The United States Securities and Exchange Commission (SEC) has primary responsibility for enforcing federal securities laws and regulating the securities industry and the stock market. The SEC was created by Section 4 of the Securities Exchange Act of 1934, commonly referred to as the 1934 Act. In addition to the 1934 Act that created it, the SEC enforces the Securities Act of 1933, the Trust Indenture Act of 1939, the Investment Company Act of 1940, the Investment Advisers Act of 1940, the Sarbanes-Oxley Act of 2002 and other statutes.
The SEC 17A mandates were created by an amendment to the 1934 Act. These mandates cover overall record keeping for the financial services industry, including policies, procedures, customers, accounts, correspondence and transactions. They also cover mandates for maintenance, storage, monitoring and accessibility.
Rule 17a-3 covers document retention requirements— what documents must be retained and for how long. Rule 17a-4 regulates how these documents must be retained. In combination, Rules 17a-3 and 17a-4 require preservation of records in an easily accessible manner. With the advent of computer technology, including word processing software, spreadsheet and financial software and e-mail programs, as well as hardware devices and other media to store electronic information, the SEC updated these rules to include provisions for storage on electronic media. General electronic document retention requirements state:
• There must be written and enforceable retention policies.
• Data must be stored on indelible, nonrewritable media.
• There must be a searchable index of stored data.
• Data must be readily retrievable and viewable.
• A backup of data must be stored off-site.
For more information on regulations, including SEC and FINRA regulations and important statutory regulations, please see Appendix One, located at the back of the guide, available as a free download below.