Back to Blog


Marketing Team


Do PIMFA have a content calendar which might help planning? In what capacity could we best help Nigel and PIMFA with content? Are there opportunities for us to do research together? As an associate member what can we deliver through PIMFA?

Do PIMFA have a content calendar which might help planning? In what capacity could we best help Nigel and PIMFA with content? Are there opportunities for us to do research together? As an associate member what can we deliver through PIMFA?

These SEC rules are around the need for broker/dealer books and record requirements (think of them as a more extensive version of the FINRA 4511 rule). Keeping records is a part of the day-to-day in every business but the demand within financial services is much higher and these regulations require broker/dealers to create and preserve comprehensive records of each securities trade.

This includes documents, emails, fax messages, instant messages and other types of written and digital communications. Not only do these records need to be easily accessible and absolute (as dictated by 17a-3), but they need to be retained for at least six years and time-stamped (with 17a-4 giving guidance on how these records need to be retained). The latter regulation requires that data be stored in formats that can't be rewritten or erased, and duplicate copies of messages must be stored in separate locations.

We've created a MiFID II eGuide to help you....

Additionally, all data must be indexed and ready for an audit at any time by the SEC, with audit logs that document access to messages. These regulations have been updated over the years to keep up with how the industry is evolving and since 2017 have included new rules on text messaging and social media communications.

Personalisation sub title


All rDo PIMFA have a content calendar which might help planning? In what capacity could we best help Nigel and PIMFA with content? Are there opportunities for us to do research together? As an associate member what can we deliver through PIMFA?


How challenging is it meeting these regulations?

Complying with 17a-3 and 17-a4 is easier said than done.

In such a crowded and efficient market as the US, there are hundreds of thousands of trades being executed every single day. While technology has dramatically enhanced the speed and efficiency of doing business, it has also reduced the margin for error and firms have to ensure they are operating at maximum capacity (to not only give their clients some competitive advantage but to also stay ahead themselves).

The regulations in subsection 17a require records of each of these trades including all the digital communications pertaining to them. As discussed, the scope of these regulations has widened and broker/dealers are now expected to keep tabs on a greater number of information points while keeping ahead of an increasingly competitive marketplace.

The SEC doesn’t want firms to simply pay lip service to 17a-3 and 17a-4. The thorough level of data they expect to see recorded could make a crucial difference in the event of a breach or significant market event. With such serious penalties at the regulator’s disposal, firms can’t afford to get this wrong.

How can firms meet these regulations?

Satisfying 17a-3 and 17a-4 comes down to two main things: internal systems and technology.

With the first, firms have to ensure – like with all regulations – they know what is required and have processes and systems in place to meet them. Regulations are a fact of life in financial services so it is helpful for everyone to understand them, know what they need to do to stay compliant and embrace them in the day-to-day business activity.

With the second, technology is now an unavoidable part of compliance and can enhance a firm’s efficiency in meeting its regulatory responsibilities. The SEC has provided additional guidance to how technology can help firms achieve 17a-4 compliance in the snappily named release ‘34-47806, 17 CFR Part 241’ or ‘Electronic Storage of Broker-Dealer Records.’ In summary, technology used to support 17a-4 must:

(A) allow storage of records in a non-rewriteable and non-erasable format,
(B) verify automatically the quality and accuracy of the storage media recording process,
(C) serialize the original and, if applicable, duplicate units of storage media, and time-date for the required period of retention the information placed on such electronic storage media, and
(D) have the capacity to readily download indexes and records preserved on the electronic storage media.

Fortunately, there is an area of RegTech that has been around for some time that is able to satisfy this record-keeping requirement: web and social media archiving.


Your very own 17a-3 and 17a-4 cheatsheet


We’ve created a comprehensive and concise cheatsheet on 17a-3 and 17a-4. It’s imperative that you know what these regulations are, what they require and how they can be met. To grab your copy simply click the button below.



The art of web and social media archiving


The expert archivers out there will be well acquainted with just how powerful digital archiving can be to address compliance and brand preservation challenges. However, for those newer to the world of archiving, we’ll quickly dive into the process.

Web archiving is the process of capturing an authentic record of your website’s entire digital footprint, and as you’ve probably guessed, social media archiving is the same process but for each of your social media channels.

Web pages typically have a shelf life of 90 days, but with modern-day websites the content is often dynamic and refreshed more regularly. This means a business may not only have hundreds of web pages, but they also have personalised content that changes based on different users visiting.

Check out The Essential Guide to Website Archiving to learn how you can capture and store immutable records of your website and social content

As you can imagine, capturing and archiving these pages can become a nightmare for compliance and marketing teams who need to retain records of all promotions and communications delivered internally and externally.

With so much data to monitor and retain, an archiving platform captures this information and ensures a complete and accurate record is safely stored in a legally admissible format. Teams can then utilise the platform for auditing purposes with the ability to revisit the archives from any date and time.

It’s not just for compliance either, brands are archiving for brand preservation and to capture their digital history (something which many brands are at risk of losing). This also allows marketing teams to uncover insights by analysing their digital footprint from any point in time.

Leading financial services firms are using the MirrorWeb Archiving Platform to help solve these challenges. The platform enables you to capture, archive and monitor electronic communications to meet the compliance requirements of MiFID II, FCA, GDPR and FINRA. 

More from the Blog

Whatsapp Compliance, Self-Reporting, and Ripping off the Band-Aid

The SEC has incentivized firms to self-report on off-channel violations. We look into the process and its benefits.

Read Story

FINRA Report 2024: Recordkeeping Takeaways

Key recordkeeping teakeaways from the 2024 FINRA Annual Regulatory Oversight Report.

Read Story

How MirrorWeb Evolves with Demand

Adaptability is vital in the world of communications surveillance. This blog looks at MirrorWeb’s journey as a company, and why it's helped us be agile and reactive to a challenging regulatory landscape.

Read Story

See what we can do for you.

Let us show you why MirrorWeb is trusted by organizations across the globe for their compliance and digital preservation needs.