How Can FINRA Firms Make the Cloud 17a-4 Compliant?

The cloud surely is a viable option for small FINRA firms to store data. Broker-Dealers for example can effectively use it to share documents among employees, partners and customers. However, they need to understand that storing data in the cloud by default is not 17a-4 compliant simply because data can be modified at any time by anyone. Therefore extra steps need to be taken, however each cloud service has a different method to make it compliant.

For example, Dropbox creates a synchronized local folder on each PC its installed on. So it is a simple matter of transferring this data to a FINRA designated provider. ShareFile on the other hand requires that customers install a tool to connect to its cloud and synchronize data to a local folder. This tool is free and can be scheduled to run constantly and make secondary copies of cloud data for compliance.

Microsoft Office 365 on the other hand requires customers to purchase a third party tool to synchronize their data, while other cloud providers, like Livedrive simply don’t have a method to make compliant copies of data stored with them.

No matter what cloud provider FINRA firms choose to store electronic records, their data is not protected nor is it properly archived, they have to understand a couple take extra steps are needed: make secondary copies of cloud data, then choose a D3P that can properly archive this data so it is retained on 17a-4 compliant storage.

Allan Lonz
Allan Lonz
Allan Lonz, President and CEO of AdvisorVault is a veteran in the field with over 15 years experience providing data compliant solutions to the financial industry, especially for small firms. Recognizing that very few backup vendors understood the data compliance challenges of small broker-dealer firms, Allan created AdvisorVault - a remote backup company designed to provide his customers with a solution to ensure they meet all current rules from FINRA and the SEC. It includes all the hardware and software to remotely backup, archive and ensure disaster recovery of critical electronic records such as email, books and records and all other data at head office, branch offices and remote locations in accordance with rules 17a-3 and 17a-4. With Allan’s deep understanding of technology, compliance and finance he brings a unique mix of expertise that allows him to design a complete turn-key product. Priced at one small monthly fee, this "out-of-the-box " approach takes the burden off his customers shoulders and allows them to experience complete data compliance peace of mind simply and inexpensively.