In October 2022, the Securities and Exchange Commission (SEC) updated Rule 17a-4. Alongside the Rule 17a-4 amendments for broker-dealers, the SEC simultaneously updated the coinciding Rule 18a-6 requirements for security-based swap dealers (SBSD) and major security-based swap participants (MSBSP). This means that SBSDs and MSBSPs will now be subject to regulatory guidelines for the first time.
Much like Rule 17a-4, Rule 18a-6 applies to electronic recordkeeping and accessibility requirements for SBSD and MSBSP entities. This includes information related to records storage, production, location, length of time, verification, and more.
These electronic recordkeeping rules were amended to keep up with current technological advancements and optimize recordkeeping efficiency for firms. In a statement on the amendments, issued shortly before the Final Rules’ release, SEC Chair Gary Gensler said:
“Today’s rule amendments would facilitate the SEC’s ability to examine and inspect records consistent with modern technology. These recordkeeping requirements also may reduce some firms’ compliance costs.”
The Rule 17a-4 compliance date went into effect on May 3, 2023, though it is not yet active for Rule 18a-6 which comes into force on November 3, 2023. Consequently, affected entities must ensure that all their recordkeeping requirements are in line as this date approaches, or else they will be subject to potential fines for regulatory violations.
SBSDs are individuals or entities that make a market in security-based swaps, while MSBSPs are any individuals who are not SBSDs, but have a role in security-based swaps. Though swaps can occur in any industry, security-based swaps are typically based on a security like a stock, bond, or credit default swap. The SEC states:
“Swaps are financial contracts in which two counterparties agree to exchange or ‘swap’ payments with each other as a result of such things as changes in a stock price, interest rate or commodity price.”
All of the amended guidelines that were introduced to update Rule 17a-4 will now apply to Rule 18a-6 as well, including:
- The addition of an audit-trail alternative to the “write once, read many” (WORM) format. Organizations only used to be able to use the WORM format to preserve electronic records, but the audit-trail alternative has been introduced to provide more flexibility and modernize requirements.
- In continuation of the audit-trail recordkeeping requirement, organizations must ensure that they’re producing records in a reasonably usable format, meaning that all documentation must be easily accessible and compliant with guidelines.
- Using a designated executive officer (DEO) as an alternative to a designated third party (D3P) for record access management is now possible. Previously, organizations would have to utilize a D3P for electronic recordkeeping system (ERS) access to provide information to regulators in case the firm failed to do so, but can now elect a DEO internally, allowing for accessibility and convenience.
- While notifying designated examining authorities (DEA) of the employment of an ERS was a requirement before these rules’ amendments, it has now been dismissed.
- As new technologies and tools emerge, the amendments permit the use of cloud service providers to assist in records maintenance and storage, with the stipulation that the financial organization can readily access their data at any time.
Regulators have been vigilant in verifying recordkeeping compliance as of late, proved by the number of violation enforcements announced relating to unrecorded data. Proper recordkeeping is fundamental for staying up to the mark. Obtaining a dependable archive storage provider helps keep organizations assured that their data is secured and regulators satisfied with sustained compliance.
