For organizations looking to keep compliant with the U.S. Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA), these businesses need to make sure their digital files are kept on WORM media.
“Write Once, Read Many” is a state in which files are retained in an indelible manner. Files that are retained with WORM, means that once they are created and stored, they cannot be altered or deleted until the designated retention period is over. They can be accessed and viewed as many times as necessary, but they are locked down from being edited in any way, hence the title of “write once, read many.”
Financial services that wish to remain compliant with the SEC and FINRA require WORM compliance for most records containing financial data. It’s essential that every document created or received by an accounting firm and other registered broker-dealers is carefully categorized and given the proper retention date.
In the case of an audit, businesses need to be able to prove that a record is locked and has not been altered in any way.
Violating this compliance comes with steep penalties. Fines and penalties are determined on a case-by-case basis, usually depending on the severity of the violation and the number of records involved. In 2016, FINRA fined 12 firms a combined $14.4 million for not storing records in a WORM format.
For reasons of lowering liability, most financial services don’t want to keep a record around any longer than they have to. Even if the record is well past its retention date, if a business is subpoenaed for the record, they have to retrieve and present it.
Where Governance Comes In
When working with documents in an electronic format, it’s essential for businesses to use a system that’s able to lock documents in a WORM format. When it comes to issues of retention, there’s no better tool than document management software that includes governance options for individual files and folders.
The controls included in eFileCabinet document management software allows retention policies to be enabled to a cabinet, drawer, folder, and an individual file. It can even be included in a template that is used to automatically create a new folder structure as part of an automated process. Once a governance policy has been applied to a location in eFileCabinet, all files stored there are subject to the policy.
For example, a company following SEC rules must retain an unalterable file for six years. A retention policy can lock edits for six years from the time that the file is stored in that location. After the retention requirement is met, the system can allow the file to be altered if that is the desired option after the time has expired. It can also be set to notify a specified user or automatically purge it from the system.
Retention policies can be applied as a generic template when an eFileCabinet account is first created, or it can be enabled by an account administrator at a later date and customized to fit the regulatory needs and standard processes of the business.
If you need to find a system where your electronic documents can be WORM compliant, eFileCabinet can not only do it, but can make it easy to automate your compliance processes.
To see Rubex by eFileCabinet in action, fill out the form below to set up a free, personalized demo.