Skip navigation

17a-4 provides Designated Third Party Services for first Office 365 Broker Dealer

December 09, 2015

17a-4, llc provides Designated Third Party services to broker dealers.  This service is now available to clients using Office 365 for compliance.

Millbrook, NY – 17a-4 now provides Designated Third Party services for broker dealers with Office 365.  Microsoft’s Office 365 has developed the required internal controls to comply with the technical requirements of SEC Rule 17a-4.  However, SEC Rule 17a-4(f)(3)(vii) also requires a Designated Third Party to be able to access and produce records if called upon by a regulator.  17a-4 has developed the necessary access methodology and policies and has signed up its first Office 365 broker dealer.

‘We are delighted to sign our first Designated Third Party client using Microsoft’s Office 365,’ says Charles Weeden.  “We have designed a solution that leverages the in-place hold and retention features of Office 365 as well as the audit controls which are now part of the Microsoft Compliance Center.”

The Designated Third Party services apply to all content captured by the Microsoft in-place retention feature including email, Skype for Business Online, SharePoint and, now, third party content such as Bloomberg, Reuters, Blackberry, Cisco Jabber, HipChat, Symphony and other platforms used by the financial industry.

“When asked by a regulator,” continues Mr. Weeden, “it is important that we follow the same procedures as if the broker dealer were producing those records internally.  This involves reviewing for privileged communications and producing a privilege log, culling out emails not sent to or from an employee of the broker dealer and being able to correlate a Bloomberg email address or other identity to the corporate email address so that there is a complete production responsive to the regulator’s request.  As part of our D3P services, we review these procedures with both the compliance and legal teams of the broker dealer.”

The broker dealer is based in California and maintains email and compliance records on its Office 365 SharePoint servers.  All content designated as regulated is maintained under in-place hold and retention policies.  17a-4 works with over 500 financial institutions on e-messaging retention and Designated Third Party services.  As such, offers a unique perspective as to what other clients are doing with respect to various types of messaging platforms, social media, trading databases and sales or CRM systems.  Though 17a-4 will never disclose a specific client and what they are doing to comply with retention regulations, the extensive work across the different types of financial institutions provides a deep knowledge base for guidance as to best practices of peers.