Regulatory Challenges
Changing Environment
With the continuous passage of new laws each year, meeting regulatory compliance requirements can seem like an endless task. Rather than find a new solution for the "law of the month", MobileMandate provides a single long-term solution which is flexible enough to adapt to new laws without requiring a massive migration or technology initiative to accommodate for changes in the regulatory environment. MobileMandate offers the most future-proof and adaptable solutions available today.
|
|
The U.S. Supreme Court has recently ratified changes to the Federal Rules of Civil Procedure (FRCP), which took effect on December 1, 2006. These changes shift the rules of discovery in a legal proceeding from a focus on policies for electronic records retention, disposition and preservation, to a focus on procedures that will streamline evidence presentation.
|
|
|
The Sarbanes-Oxley Act of 2002 was enacted in the wake of several major corporate and accounting scandals. Its provisions affect electronic communication retention, integrity and oversight. Sarbanes-Oxley applies to all publicly traded companies and the CPA's and attorneys associated with these companies.
|
|
|
SEC 17a-4 and NASD 3010 were enacted to protect investors from fraudulent or misleading claims by securities dealers. SEC 17a-4 was amended in 1997 to provide procedures for the storage of electronic records. 17a-4 and NASD 3010 apply to all individuals and organizations involved in trading securities including securities firms, stock brokerage firms and banks. Firms that have violated these regulations have faced fines in excess of a million dollars.
|
|
|
Written Supervisory Procedures must be developed for the review of any written and electronic correspondence with the public relating to investment banking or securities business. If an electronic or manual pre review is not done, then appropriate supervisory procedures must be developed, as well as monitoring, testing, and educating employees on the procedures. Employee education must be documented.
|
|
|
All business which handle, maintain, store or exchange private health or patient related-information, regardless of size, are subject to HIPAA. In addition to health care providers and insurers, this includes employers maintaining employee health records, life insurers, public health authorities, organ donation banks, pharmacies, long-term facilities, billing agencies and clearinghouses. Each instance of intentional unauthorized disclosure is punishable by fines up to $250,000 and possibly 10 years of jail time.
|
|
|
The Gramm – Leach Bliley Act or GLBA (also known as the Financial Modernization Act of 1999) became fully effective on July 1, 2001. The law applies to banks, brokerage firms, tax preparation companies, insurance companies, consumer credit reporting agencies and a wide variety of other financial services firms. Violations of the GLBA may result in a fine of up to $100,000 dollars and 5 years in jail. The primary focus of the GLBA is the protection of customer’s personal financial information.
|
|
|
Investment Industry Regulatory Organization of Canada (IIROC) requires that all client correspondence and related documents, including emails, must be retained for five years from the date of creation. In addition, all sales literature and related documents must be retained for two years from the date of creation. Archived sales literature and correspondence must be readily available for inspection by the Association at all times.
|
|
|
Markets in Financial Instruments Directive (MiFID) requires all electronic communications to be recorded when orders are received over this electronic communication medium. Data must be stored for a three year period in a format readily accessible by the FSA. It must not be possible to alter or manipulate the records.
|
|
|
The U.S. Securities and Exchange Commission (SEC) has recently imposed new regulations on private investment pools, also known as hedge funds. The SEC requires hedge fund managers with assets in excess of $25 million to register under the Investment Advisers Act of 1940. The ruling requires that most hedge fund advisers register with the SEC under the Investment Advisers Act of 1940, which includes provisions for securing, managing and archiving all electronic communication.
|