In November 2017, five financial services associations1 sent a letter to Securities and Exchange Commission (SEC) Secretary Brent Fields proposing revisions to a decades-old electronic recordkeeping regulation. While the revision has not been formalized, the framework was released to the public on November 5, 2019 for comment. Given the wide-ranging impact of this revision, we at Infobelt, Inc. believe it’s important that all businesses in the financial services industry understand the possible changes.
The regulation in question is SEC 17 CFR 240.17a-4(f), which was implemented in 1997 during the United States’ technology boom. Given the rapid adoption of new technologies, the SEC wanted to issue electronic data retention guidelines. As the foundational electronic recordkeeping regulation, it acted as a guideline for other regulatory agencies as they built their policies (such as the Commodity Futures Trading Commission (CFTC) 17 C.F.R. 1.31).
The language used in crafting the SEC regulation was rules-based and not technology-neutral. The resulting regulation was functional but hindered the adoption of modern technologies. A particularly rigid component required the use of “write once, read many” (WORM) technologies (such as non-rewritable CD-ROM) to ensure data was preserved correctly. These WORM technologies are now outdated, expensive, and, when considering the modern technologies that companies utilize, redundant.
In June 2017, after receiving its own petition for change, the CFTC recognized these limitations in 17 C.F.R. 1.31 and prepared a revision to modernize the language. As the CFTC’s rule was based on SEC 17 CFR 240.17a-4(f), it led the previously mentioned financial services associations to petition for the SEC to follow suit. Resulting from that petition is a regulation framework that is more concise, principles-based, and technology-neutral.
The revision will allow companies to invest in modern technologies that are more cost-efficient and can benefit the business beyond acting solely as moment-in-time backup, though that benefit doesn’t come without risk. To avoid facing harsh penalties from regulatory agencies, companies must now be prepared to invest significant resources in ensuring that these new technologies are compliant today and remain compliant tomorrow.
Founded by financial services industry experts, Infobelt, Inc. understands the regulatory burdens companies face. We developed a dynamic, comprehensive suite of record management tools utilizing user attestations, workflows, and data archiving to offer a single solution for all highly regulated entities. Adaptable and agile, we monitor proposals for new and revised regulations to ensure that our software is compliant, so you don’t have to.
Whether your company needs assistance with designing a compliance strategy or is looking to reduce corporate liability by implementing a compliant data destruction policy, Infobelt, Inc. is your complete Books and Records solution.
The five associations that authored the letter were the Securities Industry & Financial Markets Association (SIFMA), the Financial Services Roundtable (FSR), the Futures Industry Association (FIA), the International Swaps & Derivatives Association (ISDA), and the Financial Services Institute (FSI).
Srini Mannava, John Pinto, and Chris Chavez contributed to this article and would be happy to discuss the information detailed above.