What Is Rule 17a-3?
Rule 17a-3 is a regulation issued by the U.S Securities and Exchange Commission (SEC) that outlines requirements and standards of retention, management, and availability of data pursuant to transactions and trading in the financial and exchange sector - with special provisions for business-related electronic correspondence.
It is a well-known industry and federal fact that investors have a duty and obligation to conduct strict record management standards in their transactions of securities, including copies of blotters, account statements, trade confirmations, cancelled checks and more.
This heavily regulated area covers the archiving and records management of not only every securities transaction made by exchange members, brokers and dealers - but also down to the requirement of archiving communications with the public by SEC members.
Compliance with requirements for Communications with the Public
With the advance in technology and communicative procedures, the SEC have created stringent amendments within Rule 17a-3. Each firm is required to archive authentic documents stating that the firm in question has complied with or adopted policies and procedures accommodating compliance with the relevant federal regulations and SRO rules. The SEC rules in question require that an authority must approve any advertisements, sales text, electronic or other communications by the firm with the public.
A wide variety of content is subject to this provision; paper, electronic and online. Marketing materials, sales scripts, audio or visual records, or any electronic or social media used by broker-dealers to communicate with the public must be retained and examined. Given the vast mediums of technology and ways in which we communicate, broker-dealers subject to these standards have many options in how they can create this record.
Compliance Requirements for Archiving Electronic Records
Rule 17a-3 (and Rule 17a-4) accommodate(s) the following requirements:
- the retention and preservation of all transactions and official business records - including all communications
- store electronic records in a secure, non-erasable location
- ensure that original and duplicate copies of electronic records are stored in separate locations
- retain these records in line with the appropriate record retention schedules
- have records available for independent audits and have an auditing system in place
- have authentic, current records available for examination by regulators
- appoint an independent third party to have access to electronic records for regulatory purposes
If firms fail to abide by these measures and enforce the adequate policies and procedures, they are placing themselves at risk to a number of non-compliance penalties, such as internal and/or regulatory disciplinary actions, damage of reputation, civil liability, penalties and more.
For more information, download our Social Media Compliance Crash Course for Financial Services white paper.