Why Your Computer and Company Server Are Not Compliant
Financial advisors have been dealing with regulatory oversight and strict recordkeeping rules for years. But now that more firms are transitioning to digital recordkeeping, advisors need to understand that saving a digital record on their computer or server is not the same as storing a paper record in a filing cabinet.
Digital files and records are a flexible and secure way for advisors to process information, but that’s only when they are stored in the right type of system. Saving your records to a computer, basic cloud-based storage, hard drive or company storage server will only put the firm at a risk of incurring large fines.
SEC 17a mandates require digital records repositories to have:
- Searchable indexes. All records must be searchable. Document indexing facilitates document retrieval. Without an efficient index, it is difficult to find specific information.
- Security. Data must be stored on indelible, non-rewritable media. Without controls to prevent unauthorized access to records, compliance cannot be proven.
- Audit history or oversight. Each document must have a history that records who created it, when it was modified and what modifications were made. In order to store content in a compliant manner, a firm must be able to prove that the content cannot be tampered with.
Files saved into a Windows directory can’t meet all three requirements. For example, when a document is saved to a computer, the “Date Created” and “Date Modified” dates are based on the computer’s local time, which can be easily altered.
On the other hand, an enterprise content management (ECM) system helps firms create a repository that can securely store records and publish the records to unalterable media. With an ECM system, financial advisors can:
- Automate records retention and destruction in compliance with SEC 17a mandates.
- Instantly retrieve information instead of sending staff to offsite storage facilities.
- Expedite audits by easily producing records on demand.
- Simplify compliance with business continuity directives by securing electronic files.
- Redact sensitive client information.
- Prevent departing employees from leaving with customer files.
- Strictly monitor system security.
- Track document activity, such as who accesses a document and when.
- Record what staff members do with documents they retrieve.
To learn more about how ECM can compliantly archive your digital content, download your copy of The Dos and Don’ts of Social Media Archiving.