FINRA Rules 3110 (a) and (b) require that any brokerage firm that operates under Financial Industry Regulatory Authority have protocols to supervise all employees, from the executives to the newest employee. The brokerage must also comply with SEC Rule 17a-4(f) to properly store electronic records.
InnReg compliance experts highlighted these seven takeaways.
Check if your brokerage meets all the requirements?
Subject-matter experts with decades of experience wrote this analysis, not freelance copywriters, third party agencies, or AI-based tools. We are global regulatory compliance experts.
1. Brokerage firms must have a supervisory protocol to maintain and monitor electronic communication (including emails) of their employees, including supervision at the senior executive level under FINRA Rules 3110 (a) and (b).
2. Under SEC Rule 17a-4 (f), any firm seeking to store the required documents electronically must
- notify FINRA at least 90 days before storing records electronically,
- have in place an audit system that tracks them as well as any changes made to such records,
- retain a third-party document storage facility with access to the records, and
- store the records in a non-rewritable, non-erasable format.
3. Securities firms must inform their staff which cloud storage locations or local servers are SEC compliant and ensure that employees are properly storing and preserving the documents.
4. To be compliant, you must also contract with a 3rd party document storage facility that is able to access and produce compliant documents for FINRA or the SEC if the brokerage firm cannot.
5. Securities firms must have written procedures that clearly address the requirements of the Securities Exchange Commission.
6. Firms must assign responsibility for recordkeeping obligations under the SEC to a particular department or person within the company.
7. Compliant firms must have a written policy that details their auditing procedure for recordkeeping.
Conclusion
If you run a brokerage that operates under FINRA and the SEC, it is critical to review and follow the Rule 3110 and Rule 17a-4 requirements of both regulatory boards respectively, as outlined above.
You must have supervision protocols for everyone at your company, including the executive team. You must also alert the SEC that you are storing records electronically and train your staff to ensure the records are properly maintained and stored.
If you have questions or need help in this and other compliance areas, do not hesitate to reach us at info@innreg.com.
The Author
InnReg is a team of over 30 Regulatory Compliance and Innovation Consulting experts helping fintechs succeed in highly regulated markets since 2013. InnReg specializes on mitigating regulatory risk while helping clients launch and grow innovative fintech products and services.