When the SEC returned to its offices last week after the lengthy shutdown, it was greeted by a letter from SIFMA president Ken Bentsen, Jr. to Chair Atkins urging the Commission to “modernize” the communications and records-retention rules for broker-dealers, federally registered investment advisers, and security-based swap dealers. The letter was copied to each SEC Commissioner and Division Director, as well as to the President and Chief Legal Officer of FINRA.
SIFMA’s proposal is framed as recalibrating the record-retention rules to their original purpose, which SIFMA contends was limited to ensuring the retention of written, formal, client-facing, business-substantive communications. SIFMA also emphasizes that nothing in its proposals would reduce firms’ supervisory obligations but instead leaves it to each firm’s discretion how best to supervise its personnel.
Specifically, SIFMA proposes targeted amendments to Exchange Act Rules 17a-4 and 18a-6 and Advisers Act Rule 204-2 to significantly narrow the scope of retained communications, harmonize retention periods, eliminate third-party undertakings, and introduce a policies-and-procedures safe harbor.
The proposed amendments would:
- Narrow the definition of covered communications to client-facing and business-substantive written communications.
- For broker-dealers, written communications sent to customers or prospective customers, or among registered personnel, where the content relates substantively to the firm’s defined securities business, and at least one person in the communication is required to be registered with the broker-dealer.
- Limiting retention obligations to registered persons would dramatically reduce the universe of custodians for which the broker-dealer is required to retain records.
- For investment advisers, written communications between an investment adviser and external parties (e.g., a client or investor) are substantively related to recommendations and advice regarding investments or securities.
- For security-based swap dealers and major participants, the proposal aligns the scope to written communications substantively related to their swap business.
- For broker-dealers, written communications sent to customers or prospective customers, or among registered personnel, where the content relates substantively to the firm’s defined securities business, and at least one person in the communication is required to be registered with the broker-dealer.
- Expressly exclude from the definition of a covered communication:
- AI-generated summaries, transcripts, and recordings from meeting platforms (e.g., Microsoft Teams);
- inputs to and outputs from AI platforms and tools;
- closed captioning or other system-generated text derived from speech;
- text entered in collaborative tools (e.g., SharePoint, Google Docs, Jira);
- text viewable in or downloadable from data room materials;
- video recordings;
- graphical reaction icons such as likes or emojis;
- administrative or logistical messages (e.g., scheduling notes or “running late” messages).
- Establish a uniform three-year retention period for covered communications across rules for all registrants.
- Currently, broker-dealers must retain in a rule-compliant form and manner “originals of all communications received and copies of all communications sent (and any approvals thereof) by the member, broker or dealer (including inter-office memoranda and communications) relating to its business” for three years; whereas the retention period for investment advisers is five years.
- Create a safe harbor for firms that have established and maintained policies and procedures reasonably designed in light of their business to retain required communications. Under this safe harbor, a failure to retain a specific item would not, standing alone, create a presumption that the program was unreasonable.
- Eliminate the Rule 17a-4(i) third-party undertaking for record storage providers.
- SIFMA contends the undertaking is misaligned with modern cloud architectures—where providers often lack independent access to client data—and unnecessary given the Commission’s existing authority to compel production from registrants.
- SIFMA contends that the requirement has, in practice, deterred firms from adopting more secure cloud solutions because many providers will not furnish the undertaking.
In the letter, SIFMA points to the Gensler-era off-channel communications sweeps – through which the SEC charged over 100 registrants and imposed $2.2 billion in fines – stating that those cases highlighted the Commission’s strict liability-style approach to record retention violations, inconsistent interpretations of what counts as a business communication, and a mismatch between current technology and rules that were designed for a prior era. Public statements from Chair Atkins, along with Commissioners Pierce and Uyeda, suggest that they may be receptive to the proposal.
Others at the Commission may be less receptive to the proposal given that the Commission completed a formal rulemaking process to modernize and amend Rule 17a-4 in October 2022, and the Commission has consistently maintained the importance of robust recordkeeping obligations for registrants to facilitate its examination and enforcement programs.
*With assistance from Of Counsel Lauren Cook Jackson.
For more information or to discuss with a Gibson Dunn attorney, please click here.