Regulations Summary


Rule & Regulation Summary

SEC Rule 17a-4 & 17a-3 – Records to be made by and preserved by certain exchange members, brokers and dealers

The U.S. Securities and Exchange Commission pursuant to its regulatory authority under the US Securities Exchange Act of 1934 outlines requirements for broker-dealers to store required records in electronic form.  Rule 17a-4 (“Records to Be Preserved by Certain Exchange Members, Brokers and Dealers”) and SEC Rule 17a-3 (“Records to Be Made by Certain Exchange Members, Brokers and Dealers”) specify minimum requirements with respect to the records that broker-dealers must make, how long records and other documents relating to a broker-dealer’s business must be kept and in what format they may be kept.

Under the Rule 17a-4, electronic records must be preserved exclusively in a non-rewriteable and non-erasable format. This interpretation further clarifies that broker-dealers employ a storage system that prevents alteration or erasure of the records for the required retention period.  Broker-dealers are allowed to preserve records on “electronic storage media.” Rule 17a-4 defines the term “electronic storage media” as any digital storage medium or system.  The rule requires the preservation of electronic storage media be exclusively in a non-rewriteable and non-erasable format.  WORM (write once read many) media is used for compliance with the rule.  Records must be retained and indexed on the indelible media for a period of six years and with immediate accessibility for the first two years.  Duplicate records must be kept within the same time frame at an off-site location.


  • Requires written, enforceable retention policies
  • Insists on searchable index of all data stored
  • Necessitates data be viewable and readily retrievable
  • Offsite storage of data
  • Storage of data on WORM (write once read many) electronic media
  • Designation of a third party consultant (D3P) and filing of required letters of notification and representation

17a-4(f)(3)(vii) – Letter of Undertaking.  This letter is prepared by the Broker Dealer’s Designated Third Party (D3P) that represents that the D3P will assist, if asked, in the production of the Broker Dealer’s electronic records.  It requires that the D3P understand where electronic records are retained and the methodology used to search and produce those records.

17a-4(f)(2)(i) – Letter of Notification.  This letter may be prepared by the Broker Dealer or by the D3P and notifies the SRO of Broker Dealer’s intent to deploy a system to retain electronic regulatory records.

Need help with 17a-4 compliance?  Require a D3P? 

17a-4 LLC has served as a Designated Third Party Provider for financial institutions that need to satisfy record keeping obligations since 2001.  Request a consultation or quote here.

SEC Rule 15a-6 – Chaperoning arrangements for international research

In adopting Rule 15a-6, the SEC sought “to facilitate access to foreign markets by U.S. institutional investors through foreign broker-dealers and the research that they provide, consistent with maintaining the safeguards afforded by broker-dealer registration,” and “to provide clear guidance to foreign broker-dealers seeking to operate in compliance with U.S. broker-dealer registration requirements.” Rule 15a-6(a)(3) requires a U.S. broker/dealer to ‘chaperone’ or review research before it is distributed to U.S. investors.

17a-4’s SEC-FINRA DeskTop provides an easy-to-use, Rule 17a-4 compliant platform for managing:

  • Research sent in by a foreign broker/dealer as an attachment to an email.
  • Research is flagged and a workflow review process is started allowing compliance to review the research, reject it if inappropriate or approve it and provide alerts to U.S. investors.

FINRA Rule 3110 & 3120 – Supervision and supervisory control

FINRA Rules 3110 (Supervision) and 3120 (Supervisory Control System) require firms to establish, maintain and enforce supervisory systems and written supervisory procedures reasonably designed to comply with their recordkeeping obligations. In addition, firms are required to periodically review and update their recordkeeping written supervisory procedures and to have appropriate written supervisory control procedures to test and verify that those recordkeeping supervisory procedures are reasonably designed to comply with applicable recordkeeping laws and regulations and FINRA rules and to update or amend them if necessary.


  • Establishes personnel permitted to act as supervisors and those that may perform office inspections.
  • Lays out requirements for review of certain internal communications.
  • Compels obligations to monitor for insider trading, including the duty to conduct internal investigations and report information related to those internal investigations back to FINRA.

Are your supervisory review procedures and records in compliance?

17a-4 LLC has an extensive history working with the supervisory systems used in the industry and has been advising firms on procedures and policies for supervisory review since 2001.  In addition, 17a-4 can provide lexicons for specific types of business such as fixed-income trading, variable annuities and swaps.

FINRA Rule 3220 (Proposed FINRA Rule 3221 & FINRA Rule 3222)  – gifts, restrictions on non-cash compensation and business entertainment

Rules and guidance on gifts, gratuities and business entertainment compensation related to the sale of securities.

17a-4’s SEC-FINRA DeskTop provides an easy-to-use, Rule 17a-4 compliant platform for managing:

  • Rule 3220 – Gifts (DeMinimis, Promotional, Commemorative, Personal)
  • Rule 3221 – Non-Cash Compensation (Seminars, Training & Education)
  • Rule 3222 – Business Entertainment (Meals, Tickets, Entertainment)

FINRA Rule 3270 – Outside business activities

Prohibits any registered person from being an employee, independent contractor, sole proprietor, officer, director or partner of another person, or being compensated, or having the reasonable expectation of compensation from another person as a result of any business activity outside the scope of the relationship with his or her member firm, unless he or she has provided prior written

17a-4’s SEC-FINRA DeskTop provides an easy-to-use, Rule 17a-4 compliant platform for managing:

  • Rule 3270 – Capture information, documentation and description of outside business activities and provides for the registered person to agree annually to limitations on such activities.

FINRA Rule 3280 – Private transactions

Prior to participating in any private securities transaction, any person associated with a FINRA member must provide written notice to the member with which he or she is associated.  The written notice must describe the transaction and the associated person’s role, and disclose whether the associated person has received or may receive selling compensation in connection with the transaction

17a-4’s SEC-FINRA DeskTop provides an easy-to-use, Rule 17a-4 compliant platform for managing:

  • Rule 3280 – Capture information, documentation and description of private transactions, the persons associated with the transaction and notification of the person receiving compensation.

Investment Advisers Act of 1940

One of the most important set of the federal securities laws which relate to registered investment advisers is the Investment Advisers Act of 1940.  Created in 1940 through an act of Congress, this legislation defines the responsibilities and limitations placed on open-end mutual funds, unit investment trusts and closed-end funds that offer investment products to the public. The Act provides the manner in which investment advisers will register with the SEC, provides the laws that must be followed as an investment adviser, and makes it illegal for both registered and unregistered investment advisers to act fraudulently toward any investors.


  • Applies to companies that primarily invest or trade in securities and/or offer their own securities to the public. Hedge funds sometimes fall under the act’s definition of “investment company,” but may avoid the act’s requirements with an exemption.
  • Compels fund registration with the SEC.
  • Requires a board of directors, 75% of whom must be independent.
  • Places limits on investment strategies, such as the use of leverage.
  • Obliges funds to maintain a certain percentage of assets in cash for investors that sell.
  • Demands disclosure to investors of the funds’ structure, financial condition, investment policies and objectives.

SEC Rule 204-2 – Books and records to be maintained by investment advisers

Rule 204-2 of the Investment Advisers Act, “Books and Records to be Maintained by Investment Advisers,” states that every investment adviser subject shall establish, maintain, and enforce written policies and procedures to prevent the misuse of material, nonpublic information by an Adviser or any person associated with the Adviser.  The rule specifically details email creation and retention requirements for all client records.

  • Requires the retention of books and records relating to all written communications received and sent by an investment adviser.
  • Details the types books and records an Adviser must make and keep true, current and accurate for their business. Email is specifically identified as a business record in the rule.
  • Applies to hedge funds and private equity firms under the Dodd-Frank Financial Reform Act.
  • Requires Advisers to arrange and index the records in a way that permits easy location, access, and retrieval.
  • Compels Advisers to promptly furnish to the SEC any records requested, electronic or otherwise.

Are your business communications in compliance with Rule 204-2?

As part of an Adviser’s annual review of their business activities Rule 204-2 encourages review of written supervisory procedures to ensure that they properly address the firm’s business activities and comply with the provisions of the rule.  17a-4 LLC can help with this process.  Request a consultation or quote here.

Dodd Frank

In 2010 Congress passed the Dodd-Frank Wall Street Reform and Consumer Protection Act. Dodd Frank imposes new recordkeeping, reporting and disclosure requirements on all Investment Advisers, Broker Dealers, and newly deemed Major Swap Participants.


  • Registered advisers are required to maintain records relating to business activities as mandated by Rule 17a-4 of the Securities Exchange Act (BrokerDealers) and Rule 204-2 of the Investment Advisors Act (Investment Advisors).
  • Applies confidential reporting requirements which compels virtually all advisers to disclose to the SEC/CFTC their trading and investment positions, practices, and exposures that relate to systemic risks, e.g., assets under management, use of leverage including off balance sheet leverage, exposures to particular counterparties and types of securities, credit risk exposures, calculation policies, side letters.
  • Commands that registered entities will have to provide any other information the SEC/CFTC and the Financial Stability Oversight Council (FSOC), the new systemic risk regulator, deems necessary and appropriate.

CFTC 17 CFR 1.31 – Books and records; keeping and inspection

The Commodity Exchange Act (CEA) regulates the trading of commodity futures in the United States. Passed in 1936, it has been amended several times since. The CEA establishes the statutory framework under which the CFTC operates and has authority to establish regulations that are published in title 17 of the Code of Federal Regulations. Dodd Frank amended the Commodity Exchange Act to implement an in depth regulatory framework for swaps and security-based swaps.  A key area of the Commodities Exchange ACT (CEA) is 17 CFR 1.31 which establishes record keeping requirements for market participants.


  • 1.31 Books and records; keeping and inspection.

(a)(1) All books and records required to be kept by the Act or by these regulations shall be kept for a period of five years from the date thereof and shall be readily accessible during the first 2 years of the 5-year period. All such books and records shall be open to inspection by any representative of the Commission or the United States Department of Justice. (2) A copy of any book or record required to be kept by the Act or by these regulations shall be provided, at the expense of the person required to keep the book or record, to a Commission representative upon the representative’s request. Instead of furnishing a copy, such person may provide the original book or record for reproduction, which the representative may temporarily remove from such person’s premises for this purpose. All copies or originals shall be provided promptly. Upon request, the Commission representative shall issue a receipt provided by such person for any copy or original book or record received. At the request of the Commission representative, such person shall, upon the return thereof, issue a receipt for any copy or original book or record returned by the representative. (b) Except as provided in paragraph (d) of this section, immediate reproductions on either ‘‘micrographic media’’ (as defined in paragraph (b)(1)(i) of this section) or ‘‘electronic storage media’’ (as defined in paragraph (b)(1)(ii) this section) may be kept in that form for the required time period under the conditions set forth in this paragraph (b).

Another key area of the rule established the Technical Consultant requirement which is likened to the Designated Third Party requirement of Rule

(4) In addition to the foregoing conditions, any person who uses only electronic storage media to preserve some or all of its required records (‘‘Electronic Recordkeeper’’) shall, prior to the media’s use, enter into an arrangement with at least one third party technical consultant (‘‘Technical Consultant’’) who has the technical and financial capability to perform the undertakings described in this paragraph (b)(4). The arrangement shall provide that the Technical Consultant will have access to, and the ability to download, information from the Electronic Recordkeeper’s electronic storage media to any medium acceptable under this regulation. (i) The Technical Consultant must file with the Commission an undertaking in a form acceptable to the Commission, signed by the Technical Consultant or a person duly authorized by the Technical Consultant.


  • All required books and records shall be kept for a period of five years and shall be readily accessible during the first 2 years of the 5-year period
  • Data must be stored in a digital storage medium that exclusively stores records in a non-rewritable, non-erasable format (WORM- Write-Once-Read-Many)
  • Asserts records management system requirements
  • Sets forth original and duplicate record and associated indexes’ properties and formats
  • Designates third party technical consultant and required letter of representation (4).

Do you need a Technical Consultant to comply with CFR 1.31?

17a-4 is Technical Consultant (TC) for financial institutions that need to satisfy record keeping obligations.  Request a consultation or quote here.

FINRA 07-59 – Guidance regarding the review and supervision of electronic communications

FINRA’s guidance to assist members in the establishment and maintenance of supervisory systems for electronic communications that are reasonably designed to achieve compliance with the federal securities laws and self-regulatory organization rules.  The growth of electronic communications has raised the need for interpretative guidance.

Regulatory Notice 07-59 covers:

  1. Written Policies and Procedures
  2. Types of Electronic Communications Requiring Review
  3. Identification of the Person(s) Responsible for the Review of Electronic Communications
  4. Method of Review for Correspondence
  5. Frequency of the Review of Correspondence
  6. Documentation of the Review of Correspondence


  • FINRA expects a firm to have supervisory policies and procedures to monitor all electronic communications technology used by the firm and its associated persons to conduct the firm’s business.
  • Firms should consider, prior to implementing new or different methods of communication, the impact on the firm’s supervisory system, particularly any updates or changes to the firm’s supervisory policies and procedures that might be necessary so firms can identify and timely address any issues that may accompany the adoption of new electronic communications technologies.

Firms are reminded they have a separate, but equally important, obligation to ensure that their use of electronic communications media enables them to make and keep records, as required by SEC Rules 17a-3 and 17a-4, NASD Rule 3110 and NYSE Rule 440.

Books & Records – Overview

Books and Records are defined as the books, accounts, records, memoranda, correspondence and other documentation or information that firms have to make and preserve in accordance with the federal securities laws, MSRB rules, FINRA rules and all other applicable laws, rules and regulations. The recordkeeping rules require firms to retain, among other records, communications relating to their “business as such,” and include trade blotters, asset and liability ledgers, income and expense ledgers, capital account ledgers, customer account ledgers, securities records, order tickets and trade confirmations. These recordkeeping requirements are intended, in part, to provide regulators with the ability to access and review such records.

Maintaining complete and accurate books and records is required in order to operate in the securities industry. There are numerous rules and requirements in this area as well as firm-specific guidance that dictate the capture and retention of electronic communications, such as email and instant messages, as well as hard copy records. Registered representatives, supervisors and compliance officers need to understand these regulations and adhere to them and their firm’s guidance when conducting their business.


|The information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice.|


For more information or to request a compliance consultation.