Retention Policies and Data Storage
This Connected Suite Spotlight Series, is for clients using the Professional Archive, and anyone who is interested in benefits and tips for compliance best practices for financial services.
Data Retention Practices and Policies in the Professional Archive
SEC Rules 17a-3 and 17a-4 require retention of records for specific periods (three to six years, depending on the subsection), with records stored in an easily accessible place for the first two years. The Professional Archive supports the retention of all ingested data in perpetuity and provides tools for managing data actively. The Connected Suite – Professional Archive includes data storage for all messages actively ingested though a Smarsh connector for a period of 7-years. Each message is tracked based on the date it was sent or received. On the first day after the message becomes older than 7-years, a data storage fee for the message is applied. Professional Archive users may elect to set up data retention policies to manage compliance-focused records retention length, or to limit data storage capacity usage.
There are three steps to create a Retention Policy:
- 1. Create a Retention Policy with name, description, and retention period
- 2. Configure a policy rule that automatically applies the Retention Policy based on a set of defined criteria, such as a keyword or hierarchy group
- 3. Apply the Retention Policy to historical content through the message review panel or "bulk update" function
Learn more about retention policies and get started creating your own retention policies with our Retention Policy User Guide in Smarsh Central.
As you begin to implement retention policies for your firm, ensure your team completes the following items to be compliant with SEC rules:
- Train employees on your specific email retention and destruction policies
- Remind employees they have no expectation of privacy regarding their email communications, and that these records are archived and may be reviewed by internal personnel or regulators
- Be knowledgeable of, and compliant with, data archiving and storage requirements
- Arrange and index records in a way that permits easy location, access, and retrieval for any particular period
- Use supervision policies to search for client complaints.
- Use supervision policies to search for guarantees of performance.
- Use supervision policies to search for fraudulent activity, insider trading violations.
- When supervising communications and setting supervision policies, use an audit history and keep detailed notes to document reviews.
- Periodically conduct a test of your archiving system to ensure all capture and review functions are working as intended.
For help creating data retention policies, engage with a Custom Training Session
Our most popular and effective training is a customizable one-on-one or small group session with a Smarsh Technical Trainer. These hour-long sessions guide you through the Connected Suite and Professional Archive products through screen-sharing technology. You spend your time focused only on the training you need. As part of our Professional Services offerings, these trainings may incur an additional cost depending on your subscription package.
For more information on customized training, please reach out to a member of the Customer Success Team by submitting a case on Smarsh Central.
Share this post!
Archiving and Compliance Blog
Our Blog explores the news, trends and best practices in electronic recordkeeping. It’s about managing and getting value from your electronic communications data. It’s about satisfying legal and regulatory obligations. It’s all about turning compliance liability into business insight.