Broker-Dealer Messaging Compliance

Broker-Dealer Compliance Archiving & Monitoring

Download PDF on Broker Dealer Compliance

SEC and NASD Regulators no longer tolerate inadequate recordkeeping and supervision of electronic communications. To address the explosive growth of email and instant messaging as critical business communication tools, SEC Rule 17a-4 and NASD Rules 3010, 3013 & 3110 require Broker-Dealers to implement a compliance archiving & monitoring solution to archive and supervise all electronic communications such as email, attachments, IM (AOL, MSN, Yahoo, LCS etc.) and Bloomberg®.

Global Relay's Message Archiver, Compliance Reviewer, Message Converter and IM Interpreter are specifically engineered to provide a total compliance solution for Broker-Dealers subject to the stringent compliance requirements of the SEC, the NASD and the various Exchanges in connection with electronic business communications, including:

  1. Recordkeeping
  2. Supervision
  3. Audits
  4. SEC Filings

Recordkeeping

The Message Archiver, Global Relay's message archiving and compliance system, captures and archives an authentic and complete record of all electronic business communications in a secure but easily accessible offsite storage system. Compliance features include:

  • Message Capture of email, attachments, IM & Bloomberg
  • Archives messages for 3 year SEC term (or as defined by deletion policies)
  • Access includes web-based instant access for all employees to their messages
  • Tamperproof protection of data on dedicated WORM (Write Once, Read Many)
  • Offsite, mirrored, single instance storage in East/West Coast Data Centers
  • Indexes & serializes messages, Bcc & Distribution Lists, metadata & audit trails
  • Search & retrieval of any message in seconds using Google-like search engines
  • Security & encryption of systems, networks & messages
  • Migration of legacy data (.pst files, backup tapes) & to archive with new messages
  • SEC Third Party Downloader engagement for independent SEC mandated access
  • SEC Filings & oversight by Global Relay's in-house compliance lawyers
  • Retention Term flexibility for Litigation Holds & SEC investigations

How does the Message Archiver work? All email, attachments, Bloomberg and IM and are securely captured and centrally unified together with imported legacy email and .pst files, in Global Relay's Message Archiver for rapid online search, retrieval & monitoring. With secure web-based access and real-time indexing powered by search engine technology, every employee and Compliance Officer has the ability to find any current or historical message in seconds. Read More »

Supervision

The Compliance Reviewer, Global Relay's monitoring system, provides Broker-Dealers with a turn-key, flexible, online supervisory system with advanced monitoring, filtering and eDiscovery features enabling enforcement of your firm's email & IM policies for compliance, proper usage and corporate governance. Compliance features include:

  • Scan & Monitor email, attachments, IM & Bloomberg from online Archiver
  • Content Filtering with company-defined rules to identify prohibited content
  • Advanced Analysis with Boolean logic, criteria lists, proximities & action alerts
  • Random Sampling of each rep's messages customized by percentage & user
  • Keyword Search results are highlighted within the message for quick discovery
  • Full Review of messages & attachments, or bulk review of headers only
  • Reviewer approval, rejection, escalation based on action icons & defined notes
  • Multi-tiered Review structure for review escalation to Super Reviewers
  • Wizard Commands for pre-defined, single-click compliance using folders, flags, priorities & labels
  • Exclude Words, phrases or email accounts (e.g. disclaimers, attorney-client privileged mail, newsletters) from Flagging Rules
  • Access Rights of authorized Reviewers governed by customized security rules
  • Notifications of compliance violations by email or IM
  • Audit Trail with detailed time history of reviews and related actions taken
  • Web-based Control Center to modify surveillance & monitoring procedures

How does the Compliance Reviewer work? Using powerful search engines, the Compliance Reviewer is able to retrieve your firm's messages from the Message Archiver and apply easy-to-use, company-defined filters and Wizard Commands for efficient review and monitoring of all archived email, IM, and Bloomberg messages. Messages of any user are analyzed on import and flagged for review if violations are detected as follows:

  1. real time filtering for keyword or phrase violations (start-up list provided)
  2. specific query using flexible search criteria
  3. advanced rule-based keyword & phrase proximity analysis
  4. random sampling (by User, User Group, or firm-wide, using percentages).

Read More »

Audits

Global Relay's Message Archiver & Compliance Reviewer Audit Tools are designed to facilitate efficient responses to regulatory audits and evidentiary requests. Global Relay has successfully assisted hundreds of SEC-regulated firms during their audits and regulatory investigations. Currently, Global Relay participates in approximately 3 to 6 customer audits per week.

  • Search & retrieval of any message in seconds using Google-like search engine
  • Audit Request response within minutes using online search and eDiscovery tools
  • Statistics & reporting on Compliance Officer reviews & related actions taken
  • Retention Term flexibility for Litigation Holds & anticipated SEC investigations
  • Legal Compliance in-house specialists to assist during audits
  • Case Management via folder system with shared folders (e.g. external attorney review)

How do Global Relay's Audit Tools assist with an Audit? Global Relay provides flexible and efficient methods to produce records according to the specific criteria of the audit request. Messages are made readily available for examination either by:

1. Online review of messages via an "auditor account" in Message Archiver

  • create online search parameters based on Audit request
  • restrict access to the exact scope of the audit (by date, user, subject etc.)
  • assign Auditors temporary online review privileges
  • block attorney-client privileged, personal or restricted messages
  • generate an automatic audit trail of Auditor's review (ie: audit the Auditor!)
  • side benefit of data no longer in Auditor's possession once audit is complete

2. Compilation of data for delivery to SEC/NASD

  • fast discovery, consolidation and organization of data for export & delivery
  • compile requested information on regulator-qualified media such as DVD or CD

SEC Filings

What Legal Documentation needs to be filed with the SEC/NASD? As part of your Broker-Dealer compliance solution, you may request Global Relay to prepare the SEC-mandated filings. Additionally, your firm has the option to engage Global Relay as your Third Party Downloader and Global Relay's in-house compliance lawyers will file the required Third Party Downloader Undertaking with the SEC/NASD. Read More »

Frequently Asked Questions

What are the Email & IM Compliance Requirements for Broker-Dealers?

Recordkeeping & Audits:

  • SEC Rule 17a-3 & 17a-4
    • preserve electronic records of transactions and general securities business (incoming, internal, outgoing)
    • store on non-rewriteable and non-erasable media, the quality of which must be verifiable
    • store original and duplicate copies in separate locations
    • create and store indexes of the electronic records
    • have an auditing system in place and store audit results for all electronic records
    • retain for retention periods (3 to 6 years), the first two years in an easily accessible place
    • enable all records to be "readily available" for inspection by the SEC/NASD
    • enable independent third party access in order to download a firm's electronic records upon SEC request
  • NASD Rule 3110 & NYSE Rule 440
    • preserve all electronic communications between firm and customers
    • preserve such messages in compliance with NASD/NYSE rules and with SEC Rules 17a-3 and 17a-4
    • note, that NASD Rule 2210 includes "electronic" sales literature, advertisements and correspondence in their requirements regarding communications with the public

Supervision:

  • NASD Rule 3010 and NYSE Rule 342 & 472
    • establish supervisory policies and procedures for all business-related electronic communications with the public (e.g.: methods for reviewing and sampling each RR's message capabilities for distinguishing types of correspondence, time frames for conducting reviews, and methods of addressing prohibited email & IM uses)
    • educate, train and log employees on procedures governing public electronic correspondence
    • monitor electronic correspondence of each registered representative regarding customer recommendations and any customer complaints
    • maintain an audit trail and record of supervisory reviews, including the identities of authors and reviewers
    • monitor and evaluate supervisory procedures to ensure compliance
  • NASD Rules 3012 & 3013
    • designate a chief compliance officer (CCO) that together with the CEO, must certify annually to having a process in place to establish, maintain, review, modify, and test supervisory control policies and procedures reasonably designed to achieve compliance with applicable rules and laws of the SEC and the NASD.

Outsourcing:

  • NASD Notice to Members 05-08
    • conduct due diligence on your service vendor before outsourcing
    • determine and ensure that your outsourced service provider's systems fully meet compliance standards

What is the significance of these SEC/NASD rules?

Regulators no longer tolerate inadequate recordkeeping and supervision of a firm's electronic communications. In recognition of the explosive growth of email and IM as the principle business communication tools, the SEC adopted stringent amendments to SEC Rules 17a-3 and 17a-4 in connection with the preservation and retention of all electronic correspondence related to business, and NASD Conduct Rules 3010, 3012, 3013 and NYSE Rule 342 and 472, in connection with the supervisory review requirements on firms for the monitoring of electronic communications with the public. These requirements are designed to protect investors from misrepresentation and fraud via electronic communications and to prevent record tampering. Additionally, revised NASD Conduct Rule 3110 and NYSE Rule 440 cross-reference SEC Rule 17a-4 regarding electronic record format, medium and retention periods.

Who must comply?

Generally, these Rules are applicable to all persons engaged in trading securities or acting as a broker, including Broker-Dealer firms and registered representatives that are subject to SEC, NASD and/or NYSE jurisdictions. Note, that SEC Rule 17a-4(b)(4) requires preservation of all correspondence of a Broker-Dealer "relating to his business as such", which should include the preservation of all email of a firm's registered representatives, as well as all associated persons to the business.

What are the repercussions of non-compliance?

Increasingly, SEC investigations focus on electronic business records, and on stricter enforcement of these Rules. Firms cannot afford to have a casual attitude toward email and IM compliance, as the repercussions of non-compliance include internal and/or regulatory disciplinary actions, civil liability, costly penalties, damaged corporate reputation and loss of goodwill. The imposition of fines for email recordkeeping violations can range into the millions. See SEC news release at: http://www.globalrelay.com/2002-173.html

Where can this Legislation be found?

Chicago Stock Exchange

Chicago Stock Exchange selected Global Relay's robust Compliance Archiving & Monitoring services to deliver secure, compliant, scalable, high-performance archiving & monitoring to its employees & Member Firms.

Canaccord
Canaccord Adams

Canaccord Capital & Canaccord Adams, with IDA, FINRA and LSE Memberships, chose Global Relay to deliver email, instant messaging and Bloomberg Archiving, Compliance and Continuity to 2000+ employees spanning three continents.

Customer Testimonial

"Our Broker Dealer started archiving with Global Relay after transitioning from another archive vendor. I have also referred them to a dozen broker dealers that I consult with. The response from all of us is nearly identical - the email monitoring and retention functions are robust, user friendly and compliant with all current regulatory requirements. The best part of Global Relay may be the customer service. We have all found the service to be truly outstanding. I'm thrilled to have finally found a complete and easy-to-use solution to my email needs."

Jim Williams
President
Financial Telesis

Financial Telesis