AdvisorVault & Compliant Workspace. A Unique Path To 17a-4 Compliance On Microsoft 365

Despite the confusion FINRA created last year with their new audit trail option, AdvisorVault takes a unique approach to data compliance by partnering with Compliant Workspace helping small FINRA firms meet 17a-4 on Microsoft 365

ST. PETERSBURG, Fla. - Jan. 12, 2024 - PRLog -- The recent change FINRA made to 17a-4 allowing firms to use an audit trail to meet the long-term retention demands of the rule doesn't make sense; firms still need a Designated Third Party (D3P) to archive data offsite, retaining it for 7 years, and to meet FINRA's new cybersecurity demands. Also, since the D3P is archiving records in 17a-4 WORM format already, an audit trail is a moot point. In reality, the solution for firms today – especially small ones - wanting to meet 17a-4 is getting on Microsoft 365 properly.

"These days, when a firm calls me (often in desperation) needing to meet 17a-4, I immediately ask: Where is the firm's data stored? Where is email hosted? What's used for teleconferencing/messaging? How many 17a-4 D3Ps are there? With this information, I can immediately find gaps in their 17a-4 electronic records archive." Said Allan Lonz, President of AdvisorVault. "What I usually tell firms is the best way to close gaps in data compliance is getting on Microsoft 365 properly." Lonz added.

For FINRA firms, getting on Microsoft 365 properly means three things: (1) a clear path fully migrating everything off in-house systems to 365, (2) an add-on application to secure & monitor activity on the cloud, especially registered reps, and finally (3) a plugin to archive and retain data off Microsoft 365 to meet the FINRA 17a-4 electronic records retention demands. That's why we chose Compliant Workspace to help get customers 17a-4 compliant on the Microsoft Cloud.

Compliant Workspace: A Clear Path To 17a-4 With Microsoft 365
Compliant Workspace, unlike Microsoft or other generic cloud providers who sell companies the basic subscription only, has a complete package getting FINRA firms on the cloud compliantly with their 365 Migration Service they help rid customers of in-house systems. This means, moving all users' data off personal PCs to individual OneDrive accounts; in-house data stored on servers migrated to company SharePoint sites; email accounts are fully migrated to Exchange Online; and private/group chats on Teams configured - ready to be archived centrally for 17a-4.

Also, with Compliant Workspace firms get a FINRA approved cybersecurity add-on direct into the Microsoft Cloud, including 24/7 email alerts, detections in security policies changes, sign-in from unusual locations, unknown devices or IPs, suspicious mailbox activities, administrator abuse threat protection. Direct to compliance officers, also with deployment of best practice security options. In addition, always-on audit logs monitoring files, emails and chat activity with MFA enable for admin/all users and set inbound/outbound spam notifications. All the features needed to make Microsoft 365 fully compliant with the new FINRA cybersecurity demands, out-of-the-box.

AdvisorVault's Cloud Archiving Plugin For FINRA Records Retention
After full migration to Microsoft 365, firms need to take an extra step to be fully 17a-4 compliant – they'll need to add a Cloud Archiving Plugin. Since by default Microsoft does not protect customers data on their cloud; its surely not retained as per 17a-4, (In fact, Microsoft will not provide the two third-party attestation letters FINRA will need) therefore, an additional step is needed to get 17a-4 compliant on the Microsoft Cloud.

That's why AdvisorVault adds a 17a-4 Cloud Archiving Plugin to meet the long-term archiving and retention demands of 17a-4 and includes: archive/retention of emails, data stored on OneDrive and SharePoint including Teams chats, in addition, our 17a-4 Cloud Plugin for Microsoft 365 does granular protection with the ability to restore individual emails, files, contacts, calendar items and Teams chats - critical for audits when the firm needs to reproduce electronic records. Finally, our 17a-4 Plugin automatically detects, & archives data on the cloud as users create it, ensuring records are always transferred to a separate system, giving further protection against ransomware attacks.

To learn more how AdvisorVault and Compliant Workspace can help your firm get 17a-4 compliant on Microsoft 365 contact us today:

Allan Lonz, President
alonz@advisorvault.com
www.advisorvault.com
direct: 416-985-0310
Toll free: 1-866-732-1407 ex 1