Related Rules and Regulations
Securities Exchange Act of 1934 Rule 17a-4(f)(3)(vii)
For every member, broker, or dealer exclusively using electronic storage media for some or all of its record preservation under this section, at least one third party ("the undersigned"), who has access to and the ability to download information from the member's, broker's, or dealer's electronic storage media to any acceptable medium under this section, shall file with the designated examining authority for the member, broker, or dealer the following undertakings with respect to such records.
CFR Title 17 Commodity and Securities Exchanges § 1.31(b)(4)
In addition to the foregoing conditions, any person who uses only electronic storage media to preserve some or all of its required records (“Electronic Recordkeeper”) shall, prior to the media's use, enter into an arrangement with at least one third party technical consultant (“Technical Consultant”) who has the technical and financial capability to perform the undertakings described in this paragraph (b)(4). The arrangement shall provide that the Technical Consultant will have access to, and the ability to download, information from the Electronic Recordkeeper's electronic storage media to any medium acceptable under this regulation.
To learn more, see the Compliance IT Solutions Designated Third Party data sheet or request a quote for the Compliance IT Solutions Designated Third Party Service.
Designated Third Party (D3P) Compliance Provider
Compliance IT Solutions D3P Deliverables
With the enactment of the Dodd-Frank Act, the financial regulatory landscape is in a state of flux with new rules promulgated every month. The objective of these rules is to increase transparency and to ultimately reduce systemic risk to capital markets. Financial institutions subject to the U.S. Securities and Exchange Commission (SEC) Rule 17a-4 and the Commodity Futures Trading Commission (CFTC) Rule 1.31 are required to meet strict regulations that govern electronic data storage, retention and IT processes. A specific provision of both SEC Rule 17a-4 and CFTC Rule 1.31 requires organizations to designate at least one third party who can independently access, download and deliver information from the organization’s electronic storage media to regulatory authorities.
SEC Rule 17a-4 states that "...every member, broker, or dealer exclusively using electronic storage media for some or all of its record preservation must have an arrangement with a third party who can provide the SEC with access to a broker-dealer's records upon request."
Financial institutions that retain and house their own data must engage a reliable, independent third party with technical IT knowledge and secure processes to carry out its duties under these SEC and CFTC requirements.
Compliance IT Solutions' Designated Third Party service offers a safe, secure and compliant solution. Through its Designated Third Party (D3P) Service, Compliance IT Solutions assists financial institutions in meeting the SEC's and CFTC’s requirements, ensures your data is continuously available and helps ensure compliance integrity. Our comprehensive environmental plans not only satisfy the independent third-party requirement, but also help uncover system and configuration issues in advance of an audit. Compliance IT Solutions' detailed methodology involves analyzing your IT environment and attesting your compliance to the SEC, FINRA, CFTC and/or other regulatory authorities. The result is peace of mind and assurance that your firm has satisfied these requirements in a secure and reliable manner.
As part of our D3P compliance service, Compliance IT Solutions works with your IT staff either onsite or remotely to:
**Develop a comprehensive environment plan detailing our access to your electronic records
**Test our procedures to demonstrate and confirm easy record retrieval
**File a Letter of Undertaking with the SEC, FINRA, CFTC and/or other regulatory bodies
**Update your environment plan and test download procedures periodically
Keep your company in compliance with SEC Rule 17a-4 and CFTC Rule 1.31