“R.itemList.length” “- this.config.text.ariaShown
“This.config.text.ariaFermé”
Despite all the confusion that exists, there are some fundamental things AdvisorVault has learned over the years over 17a-4 that will help keep prices as low as possible while reducing the threat to finRA small businesses.
TORONTO, August 4, 2020 / PRNewswire / – AdvisorVault, expert in resolving knowledge archival requests for SEC Standard 17a-4, announces a new consultant for FINRA small businesses.
AdvisorVault has been saying for years that data compliance is a necessary evil, and money spent trying to appease regulators does nothing for the bottom line and surely adds nothing to “operational efficiencies”. Also, firms can go years without ever being audited, but worse, when it does happen, no one knows what to expect when the regulator shows up. Sadly, it’s a crapshoot for compliance officers when they’re eventually asked to reproduce a sample set of electronic records from up to seven years back – which may not even be reviewed at all.
AdvisorVault has taught businesses, especially small businesses, that they deserve to constantly seek tactics to keep knowledge compliance prices as low as possible while satisfying regulators. This is not a simple task given all the confusion, however, the maximum productive start is to perceive the basics of SEC Rule 17a-4. This does not mean downloading and reading the full 65-page document with dozens of updates and amendments, but, on the contrary, perceiving how to decide on the maximum effective generation while assembling the electronic registration request: the verification that a regulator will do during the audit where they will request a pattern of knowledge of the file, whatever it is.
Many questions, few answers:
Many know that small businesses don’t have in-house compliance or generation staff, and when they go out to navigate knowledge compliance, new questions always arise. For example, what type of hard drive do you want to buy? Is the cloud compatible? Can everyone in the company buy all of their files in Dropbox? What about OneDrive? Is cloud knowledge indexed? What about Office 365 or Gmail? Do you archive emails for 17a-4? If a small business moves its virtual office, who recovers from the crisis? Does the cloud provider have to give them their business continuity plan procedure or is there a third-party add-on? Do small businesses even want to archive knowledge in the cloud?
Unfortunately, there are few easy answers to obtain and FINRA is of no help in this area; they lag far behind because they don’t have the internal experience of consulting members in “best practices for maintaining electronic records,” but they are the first to walk through the door to hand out fines. In addition, their listeners on the site are also outdated: they tell corporations that they want to use a computer virus disk to store knowledge. Where, in fact, this was replaced in 2003 when Rule 17a-4 was modified through the SEC to allow the use of software to purchase knowledge, regardless of a hard drive. Essentially, this means that 17a-4 vendors can archive knowledge simply by allowing a specific era of expiration or retention to block the deletion or modification of the recording in their software programming. Then, once the expiration has arrived or the retention era has passed, the knowledge can be removed from the file, freeing up the area for reuse. A mutual benefit for everyone, in a different way there will be piles of dead computer virus disks that waste area and money. However, few corporations are aware of this.
The 17th-4:
Nonetheless, despite all this confusion, there are a few basic things AdvisorVault has learned over the years about 17a-4 that will help keep costs low as possible yet reduce the risk. First, when it comes to data security, there is no mystery in proving to FINRA that a firm is keeping hackers off their system. It’s a simple matter of apply proper permissions and strong password policies to anything accessed from outside such as VPN connections, servers, and cloud systems. For example, making sure there’s a single user with admin permissions only and the password for this user is complex with frequent changes will keep regulators happy, no need to call in James Bond. Also, there’s this confusion among FINRA firms that putting data in the cloud automatically makes it non-compliant, that’s not true – in fact, FINRA has now migrated all their systems to the cloud themselves.
The truth is that FINRA doesn’t care where knowledge is stored. Their only fear is that they are well stored, which means: (1) a designated third party makes secondary copies of this knowledge, (2), helps to keep it for seven years in its original format and (3) can reproduce this knowledge upon request. – The 3 essential elements of Rule 17a-4. AdvisorVault consumers constantly migrate to the cloud and continue to comply. They go with Office 365, With OneDrive, Google Drive, or Dropbox, then AdvisorVault simply connects to what they use and transfers it to their 17a-4-compatible system, acting like their D3P consumers at the same time.
Another big mistake AdvisorVault points out is that corporations think they deserve to archive everything or are in danger of not auditing. Again, Rule 17a-4 is indifferent in this regard, and says that companies should maintain all communications, adding books and records, which leaves a lot of interpretation in those days; Meanwhile, suppliers are taking advantage of this confusion, seeking to inflate its effects by promoting unused archiving products. It’s essentially a scare tactic, says AdvisorVault. For example, there is this messy concept that all social networks used through reps deserve to be archived, such as Twitter, Facebook and LinkedIn posts; It is necessarily a concept that each and every online page in which a representative makes the decision to put their happy face will have to be subsidized. That’s not the case. You can avoid this impasse by creating a PC communications policy that obviously describes what compliance allows other people to communicate, and then simply say they’re just emails, and Bob’s your uncle.
Finally, when FINRA’s small businesses retire to keep compliance prices as low as possible to avoid these unsightly fines, transparent controls should be established to ensure that there are no gaps as the business grows. For example, when you add a new worker, all records you create will be automatically captured in the 17a-4 file, and this also applies to your email. By the way, the most productive way to do this is to use the cloud, as file software can automatically stumble upon new sites, folders, or email accounts on cloud premises, such as SharePoint OneDrive, Office 365, and G Suite products. This is another wonderful explanation of why you move a desktop to the cloud, as this option should not be had with internal email or garage registration systems.
About AdvisorVault:
AdvisorVault is the only designated third party that focuses on resolving knowledge archiving requests in SEC Rule 17a-4. Our consolidated D3P service is specially designed for small businesses that want a seller to help them meet existing knowledge archiving and tracking requirements. We’ve created a centralized archiving option that captures knowledge and emails, no matter where they’re stored, internally, or in the cloud—general peace of mind, in a position to use.
Contact the advisor
Allan Lonz, [email protected] Direct: 416-985-0310 Free Call: 1-866-732-1407 ex 1
View content: http://www.prnewswire.com/news-releases/avoiding-the-17a-4-quagmire—advisorvaults-guide-for-small-finra-firms-301105943.html
SOURCE AdvisorVault