The Modernization of SEC Rule 17a-4
Listen to article highlights.
What changed and why
- Are complete and time-stamped
- Reflect any modifications, interim iterations or deletions
Other changes
- Engage a third party to fulfill requests from regulators that they cannot or will not fulfill; or
- Appoint a Designated Executive Officer and the Officers’ designees, to provide electronic records
The market impact
As the SEC noted, the rule has evolved from "electronic storage media" to defining the obligation as maintaining an "electronic recordkeeping system," that encompasses systems and controls to preserve records in a digital format. Despite audit trail being another technological approach that will be made obsolete by the next generation of technology, the revised rule emphasizes the responsibility for firms to have the expertise – and to work with appropriate third parties – to fulfill the requirements. While the impact to the industry is unclear, here are some of the considerations that firms should keep in mind in evaluating the new rule. What is the benefit to the business? While the update does provide additional flexibility, the determination of better-faster-cheaper is a fair question for firms to assess. For very small firms with very basic requirements (e.g., approved use of email only, infrequent access to their compliance archive), this could allow them to 'check the box' at a lower cost. The updated rule will likely cause an evaluation of potential cost savings against the feasibility of modifying a core business communications platform to meet the audit-trail requirements and the cost of moving existing compliance records from a worm storage system. For large firms, better is the operative phase to use in comparing alternatives. Their use of electronic recordkeeping systems typically supports multiple purposes, serving as the system of record to provide:
- Supervisory oversight
- The ‘source of truth’ for e-discovery and investigation
- Power conduct surveillance processes
The final thought
Share this post!
Smarsh Blog
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.
Ready to enable compliant productivity?
Join the 6,500+ customers using Smarsh to drive their business forward.
Subscribe to the Smarsh Blog Digest
Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.
Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.
FOLLOW US