AdvisorVault’s 17a-4 Cloud Backup Plug-in will make you purr like a kitten; it’s a game changer when you need to be compliant on the cloud, I am talking about Google Workspace and Microsoft 365 (the only two real options firms today). I mean, at the end of the day, moving your company to the cloud is a good decision – there’s no need for in-house systems anymore, IT support is gone, also bye-bye individual user licensing fees, and you get an instantly mobile workforce for one flat monthly fee per user with everything they’ll need to do their jobs from, anywhere. For example, if you choose Microsoft 365 each employee gets a full featured email account on Microsoft Exchange Online, with all the bells and whistles, tons of space on OneDrive, a company SharePoint site for collaboration and Teams for video conferencing.

The Problem With the Cloud and Rule 17a-4

Although the cloud is great, and FINRA is fully behind members who want to use it (in fact, regulators don’t care what technology firms use as long as they meet the basic demands of rule 17a-4: meaning they keep separate copies of data in a secondary location in original format where it can be retrieved when audited). However, it’s important to understand there are major problems with cloud services like Google Workspace and Microsoft 365 when it comes to compliance. For example, data on the cloud isn’t backed up; it’s not retained for 7 yrs. in any kind of archive; if something is deleted, you can’t call Microsoft or Google and ask them to restore it and there’s no features to search data, or retrieve records, there’s no flagging or supervision capability, finally cloud providers won’t act as the 17a-4 D3P. (I’m suspecting they’re trying to cut down on legal fees…)

Nonetheless, trying to use their built-in tools to meet compliance is difficult. I mean, just try setting up a Lock Policy on Google or configuring Archived Mailboxes for everyone on Exchange Online, you’ll also need to know how to run PowerShell Commands and create Retention Rules to apply Preservation Locks. Then there’s creating Azure Immutable Blob Storage, or designing Google Cloud Buckets — let’s be honest, that’s too complicated for the average small firm! However, this doesn’t matter since Microsoft and Google won’t give you the FINRA attestation letters anyway.

In reality, you’ll need to add a proper D3P to the cloud to make it compliant, that’s what we do, with our 17a-4 Direct Cloud Plug-in.

Direct Cloud Archiving Designed for Small Firms


Our Direct Cloud Plug-in helps firms on Google Workspace and Microsoft 365 meet all the demands of rule 17a-4, it connects directly to the cloud, runs in the background, is automated and managed by AdvisorVault with three main features to help customers with compliance:

One: Archive all Items

The first thing our 17a-4 Cloud Plug-in will do upon setup is automatically to run with all the features making the cloud compliant, including:

  • Complete archiving of email boxes, data stored on OneDrive and SharePoint including Teams chats, Google shared drives, Google groups, Google chats and Google personal drives

  • Granular protection of data with the ability to restore individual emails, files, contact, calendar items and chats

  • The transfer of data off the Microsoft Cloud and Google to a separate system that’s 17a-4 compliant

  • Automatically detect, backup and archive data on the cloud as users create it

Two: Supervision

The next thing firms need once their data is protected is the ability to supervise electronic records that have been archived off the cloud. This is important for ongoing compliance and when the FINRA regulator comes in for the audit to see you’ve been checking the firms archive regularly, We include:

  • Ability to search the archive, emails, documents chats

  • Flag items

  • Download records for FINRA electronic records requests

  • Give regulators access to the 17a-4 archive during an audit

Three: Flexible Licensing Costs

Finally, it’s important (especially for small firms) to keep the cost of data compliance low. We do this by:

  • Pricing our service at one flat fee including everything needed for 17a-4

  • Using a Pay-as-you-grow licensing model, only pay for accounts and data amounts as they are added

  • Reducing the cost for removed users, retired employees

  • Unlimited pricing for data including emails and electronic records

About AdvisorVault

AdvisorVault is the only FINRA D3P with a Consolidated 17a-4 Service, designed to give small firms everything needed to meet today’s data compliance demands. Our turn-key approach performs the archiving, retention, and supervision of electronic records no matter where they are stored – in-house or in the cloud. Including the FINRA third party letters with all the required documentation. For one flat monthly fee it’s the only fully 17a-4 compliant option – Complete data compliance peace of mind, out-of-the-box.

Allan Lonz, President
direct: 416-985-0310
Toll free: 1-866-732-1407 ex 1