Posted by Philip Clegg on 16-Jan-2018 13:34:38

Backup vs. Archiving for MiFID II: What's the Difference?

MirrorWeb explain the difference between backing up and archiving for MiFID II compliance

There is often confusion around the terms of a "backup" and an "archive",  which can cause problems for businesses who need to be recording and storing the right type of data records for compliance and legal defense measures.

With MiFID II currently in force, it is vital for firms and organisations to understand the correct terminology between a backup and an archive and the difference between the two.

What is a Backup?

A backup is a copy of data that can be used for a business' operational recovery. Therefore, if there has been a case of deletion (accidental or otherwise), overwriting or corruption of your data, you will be able to recover it and resume operations as normal with minimal disruption. If you do use a backup to restore data, you will only be able to restore to a previous point in time (the point where you last backed up your data).

What is an Archive?

On the other hand, an archive is a collection of historical records with the purpose of providing long-term preservation and retention of data for regulatory compliance - not for rapid recovery after a data loss incident. Archives are a stored version of those records that cannot be changed and are incorruptible.

Why Archiving is Essential for MiFID II

The Code of Practice on Evidential Weight and Legal Admissibility of Electronic Information (BS 10008:2014) is concerned with the authenticity, integrity and availability of electronically stored information.

In particular, an organisation must be able to demonstrate certain proof (whether to a court of law or regulatory body) that the contents of a data file or document have not changed since the time of storage and is a true representation of the original form. Proving authenticity of electronically stored data is crucial to admissibility.

If a business is backing up their electronic communications primarily for the purpose of disaster recovery, then it's unlikely this data will be legally admissible in court in dispute resolution. As a backup is only a copy of data at a particular point in time and designed for rapid operational recovery, it may be stored in a format that can be manipulated after capture and is therefore refutable. In addition to this, according to Article 16 of MiFID II, a backup would not be able to demonstrate the proper level of compliance in being "accurate, quality and complete" data.

This is why an archive is essential for MiFID II where Article 16 is concerned with recording electronic communications in a compliant way. If your archives:

  • Use WORM (write once, read many) technology
  • Are ISO accredited in how they are managed and stored
  • Have timestamp functionality


You can ensure that your data cannot be directly modified once it has been stored and has the added advantage of providing certain proof for admissibility purposes and can demonstrate compliance for MiFID II and regulatory bodies such as the FCA and SEC.

Time to Look for the Right Archiving Solution

Though the MiFID II deadline has passed, due to the scale of what is required, the FCA has stated that they will act more favourably against firms who have been taking the right steps towards getting their organisation compliant with the new rules, compared to those who have made no effort at all.

So if at this stage, your firm has only been making use of backups for your electronic communications, then it is vital to start looking at implementing a suitable archiving solution that can help with your compliance with MiFID II as soon as possible.

For more information on archiving your electronic communications for MiFID II, Article 16, download our free guide to see how MirrorWeb can help with your compliance.

 

New Call-to-action

This is an inline guide purely for the editor, it will not show in the final blog, designed the assist you with setting the options below in the 'Gate Trigger' section.

You will not be able to use the WYSIWYG editor for this it's code only so follow these instructions carefully.

Form
We need to add the same form for each blog, you can if you want to make your own form but you'll need to change the formId which will be in the URL for the form e.g. https://app.hubspot.com/forms/3937722/79ed800f-84ff-41cd-bc57-dd700f2e9c73/edit:

<h4>Want to find out more? Fill out the form to read the rest of our guide to see why you might not be compliant and how you can start recording your electronic communications in the most effective way for MiFID II, Article 16.</h4>
<h3>To unlock 900+ more words, simply complete the form below</h3>
<script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/v2.js"></script>
<script>
hbspt.forms.create({
portalId: '3937722',
formId: '79ed800f-84ff-41cd-bc57-dd700f2e9c73',
css: '',
onFormSubmit: function($form) {
gateTriggerForm('Backup vs. Archiving for MiFID II: What's the Difference?');
}
});
</script>

Topics: MiFID, Website Archiving

Philip Clegg

Written by Philip Clegg

Comments