The Path To 17a-4 Compliance On Microsoft 365

Some of our customers:

AdvisorVault takes a unique approach to data compliance by partnering with Compliant Workspace helping small FINRA firms meet 17a-4 on Microsoft 365

TORONTO, ONTARIO, CANADA, January 13, 2024 /EINPresswire.com/ — The recent change FINRA made to 17a-4 allowing firms to use an audit trail to meet the long-term retention demands of the rule doesn’t make sense; firms still need a Designated Third Party (D3P) to archive data offsite, retaining it for 7 years, and to meet FINRA’s new cybersecurity demands. Also, since the D3P is archiving records in 17a-4 WORM format already, an audit trail is a moot point. In reality, the solution for firms today – especially small ones wanting to meet 17a-4 is getting on Microsoft 365 properly.

For FINRA firms, getting on Microsoft 365 properly means three things: (1) a clear path fully migrating everything off in-house systems to 365, (2) an add-on application to secure & monitor activity on the cloud, especially registered reps, and finally (3) a plugin to archive and retain data off Microsoft 365 to meet the FINRA 17a-4 electronic records retention demands. That’s why we chose Compliant Workspace to help get customers 17a-4 compliant on the Microsoft Cloud.

Compliant Workspace. A Clear Path To 17a-4 With Microsoft 365:

Compliant Workspace, (unlike Microsoft or other generic cloud providers selling companies the basic subscription only) has a complete package getting FINRA firms on the cloud compliantly with their 365 Migration Service they help rid customers of in-house systems. This means, moving all users’ data off personal PCs to individual OneDrive accounts; migrating in-house data stored on servers to company SharePoint sites; email accounts fully migrated to Exchange Online; with private/group chats on Teams configured – ready to be archived centrally for 17a-4.

Also, with Compliant Workspace firms get a “FINRA approved cybersecurity addon” direct into the Microsoft Cloud, including 24/7 email alerts, detections in security policies changes, sign-in from unusual locations, unknown devices or IPs, suspicious mailbox activities, administrator abuse threat protection. Direct to compliance officers, also with deployment of best practice security options. In addition, always-on audit logs monitoring files, emails and chat activity with MFA enable for admin/all users and set inbound/outbound spam notifications. All the features needed to make Microsoft 365 fully compliant with the new FINRA cybersecurity demands, out-of-the-box.

AdvisorVault’s Cloud Archiving Plugin For FINRA Records Retention:

After full migration to Microsoft 365, firms need to take an extra step to be fully 17a-4 compliant – they’ll need to add a Cloud Archiving Plugin since by default Microsoft doesn’t protect customers data on their cloud: they surely don’t retain it as per 17a-4. (In fact, Microsoft will not provide the two third-party attestation letters FINRA wants) therefore, an additional step is needed to get 17a-4 compliant on the Microsoft Cloud.

That’s why AdvisorVault adds a 17a-4 Cloud Archiving Plugin to the cloud specifically to meet the long-term archiving and retention demands of 17a-4 and includes: archive/retention of emails, data stored on OneDrive and SharePoint including Teams chats, in addition, our 17a-4 Cloud Plugin for Microsoft 365 does granular protection with the ability to restore individual emails, files, contacts, calendar items and Teams chats – critical for audits when the firm needs to reproduce electronic records. Finally, our 17a-4 Plugin automatically detects, & archives data on the cloud as users create it, ensuring records are always transferred to a separate system, giving further protection against ransomware attacks.

To learn more how AdvisorVault and Compliant Workspace can help your firm get 17a-4 compliant on Microsoft 365 contact us today:

Allan Lonz
AdvisorVault
+1 866-732-1407
alonz@advisorvault.com