Home About Data Solutions News Data Solutions Services Data Solutions Partners Technical Support Contact Data Solutions

June 2005

Data Solutions Partners with Global Relay; The World Class E-Mail & IM archiving and compliance solutions:

Global Relay's email & IM archiving services are simply superior. We offer the fastest search, retrieval and monitoring capabilities in the world today. Our email & IM archiving and perimeter security technology provides businesses with highly secure offsite storage and backup while satisfying all compliance, privacy, security, business continuity, corporate governance, audit and litigation requirements.

Banks, brokerages dogged by message storage rules

By Thomas Hoffman
Information technology managers at financial services firms are finding it increasingly difficult to comply with regulations that require them to archive e-mail and instant messaging exchanges with customers and ensure that the messages can be retrieved.

The U.S. Securities and Exchange Commission, the New York Stock Exchange and the National Association of Securities Dealers have all imposed regulations on the types of information that brokerages can share with clients via e-mail or IM and how long messages must be stored so they can be retrieved for regulatory audits.

The regulations have created "a poisonous atmosphere" for brokerages that are struggling to comply with them, says Stephen Shine, senior vice president and senior counsel at Prudential Equity Group LLC in Newark, N.J. He was one of the speakers at a conference on the use of messaging and collaboration tools in the financial services industry, held recently by New York-based Information Management Network, Inc.

One of the big challenges that securities firms face is being able to retrieve e-mail correspondence for regulators within 24 hours, as some measures require, Shine says. "Regardless of how sophisticated your e-mail retrieval system is, you won't be able to comply by tomorrow," he says.

Shine recommends that companies take several steps to intervene with regulators, such as asking for adequate time to review e-mail messages in order to determine whether any of the requested correspondence impinges on attorney/client privileges.

Not complying with the messaging regulations is a potentially costly problem. The most notable enforcement actions were taken in December 2002, when the SEC fined five broker/dealers a total of $8.25 million for improperly storing e-mail.

Brokerages frequently audit and test their e-mail and IM backup and recovery procedures, but those efforts are probably not done consistently enough to meet regulatory requirements, says Andy Welch, a senior manager at KPMG LLP's risk advisory practice in Short Hills, N.J.

Regulators at the Federal Deposit Insurance Corp. in Washington are also concerned about the potential network security vulnerabilities created when bank employees use IM tools for external communications.

Attempts by banks to secure IM exchanges via the use of firewalls have proved to be very difficult, says Kathryn Weatherby, an examination specialist in the FDIC's division of supervision and consumer protection. In order to help reduce the security threats, Weatherby recommends that IT managers at banks set and enforce limits on which of their employees can use IM externally.

Return to News Home

Copyright © 2006 :: Data Solutions, Inc.