Independent Custodian services for e-communication encryption key management are now available to 17a-4 clients. The new service allows clients to use encrypted e-communications and still be in compliance with SEA Rule 17a-4.
Millbrook, NY – Many Broker /Dealers and Registered Investment Advisors are using third-party communication platforms that feature end-to-end data encryption to protect confidential client and corporation information. 17a-4, llc is pleased to announce Independent Custodian services for e-communication encryption key management. Combining proprietary Hardware Security Module technology with leading expertise in encryption key management, this service enables registered financial services institutions to deploy and manage encrypted e-communications in compliance with SEA Rule 17a-4 and other regulatory requirements.
17a-4’s new encryption key management service ensures encrypted communication data is retained, archived, and made available to designated regulatory authorities. Encrypted messaging platforms such as Symphony, by design, restrict the ability to decrypt messages where only the sender and recipient institutions are in possession of the associated private decryption keys. 17a-4’s Independent Custodian service securely stores and manages private decryption keys on behalf of clients in compliance with New York State Department of Financial Services, SEC, and FINRA electronic recordkeeping requirements.
“End-to-end encryption architecture shifted traditional custody and retention obligations for electronic records,” says Douglas Weeden, Director of Compliance Services at 17a-4. “When communication platforms being used cannot access underlying client data without the associated private decryption keys, regulators turn to Independent Custodians to secure third party access, verification and production of its member organizations’ encrypted messaging records.”
A trusted and independent Designated Third Party provider to the financial services industry for 15 years, 17a-4’s encryption key management service addresses the need for clients to comply with electronic record requirements and securely respond to regulatory requests for the production of encrypted communications.