Disclaimer

The information on this website is presented as a service for our clients and Internet users and is not intended to be legal advice, nor should you consider it as such. Although we welcome your inquiries, please keep in mind that merely contacting us will not establish an attorney-client relationship between us. Consequently, you should not convey any confidential information to us until a formal attorney-client relationship has been established. Please remember that electronic correspondence on the internet is not secure and that you should not include sensitive or confidential information in messages. With that in mind, we look forward to hearing from you.

 Skip to Content

FINRA Fines Firms for WORM Problems
April 10, 2017

Broker-dealers, including principal underwriters of insurance products, may retain required records in electronic format, subject to satisfaction of longstanding conditions. One such condition is that the records must be preserved “exclusively in a non-rewritable, non-erasable format.” This condition is often referred to as “write once, read many” or “WORM.”

The WORM requirement was designed to ensure that electronic records are capable of being accurately reproduced for later reference, thus addressing, among other things, SEC enforcement concerns with unscrupulous brokerdealers who improperly alter or destroy records — such as order tickets and other transactional records — to conceal fraudulent activities.

In late 2016, FINRA announced that it fined 12 firms — including some prominent industry names — a total of $14.4 million for not maintaining electronic records in WORM format. In addition to finding that the 12 firms had WORM deficiencies that affected “millions of records,” FINRA found that each of the firms had procedural and supervisory deficiencies affecting the firm’s ability to adequately retain and preserve electronic records. In settling the actions, the firms neither admitted nor denied the charges, but consented to FINRA’s findings.

In its 2017 regulatory and examination priorities letter, FINRA also announced that it will continue to assess firms’ programs to mitigate risks related to cybersecurity and electronic recordkeeping, including compliance with WORM requirements by vendor-provided email review and retention services.

The recent fines levied by FINRA suggest more than isolated instances of non-compliance within the broker-dealer community, and other firms would be well advised to review their own WORM compliance, if they have not done so recently.
Authored By
Image: Ann Began Furman
Ann Began Furman
Related Practices
Financial Services Regulatory FINRA Enforcement, Arbitration, and Appeals Digital and E-Commerce Engagement and Innovation
Related Industries
Securities & Investment Companies Life, Annuity, and Retirement Solutions
©2024 Carlton Fields, P.A. Carlton Fields practices law in California through Carlton Fields, LLP. Carlton Fields publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information and educational purposes only, and should not be relied on as if it were advice about a particular fact situation. The distribution of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship with Carlton Fields. This publication may not be quoted or referred to in any other publication or proceeding without the prior written consent of the firm, to be given or withheld at our discretion. To request reprint permission for any of our publications, please use our Contact Us form via the link below. The views set forth herein are the personal views of the author and do not necessarily reflect those of the firm. This site may contain hypertext links to information created and maintained by other entities. Carlton Fields does not control or guarantee the accuracy or completeness of this outside information, nor is the inclusion of a link to be intended as an endorsement of those outside sites.