White Paper: Financial Services Compliance



Similar documents
orldox GX3 Cloud for Financial Services Worldox GX3 Cloud Compliance Outline The Best of both Worlds. / Whenever. Wherever.

The ComplianceVault Archiving & Retrieval Appliance and the SEC a-4 Requirements

Top Technology Challenges Thursday, May 28 3:00 p.m. 4:00 p.m.

RECORDS TO BE PRESERVED BY CERTAIN EXCHANGE MEMBERS, BROKERS AND DEALERS SEA Rule 17a-4

MICROSOFT EXCHANGE ONLINE ARCHIVING, DATA RETENTION AND RULE 17A-4 COMPLIANCE DATE: SEPTEMBER 22, 2015

HP StorageWorks Reference Information Storage System Designed to Assist Financial Services Organizations Comply with Retention Requirements

Assessment of Hitachi Data Systems (HDS) Hitachi Content Platform (HCP) For Dodd-Frank Compliance

Abstract. SEC 17a-4(f) Compliance Assessment. Technical Report. Prepared by Cohasset Associates, Inc.

ELECTRONIC RECORD AND SIGNATURE COMPLIANCE. NASD Rules 3010(d) and 3110(c)(1)(C) SEC Rule 17a-4 15 USC 7001 et. seq. (E-SIGN)

iternity icas Solution

SPOTLIGHT ON. Advisors Recordkeeping Obligations

WHITEPAPER. The Companion Guide to FINRA/SEC Social Networking Compliance

How To Preserve Records In A Financial Institution

Compliance Solutions FOR BROKER-DEALERS. Archiving the financial services world. message archive search message archive search message archive search

NASAA Recordkeeping Requirements For Investment Advisers Model Rule 203(a)-2 Adopted 9/3/87, amended 5/3/99, 4/18/04, 9/11/05; Amended 9/11/2011

Financial Advisor Focus White Paper. How Digital Document Management Solutions Support Compliance

18 NCAC 06A.1706 RECORD-KEEPING REQUIREMENTS FOR INVESTMENT ADVISERS (a) Except as otherwise provided in Paragraph (j) of this Rule, every investment

Record Keeping and Call Recording for Dodd-Frank. A guide to regulatory compliance

How To Use Egnyte

Rackspace Archiving Compliance Overview

UNCLASSIFIED. Message Archiver Service Description

Full Compliance Contents

39C-1 Records Management Program 39C-3

REVENUE REGULATIONS NO issued on December 29, 2009 defines the requirements, obligations and responsibilities imposed on taxpayers for the

Union County. Electronic Records and Document Imaging Policy

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

Nova Southeastern University Standard Operating Procedure for GCP. Title: Electronic Source Documents for Clinical Research Study Version # 1

Egnyte Cloud File Server. White Paper

DeltaV Capabilities for Electronic Records Management

EMC White Paper EMC Xtender Provides Records Management for Microsoft Exchange Server 2003

InfoCenter Suite and the FDA s 21 CFR part 11 Electronic Records; Electronic Signatures

21 CFR Part 11 Compliance Using STATISTICA

GREATER TEXAS FEDERAL CREDIT UNION RECORDS PRESERVATION PROGRAM

Electronic records and electronic signatures in the regulated environment of the pharmaceutical and medical device industries

Business System Recordkeeping Assessment - Digital Recordkeeping Compliance

InstaFile. Complete Document management System

TREENO ELECTRONIC DOCUMENT MANAGEMENT. Administration Guide

NASAA Investment Adviser Representative Definition Model Rule USA (16) Adopted 9/17/2008

PERFORMANCE EVALUATION AUDIT CHECKLIST EXAMPLE. EIIP Volume VI

Management: A Guide For Harvard Administrators

User s Guide For Department of Facility Services

Tools to Aid in 21 CFR Part 11 Compliance with EZChrom Elite Chromatography Data System. White Paper. By Frank Tontala

-Archiving Regulatory Compliance for Small and Midsized Firms (SMBs)...a Whitepaper by Sony and Intradyn

Self-Assessment of eresearch Compliance with 21 CFR Part 11, Electronic Record; Electronic Signatures

Solutions. Investment Advisor (RIA) Compliance. for & IM Record Management. for & IM Record Management

Egnyte App for Android Quick Start Guide

REGULATIONS COMPLIANCE ASSESSMENT

Symantec Enterprise Vault.cloud Overview

Cloud Web Portal User Guide Version 2.0

How To Preserve Records In Mississippi

Managing Online and Offline Archives in Outlook

DeltaV Capabilities for Electronic Records Management

C2C ArchiveOne & Microsoft Exchange Server 2013

Fully-integrated marketing technology. solutions for Broker/Dealers and their. Representatives from the leaders in. Financial Services Marketing.

The United States Office Of Personnel Management eopf Human Resources Specialist Training Manual for eopf Version 4.0.

Notice to Members. Branch Office Registration. Executive Summary. Questions/Further Information

California State Board of Pharmacy and Medical Board of California

Computerized Systems Used in Medical Device Clinical Investigations

The Impact of 21 CFR Part 11 on Product Development

GCP INSPECTORS WORKING GROUP <DRAFT> REFLECTION PAPER ON EXPECTATIONS FOR ELECTRONIC SOURCE DOCUMENTS USED IN CLINICAL TRIALS

Veritas AdvisorMail. archiving, compliance, and ediscovery solution designed specifically for U.S. financial services companies

ELECTRONIC FILING STANDARDS IMPLEMENTING E-FILING PROGRAM FOURTH JUDICIAL CIRCUIT MARION COUNTY GENERAL

System Requirements for Archiving Electronic Records PROS 99/007 Specification 1. Public Record Office Victoria

Manual 074 Electronic Records and Electronic Signatures 1. Purpose

MHRA GMP Data Integrity Definitions and Guidance for Industry March 2015

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)

Oracle WebCenter Content

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

Investment Adviser Firms Filing Reports or Registering with the SEC FINRA Registration and Disclosure Department The IARD/PFRD Entitlement Process

For Mac User Directions, see page 5

MEMORANDUM. Memorandum No All Members, Members Organizations, Participants and Participant Organization

Compliance Solutions SEC REGULATED FIRMS. Archiving the financial services world. message archive search message archive search message archive search

RECOMMENDATION ON THE CONTENT OF THE TRIAL MASTER FILE AND ARCHIVING

USERS MANUAL FOR OWL A DOCUMENT REPOSITORY SYSTEM

Supplement to the Guidance for Electronic Data Capture in Clinical Trials

onesource workflow manager

Keepit starter guide

archiving, compliance, and ediscovery solution designed specifically for U.S. financial services companies.

POLICY ISSUES IN E-COMMERCE APPLICATIONS: ELECTRONIC RECORD AND SIGNATURE COMPLIANCE FDA 21 CFR 11 ALPHATRUST PRONTO ENTERPRISE PLATFORM

What does the First Mobile app do for me? What else can I do with the mobile banking app beyond the basics? Why should I use the mobile banking app?

Declaration of Conformity 21 CFR Part 11 SIMATIC WinCC flexible 2007

RETENTION BEST PRACTICE. Issue Date: April 20, Intent and Purpose:

21 CFR Part 11 Implementation Spectrum ES

Novell Filr. Windows Client

Guidance for Industry Computerized Systems Used in Clinical Investigations

How to Create a Broker Account

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Add the compliance and discovery benefits of records management to your business solutions. IBM Information Management software

Transcription:

www. e g n y t e. c o m White Paper: Financial Services Compliance SEC Rule 17a for Broker-Dealers SEC Rule 31a-2 and 204-2 for Investment Advisors www.egnyte.com 2011 Egnyte Inc. All rights reserved.

U.S. Security Exchange Commission - SEC 17a-3 and 17a-4 Recordkeeping Compliance for Broker-Dealers Every member, broker and dealer subject to Rule 17a-3 shall preserve for a period of not less than six years, the first two years in an easily accessible place, all records required to be made pursuant to paragraphs Rule 17a- 3(a)(1), (a)(2), (a)(3), (a)(5), (a)(21), (a)(22), and analogous records created pursuant to Rule 17a-3(f). The member, broker, or dealer must notify its examining authority designated pursuant to Section 17(d) of the Act prior to employing electronic storage media. 17a- 4(f)(2)(i) Preserve the records exclusively in a non-rewriteable, non-erasable format. (Write Once Ready Many (WORM) devices. 17a-4(f)(2)(ii)(A)). Documents can be stored and accessible in Egnyte for as long as needed. All documents and records are "easily accessible" for not only two years, but for the duration of their existence in Egnyte. Users locating records by navigating the folder hierarchy can accomplish easy accessibility, or by locating a client-centric folder through a powerful keyword, file name or tag search. This notification is the responsibility of the customer. This document can be forwarded to communicate Egnyte functionality. All files are stored on redundant RAID 6 storage filers. Only users with read/write/delete access can delete a file. The account administrator manages this access control. Policy based retention rules control when the deleted files are purged from the trash bin associated with each account. Additionally, Egnyte provides an audit log of all delete activity. Documents are stored in n+2 (with n+3 option) RAID 6 storage across two SAS 70 compliant data centers. Verify automatically the quality and accuracy of the storage media recording process. The intent of this rule is to provide some level of confidence that the record has actually been stored.(17a-4(f)(2)(ii)(b). Serialize the original and, if applicable, duplicate units of storage media, and timestamp for the required period of retention the information placed on such electronic storage media. 17a-4(f)(2)(ii)(C). Egnyte maintains versions of a document as it changes and also sends alerts when any file is changed. Also, as a file is being changed, the Egnyte system locks it to prevent another user from editing the file at the same time. Documents are stored in n+2 (with n+3 option) RAID 6 storage across two SAS 70 compliant data centers. All file changes are kept with an audit trail and information about who changed the file and the timestamp of the change. No data is purged unless explicitly deleted by an authorized user. www.egnyte.com 2011 Egnyte Inc. All rights reserved. 2

Compliance for Broker-Dealers Have the capacity to readily download indexes and records preserved on the electronic storage media to any medium acceptable under this paragraph (f) as required by the Commission or the self-regulatory organizations of which the member, broker, or dealer is a member. 17a-4(f)(2)(ii)(D). At all times have available, for examination by the staffs of the Commission and self-regulatory organizations of which it is a member, facilities for immediate, easily readable projection or production of micrographic media or electronic storage media images and for producing easily readable images. 17a-4(f)(3)(i) Be ready at all times to provide, and immediately provide, any facsimile enlargement which the staffs of the Commission, any self-regulatory organization of which it is a member, or any State securities regulator having jurisdiction over the member, broker or dealer may request. 17a-4(f)(3)(ii) Store separately from the original, a duplicate copy of the record stored on any medium acceptable under Rule 17a-4 for the time required. 17a-4(f)(3)(iii) Organize and index accurately all information maintained on both original and any duplicate storage media. 17a-4(f)(3)(iv)(A) At all times, a member, broker, or dealer must be able to have such indexes available for examination by the staffs of the Commission and the self-regulatory organizations of which the broker or dealer is a member. 17a-4(f)(3)(iv)(A). Each index must be duplicated and the duplicate copies must be stored separately from the original copy of the index. Original and duplicate indexes must be preserved for the time required for the indexed records. 17a-49f)(3)(iv)(A). All files are indexed in Egnyte and can be searched using keyword, partial file names or tags assigned to files. Files can be exported in a zipped format or copied on any magnetic media including providing an optional local copy of the file or all files on a direct attached storage device or network attached storage device. Customers can provide secure access to their files in Egnyte to any entity. Each such access is controlled by a specific username and password. All file access is recorded and is visible in the access history tab associated with each file. Egnyte provides web based access and direct desktop access to the files. A customer can provide both or one kind of access to the regulatory organizations, who in turn can print or fax the document from resources they have access to in their office. Also, Egnyte provides flash viewer for being able to open most files (around 500 file types). All files are maintained in n+2 (with n+3 option) RAID 6 storage across two data centers, which are both SAS 70 compliant. Essentially, three copies are maintained at all times. All files are automatically indexed and are searchable using keywords, partial file names or tags associated with a file. Search function returns results based on proximity of keywords, relevancy, etc. All files are automatically indexed and all actions by any user against the document are recorded providing an audit trail with a date and time stamp. The Commission staff can access this information at any time using the web-based access. An index, which allows the retrieval of the files, is automatically created in the Egnyte online storage. The index will exist as a long as the documents are available. All documents and records are mirrored to a second datacenter, and a second copy of the index is also automatically created. Both indexes and set of records are kept for as long as needed by the retention period. Egnyte uses a High Availability (HA) architecture for all layers of its infrastructure ensuring redundancy and protection against losing access to the records. www.egnyte.com 2011 Egnyte Inc. All rights reserved. 3

240 Retention Requirements 3 shall preserve for a period of not less than six years after the closing of any customer's account any account cards or records which relate to the terms and conditions with respect to the opening and maintenance of the account. 3 shall preserve during the life of the enterprise and of any successor enterprise all partnership articles or, in the case of a corporation, all articles of incorporation or charter, minute books and stock certificate books (or, in the case of any other form of legal entity, all records such as articles of organization or formation, and minute books used for a purpose similar to those recordsrequired for corporations or partnerships), all Forms BD ( 249.501 of this chapter), all Forms BDW ( 249.501a of this chapter), all amendments to these forms, all licenses or other documentation showing the registration of the member, broker or dealer with any securities regulatory authority. 3 shall maintain and preserve in an easily accessible place: All account record information required pursuant to 240.17a-3(a)(17) until at least six years after the earlier of the date the account was closed or the date on which the information was replaced or updated. 3 shall maintain and preserve in an easily accessible place: Each report which a securities regulatory authority has requested or required the member, broker or dealer to make and furnish to it pursuant to an order or settlement, and each securities regulatory authority examination report until three years after the date of the report. 3 shall maintain and preserve in an easily accessible place: All reports produced to review for unusual activity in customer accounts until eighteen months after the date the report was generated. Written advertisement never released to the public must also be kept, and made available to SSR. Customers must keep all compliance, supervisory, and procedures manuals, including any written procedures for reviewing communications. Each Egnyte customer can maintain records indefinitely. Egnyte does no automatic purging unless specified by the customer's data retention policy. Even that is applicable to only older versions of a file. Files will be archived in Egnyte as long as the customers keep their Egnyte account active. Egnyte enables customers to segregate files using folders or other metadata like tags. None of these are purged by the system unless explicitly deleted by the customer. The customer can therefore create specific folders to store articles of incorporation, minute books, stock certificate books, etc. If the customer deletes any of these willingly, Egnyte provides an audit log of all delete activity. Egnyte allows customers to keep all their files without an enfo rced archival policy. Each customer can keep the files for six years or longer, and since data storage is redundant, data loss issues are completely prevented. Each report, which a regulatory authority has requested pursuant to an order or settlement, can be tagged with the appropriate label. Such tagged files can be maintained in the Egnyte storage system for 3 years or longer. Unusual activity report can be tagged with the appropriate label. Such tagged files can be maintained in the Egnyte storage system 18 months or longer. The customer can store the written advertisement files in folders with read only access so that they are always available to SSR. They can do the same for all compliance, supervisory, and procedures manuals, including any written procedures. www.egnyte.com 2011 Egnyte Inc. All rights reserved. 4

240 Retention Requirements Source: http://www.sec.gov/rules/final/34-44992.htm U.S. Securities and Exchange Commission Final Rule: Books and Records Requirements for Brokers and Dealers www.egnyte.com 2011 Egnyte Inc. All rights reserved. 5

U.S. Security Exchange Commission - SEC Rule 31a-2 and 204-2 Investment Companies and Investment Advisors Compliance Requirements for Investment Companies and Investment Advisors Funds and advisors may keep all of their records in an electronic format. (Amendment to Rule 31a-2 and 204-2) Reasonably safeguard the records from loss, alteration or destruction. (Rule 31a-2, 204-2, Part 270, Part 275) Ensure that electronic copies of non-electronic originals are complete, true, and legible in the medium and format in which it is stored. (Amendment to Rule 31a-2, 204-2, Part 270, Part 275) Limit access to the records to authorized personnel, the Commission (including its examiners and other representatives), and (in the case of funds), fund directors (Rule 31a-2, 204-2, Part 270, Part 275)). Funds and advisors may be requested by the Commission to promptly provide legible, true and complete copies of records in the medium and format in which they are stored, and printouts of such records; and means to access, view, and print the records. (31a- 2, 204-2) Means to access, view and print the records in a legible, true and complete printout. (Part270, Part 275) All documents including email files can be stored in the Egnyte online storage solution. Read only folder permission on the online folders will prevent any user from deleting these files. All files are saved on n+2 (with n+3 option) RAID 6 storage at all times. Data is redundant in not only the primary data center but also in the secondary data center. Files cannot be deleted from read only folders. All account activity is logged and can be seen via audit reports. Furthermore, Egnyte allows customers to create a local copy on a direct attached storage device or a network attached storage device in their office. Egnyte provides a flash based viewer for all common file types. This allows users to be able to read any file type despite not having the viewing application on their computer. Account administrators control access rights for all documents in their Egnyte account. They can create a specific group, for example, the Commission users, and grant them the required access to the respective folders. Egnyte provides secure access to users within an account, including enabling the account administrator to allow secure access to other business entities like the Commission. The Commission personnel can open a file, email it or send it to a printer or fax. Also, Egnyte allows for secure access to a single file via links. Egnyte allows secure access to users within to be able to view and print files. www.egnyte.com 2011 Egnyte Inc. All rights reserved. 6

Compliance Requirements for Investment Companies and Investment Advisors Separately store, for the time required for preservation of the original record, a duplicate copy of the record on any medium allowed. (Part 270, Part 275) All files are stored on redundant RAID 6 storage filers. Only users with read/write/delete access can delete a file. The account administrator manages this access control. Policy based retention rules control when the deleted files are purged from the trash bin associated with each account. Documents are stored in n+2 (with n+3 option) RAID 6 storage across two SAS 70 compliant data centers. Funds and advisors to retain records electronically for over fifteen years and easily accessible for two years. Funds and advisors who choose to convert records into an electronic format must do so in the same fashion as they already keep electronically created or received records. The rules standards are flexible and permit funds and advisors to modify their electronic record retention practices to take advantage of advances in electronic storage technology. Funds and Advisors are free to adopt any combination of technological and manual protocols that meet the requirements of the rules. Documents can be stored and accessible in Egnyte online storage with no expiration. The customer can keep them for two years or fifteen years. Egnyte not only allows the funds and advisors to store the documents in the original file type and format but also automatically provides a flash based viewer for all commonly used file types (500 file types are supported). Egnyte customers have secure access to their documents from anywhere and at any time. Egnyte ensures that their files are always available by keeping more than one copy across two data centers to prevent any kind of data loss. Egnyte provides a comprehensive Online File Storage solution at a fraction of a cost to doing it in-house. It is a more secure and robust solution than what most companies can deploy and manage with their own IT staff. Source: http://www.sec.gov/rules/final/ic-24991.htm: U.S. Securities and Exchange Commission Final Rule: Electronic Recordkeeping by Investment Companies and Investment Advisors. www.egnyte.com 2011 Egnyte Inc. All rights reserved. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information