Schedule a Demo


See the latest news and insights around Information Governance, eDiscovery, Enterprise Collaboration, and Social Media. 

All Posts

SEC Rule 17a-3 and Recordkeeping Compliance

What Is The Securities Exchange Act (SEA) Rule 17a-3?

Rule 17a-3, part of the Securities Exchange Act (SEA), is a regulation issued by the U.S Securities and Exchange Commission (SEC). Anyone working within trading securities, either as a broker or dealer, needs to have a clear understanding of what it demands.

The regulation exists to outline requirements and standards of retention, management, and availability of data relating to transactions and trading in the financial and exchange sector – with special provisions for business-related electronic correspondence.

Accurate record keeping is an important consideration for any business, but the financial services sector is held to particularly high standards of accountability here. Rule 17a-3 requires brokers and dealers to create and preserve comprehensive records of each securities trade, including copies of blotters, account statements, trade confirmations, cancelled checks and more.

This heavily regulated area covers the archiving and records management of not only every securities transaction made by exchange members, brokers and dealers - but also the archiving communications with the public by SEC members.

Social Media dn SEC Rule 17a-3 Compliance

Compliance with requirements for Communications with the Public

With the advance in technology and communicative procedures, the SEC have created stringent amendments within Rule 17a-3. 

Each firm is required to archive authentic documents stating that they complied (or adopted policies and procedures accommodating compliance) with the relevant federal regulations and SRO rules.

The SEC rules in question require that an authority must approve any advertisements, sales text, electronic or other communications by the firm with the public.

A wide variety of content is subject to this provision; paper, electronic and online copy. Marketing materials, sales scripts, audio or visual records, used by broker-dealers to communicate with the public must be retained and examined. Essentially, if in doubt, archive it.

This includes audio or visual records, and crucially, any electronic or social media records. If you’re not currently archiving your website content or keeping a well-maintained archive of your social media in a manner that enables easy eDiscovery, you could be headed for some significant Rule 17a-3 related headaches down the line.

Looking for more information? Get in touch and we'll email you what you need.


A wide variety of content is subject to this provision; paper, electronic and online. Marketing materials, sales scripts, audio or visual records, or any electronic or social media used by broker-dealers to communicate with the public must be retained and examined. Given the vast mediums of technology and ways in which we communicate, broker-dealers subject to these standards have many options in how they can create this record.

Compliance Requirements for Archiving Electronic Records

When it comes to the way in which financial firms must archive their electronic records, it will come as no surprise to learn that the SEC lays out some clear requirements.

Rule 17a-3 (and Rule 17a-4) states that firms must:

  • Ensure the retention and preservation of all transactions and official business records - including all communications.
  • Store these electronic records in a secure, non-erasable location.
  • Ensure that original and duplicate copies of electronic records are stored in separate locations.
  • Retain these records in line with the appropriate record retention schedules.
  • Have records available for independent audits and have an auditing system in place.
  • Have authentic, current records available for examination by regulators.
  • Appoint an independent third party to have access to electronic records for regulatory purposes.

It’s critical that records are stored in a WORM (Write Once, Read Many) format, as this prevents the alteration or destruction of records stored electronically. You can learn more about WORM storage requirements here.

With the need for records to be easily accessible, searchable, audited and presented in a specific, time-stamped and fully indexed format, it pays to work with an enterprise grade solution with deep experience of the financial sector, such as Pagefreezer

This guards against the need for costly eDiscovery procedures, with all information at your fingertips, via the intuitive Pagefreezer dashboard. Additionally, all records will be stored in the correct and fully compliant format.

Whether you’re looking to ensure compliant record-keeping of your social media or website, Pagefreezer can offer a secure, specialist solution, helping you ensure

How to comply with SEC Rule 17a-3 for Social Media

Regulation Best Interest and SEC Rule 17a-3: What’s Changed?

As of June 30, 2020, the SEC implemented Regulation Best Interest (Reg BI) Rule 15I-1 under the Securities Exchange Act of 1934.

Reg BI was introduced with the intention of ensuring that any recommendations made by broker dealers were made in the best interest of the customer in question, in an overarching principle known as the “general obligation.”

The specific obligations are as follows:

  1. Disclosure Obligation: written disclosure of all certain facts about the scope and terms of its relationship with the customer must be given at the time of (or prior to) the recommendation. This disclosure should be kept updated if any substantial change occurs.
  2. Care Obligation: At the time of the recommendation, the broker dealer must be acting in good faith and exercising all reasonable diligence to ensure that the customer’s best interest is being met. This related to all known costs, risks and rewards.
  3. Conflict of Interest Obligation: Policies and procedures must be put in place to identify conflicts of interest when it comes to making recommendations to customers. Any conflicts that are identified should be disclosed, mitigated or avoided. Specific conflicts such as motivational sales contests, quotas and time-specific bonuses should be eliminated entirely.
  4. Compliance Obligation: All reasonable measures should be put in place to achieve compliance with Reg BI. This relates to the resolving of any noncompliance as well as the roll out of controls, training and ongoing reviews.

New Record Keeping Requirements in Reg BI From June 2020

Always keen to keep compliance departments on their toes, the SEC also announced new record keeping requirements in Reg BI, which were implemented from June 2020, with new paragraphs applying under Rules 17-a3 and 17-a4.

They specifically relate to the need for the broker-dealer to record all information given to (and taken from) a retail customer. They must also record the identity of each registered representative responsible for the account in question.

As per the pre existing regulations, these records need to be secured for a minimum period of six years, to the same high standards of detail and security that 17a-3 and 17a-4 places on the other data collected and preserved.

This has the potential to generate a great deal of extra work, but of course, does serve as proof that organizations are taking the necessary steps to comply with the Reg BI. Automated archiving of communications and email correspondence via Pagefreezer can dramatically reduce the workload associated with this requirement, and help to minimize the risk of non-compliance.

Rule 17a-3: what is the cost of non-compliance?

If firms fail to abide by these measures and enforce the adequate policies and procedures, they are placing themselves at risk to a number of non-compliance penalties, such as internal and/or regulatory disciplinary actions, damage of reputation, civil liability, penalties and more.

Monetary sanctions could involve fines of $1,000 to $15,000, with aggravating factors pushing things upwards of $10,000 to $146,000, or even beyond for the worst transgressions.

In terms of non-monetary sanctions, accountable individuals or firms can expect suspensions lasting anywhere from 10 business days to 3 months. For the worst cases, individuals could see a longer suspension of up to two years, or even a total bar. Firms can expect expulsion for the most serious cases of non-compliance.

Ready for Rule 17a-3 peace of mind?

With the digital transformation of the financial sector all but complete, the need to ensure complete transparency, accuracy and compliance of your electronic record keeping has never been more important.

Cover all bases and guarantee comprehensive, automated and perfectly formatted archives of your financial firm’s social media, web copy, and more besides, with Pagefreezer.

Want to learn more? Read our blog post, Understanding FINRA/SEC Rule 17a-4(f) and WORM Storage Requirements, by clicking the link below.

Read the Blog Post


Michael Riedijk
Michael Riedijk
With more than 20 years of experience building successful technology companies in Europe and North America, Michael Riedijk is recognized as a leading innovator in compliance technologies. Originally from The Netherlands, Michael relocated to Canada and launched Pagefreezer in 2010.

Related Posts

Navigating Dynamic ESI: Insights from the Pagefreezer-ACEDS Webinar

To shed light on the management of dynamic electronically stored information (ESI) and its impact on legal and compliance processes, Pagefreezer hosted a webinar featuring Mike Quartararo from ACEDS (Assocation of Certified E-Discovery Specialists), Michael Simon from Seventh Samurai Legal Consulting, and Peter Callaghan from Pagefreezer. During this webinar, they shared learnings from a recent report focusing on dynamic data trends in e-Discovery and shared their thoughts on those findings.

Why the DOJ Says Messaging Apps & Collaboration Platforms Are a Major Compliance Problem

The Department of Justice (DOJ) has updated their Evaluation of Corporate Compliance Programs policy with special attention paid to messaging platforms when detecting and investigating potential misconduct and law violations. Moving forward, they will now consider whether corporate policies ensure communications from these apps are accessible and amenable to preservation.

How to Export Teams Chats for Compliance and eDiscovery

How to Export Teams Chats for Compliance and eDiscovery Exporting Microsoft Teams chat data for legal and compliance purposes is a critical task that can seem like a Herculean effort to execute—especially if you have days, months, or even years worth of MS Teams messages to export. Thankfully, there are a number of different methods and tools that extract and preserve relevant data from Teams.