A proper data backup and archiving solution to meet SEC rule 17a-4 needs the following features:


Rule 17a-4 stipulates that a firms must protect and keep available the books and records relating to its business. This must include data such as email residing on internal servers or PCs and other records such as word documents, PDFs, scanned files and key user’s databases on users’ hard drives or in the cloud.

Completely Self-Managed:

The backup and archiving process should be fully managed by the provider who will completely administer the process to ensure no gaps appear in a firm’s data compliance strategy.


The third party provider’s backup and archiving software should have the ability to automatic send email reports to compliance officers for review. This will be part of the firms’ supervisory duties and a key component of their regular compliance reporting and auditing procedures.

Indexing of Data:

A compliant supervisory tool automatically indexes data added to the archive. Indexing means data can be retrieved properly so searches are faster and any new information is quickly searchable in the archive.

Secure Access:

Ideally, the archive will be accessed from a secure web interface. This allows compliance officers and other key staff to easily share the electronic records supervisory duties.

Downloading Data:

Compliance officers need to make copies of electronic records for auditors. And a proper supervisory solution will centralize the downloading of all data such as emails, word documents, scanned records and key client databases. In addition, any data that is needed by regulators during the electronic records request must be downloaded in an encrypted zip file format.