How to Legally Archive Electronic Data for SEC Compliance

By eHow Legal Editor

Rate: (0 Ratings)

Electronic data needs to be archived in such a way that makes it traceable and retrievable, should there by any question of noncompliance from the U.S. Securities and Exchange Commission (SEC). Companies are subject to fines if their data is subpoenaed but can't be located, and simply creating backups isn't always enough. All companies should create documented procedures for storing and retrieving electronic records.

Flag Article

Instructions

Difficulty: Moderately Easy

Things You’ll Need:

Non-erasable and non-rewritable media
Archiving firm (optional)

Step1

Decide whether you want to retain your own data or hire an archiving firm to do it for you. Archiving and backup firms can retain copies of all emails, attachments, electronic faxes and instant messages. You will still need to retain copies of any non-electronic client communication, interoffice notes and correspondence, accounting records, legal documents and financial statements.

Step2

Choose a method and place of storage that is easily accessible. According to Section 17a-4 of SEC guidelines, all records must be initially stored in an easily-accessible location for 2 years. The records may then be moved to a remote location, if needed, for the remaining 4 years.

Step3

Archive your original data using non-rewritable and non-erasable disks. To save your corporation's data legally, try WORM ("Write Once, Read Many") disks.

Step4

Consider purchasing a database software program that will encrypt data as well as store it on non-rewritable and non-erasable media. Look into safe double-encryption like MD5 and SHA1 algorithms, which will prevent tampering with original documents. Companies such as Oracle and Siebel offer database archiving solutions.

Step5

Assign serial numbers to portions of archived data. With serial numbers, you can develop a trail for auditors or investigators.

Step6

Ensure your storage solution features built-in redundancy. If you are storing your data yourself, create 2 copies of every file. You can store one off-site to protect against disaster or any unforeseen destruction of the primary storage location.

Tips & Warnings

Depending on the size of your company, you may want to hire an outside firm to handle your archiving and backup needs. These firms offer hosted archiving and monitoring services, and many offer services specifically designed to keep companies in full compliance with SEC regulations.
Expect to spend several hours planning your archiving strategy. If you choose to hire a firm to handle your archiving, you will have much less ongoing maintenance time.
Noncompliance with SEC regulations can result in investigations, trading bans and fines.