AdvisorVault Offers 17a-4 Compliance

Microsoft Exchange server is an in-house email system used by financial firms to manage their communications. It allows control over email accounts, sharing of contacts, calendars and public folders. In addition, it is relatively inexpensive operate, so many companies choose Exchange as opposed to outsourcing their email to a third-party provider. However, FINRA members must be aware that by default, it is not compliant. So an extra step must be taken to ensure specific compliance rules such as 17a-4 are achieved.

"Financial firms must be aware that employees can easily delete current or historical messages off their Exchange server at any time," said Allan Lonz, President of AdvisorVault Inc., a third party provider that works with FINRA firms. "Even if a firm performs regular backups messages can be removed between backup cycles. Also attempting to restore emails from previous backups is difficult, even for an experience technician."

So, financial firms who use Exchange as their in-house email solution need a method to ensure they are compliant with today’s long-term email archiving and supervisory rules such as 17a-4.

The Forward and Store Method
The company uses the forward and store method to help FINRA firms to ensure compliance of their in-house Exchange. This is a fool-proof method to achieve the demands of 17a-4 and makes sure emails are fully protected. It forwards a copy of all messages before they reach the Exchange Server and stores them offsite in a compliant manner.

This means, emails are stored with AdvisorVault for seven years, on non-writable disk and made readily available to compliance officers for regular supervision or in the event of an audit. Users are unaware of the process and prevented from delete message so firms are assured complete compliance with important data compliance regulation. This is critical for on-going supervision or in the event of an audit where regulator demand an electronic records request of historical messages.

AdvisorVault Supervisory Interface:
Included with AdvisorVault’s email archiving service for Exchange is a web interface that compliance officers can use to supervise and download messages.

Key features include:

• Flagging of emails. Compliance officers can prove to auditors that they are viewing message and can add a "supervised" flag to emails.
• Lexicon searches: The ability to perform full lexicon based searches of emails. This means any emails with specific words or partial words. It also include the searching of attachments
• On-the-fly Key word flagging: Messages can be flagged based on a list of key words on-the-fly, this means as emails flow through the archive that are flagged for non-compliant phrases and the compliance officer is alerted
• Download historical messages in a format required by FINRA: Historical emails can be search and downloaded in .eml format for regulators. This is an important aspect of rule 17a-4 when FINRA regulators ask for messages during an electronic records request
• Spam and virus filtering: To reduce the amount of emails and make supervision easier, spam and virus filtering is included in the archiving service to reduce amount of emails to view and supervise
• Email encryption: AdvisorVault includes the ability to encrypt email to allow secure message transfer
• Failover: In the event the Exchange Server fails users can access emails and continue to send and receive messages from a different location