rules, specifically 17a-3 and 17a-4 are structured in a way to protect investors from misrepresentation and fraud via electronic communications. National Association of Securities dealers (NASD) Conduct Rule 3110 and New York Stock Exchange (NYSE) Rule 440 (pdf) cross reference the SEC 17a-3 and 17a-4 Rules and focus on format, medium and retention periods. There is a strong emphasis on having a 3rd party involved to ensure compliance and address any conflict of interest issues. The rules are in play to all persons engaged in the trading of securities or acting as a broker, including Broker-Dealer firms and registered representatives that are subject to SEC, NASD and/or NYSE jurisdictions. As the rules were in effect as of May 2003, the resources have been shifting now to the small and medium Broker-Dealers.
How UbiStor Can Help
UbiStor helps organizations address these SEC and NASD Rules without the need for additional equipment or services such as tape libraries, media and off-site media with the following solutions:
MailStor® – Email Archiving
MailStor Enterprise® – Private Vaulting for Email Archiving and eDiscovery
SafeStor Enterprise® – Private Vaulting for Online Data Backup and Recovery
Storing electronic communication records with UbiStor’s online email archive solution gives organizations the confidence in knowing that this specific business data is secure, off-site, compliant and yet quickly accessible. Electronically transporting records using industry-standard encryption to off-site secure locations (Link to data center page) where the data remains encrypted minimizes the chance of any unethical access or destruction of data. Robust functionality for Email management for inbound and outbound communication can be tightly configured to better protect your organization. Reporting for auditing and investigation is uncomplicated and facilitates efficient and complete results.
UbiStor’s online email archive solution can help traders, brokers and others neighboring in such activities adhere to SEC/NASD Rules and Regulations by:
- Storing data at highly secure, off-site locations
- Ensuring that critical records are retained and communications remain encrypted
- Utilizing disk-to-disk medium
- Providing storing, monitoring, archiving and reporting for Email and instant messages.
Email Archive - SEC and FINRA Compliance
Driven by the needs for email archiving compliance with increasingly stringent federal laws and industry compliance regulations, the need to invest strategically in email archiving storage technology is becoming more undeniable and urgent every day. Within financial services, keeping up with new SEC and FINRA compliance requirements, multiple sets of new rules imposed under the Dodd-Frank Wall Street Reform Act, and international requirements such as the EU Data Privacy Directive has become a business challenge. Achieving SEC and FINRA email archiving compliance with inflexible legacy solutions has become an increasingly difficult task.
Email Archive for SEC and FINRA Compliance Users Key Capabilities:
Supervision Email Archive for Compliance: SafeStor Enterprise Archive makes it easy to meet even the most stringent regulatory compliance demands by archiving email according to FINRA and SEC-compliant policies. Robust supervision review features allow organizations to automate review processes, thus enabling greater productivity of compliance staff and improving effectiveness in identifying and routing potential compliance policy violations that require further review or escalation. Self-service search and near real-time email retrieval significantly improves the efficiency of the compliance audit process.
Compliant Storage Infrastructure: SafeStor Enterprise Archive provides a secure, tamper-proof email archiving storage infrastructure configured as needed with geographically distributed data centers, ensuring compliance and that the information is available in the event of service disruption to either location. SafeStor Enterprise also provides redundant data storage in geographically distributed datacenters that meets all conditions set forth in SEC Rule 17a-4.
Simplify Compliance with Evolving Regulatory Requirements: SafeStor Enterprise Archive provides flexibility to help your compliance team create, maintain, and enforce compliance policies, directly from a browser-based interface. SafeStor Enterprise Archive provides the ability to define granular retention policies based upon classes of users, records management-defined categories of content or specific geographic market requirements. SafeStor Enterprise Archive’s policy engine provides the flexibility to easily modify email archiving compliance policies as compliance requirements change, and as internal retention strategies evolve over time.
Single, Unified Repository for Search, Review, and Discovery: Unlike other supervisory email archiving compliance tools that require separate interfaces or data repositories, SafeStor Enterprise Archive provides a single, unified archive that allows compliance teams to identify and review items that may exist beyond their existing review processes. Providing seamless access to the entire contents of the email storage archive for multiple users creates greater information leverage, and eliminates the challenge of searching across multiple archives. SafeStor Enterprise Archive for Compliance users provides a unique ability to index both online and offline data, delivering the next generation of data protection and compliance.
SEC/NASD contains the rules pertinent to managing electronic communication data records:
- Preserve electronic records of transactions and general securities business (inbound, internal, outbound)
- Store in non-rewriteable and non-erasable media, the quality of which must be verifiable
- Store original and duplicate copies in separate locations
- Create and store indexes of the electronic records
- Have an auditing system in place and store audit results for all electronic records
- Retain for retention periods from 3 to 6 years, having the most recent 2 years in a easily retrievable location
- Appoint an independent third party to access and download a firm’s electronic records upon request
Complete SEC Rule 17 (pdf)
- Preserve all electronic communication between client and firm
- Preserve applicable Email records in compliance with NASD/NYSE rules and with SEC Rules 17a-3 and 17a-4
- Preserve any electronic sales literature, advertisements and correspondences to the public
Complete NASD Rule 3110 (pdf)