Sticking with WORM may leave advisory firms in the dust

After the rush to comply with the Securities and Exchange Commission’s new modernized marketing rule, compliance teams are likely looking for a moment to catch their breath. Unfortunately, that doesn’t look as if it’s in the cards, as the pace of regulatory change continues to push forward.

At the end of 2022, the SEC announced changes to Rule 17a-4, amending the requirement to store records in write-once, read-many, or WORM, format to include the possibility of an audit trail in addition to WORM. This went into effect Jan. 3; firms have until May 3 to comply.

Given that many wealth management, asset management and investment firms have both a broker-dealer and a registered investment advisor and are dually registered with both the SEC and the Financial Industry Regulatory Authority Inc., things become trickier. These dually registered firms generally have kept their records in WORM, since it’s often vague which entity the records “belong to.”

However, this over-accounting for records in WORM can further increase storage costs, which exacerbates the issue for firms overall. 

WORM has been around for decades and requires a costly and onerous level of data storage that’s akin to cold storage. Once records go in, they cannot be deleted or altered in any way. Additionally, there are other obligations that accompany WORM that can weigh on an organization, including certifications, attestations, duplicate records and regular checks to ensure the system is operating properly. These burdensome requirements have spawned an entire industry of record-keeping vendors that specialize in helping firms comply with 17a-4.

The change permits firms to house the data internally, provided the SEC can get access to the data and the audit trail is capable of recreating the original record. Additionally, firms must designate either an internal or external point of contact that can provide access to the data to the SEC if needed. 

This seemingly minor update represents a monumental shift in the way firms store their data, and invariably impacts the vendors they use to manage this aspect of compliance. Many of these vendors have existed for years, with WORM archiving as the central pillar of their business models. They likely expected WORM would never go away and added peripheral services to support it. The audit trail alternative is pulling the rug out from under them. 

Additionally, some financial services firms use multiple WORM storage archives for different records, or different lines of business. Each of those archives can carry huge operational or contractual costs; further, these arrangements can be self-perpetuating because switching between archives can be arduous. With the updated rule, firms have more control over their archives.

This revision represents a tremendous opportunity for firms seeking to bring their record-keeping systems into the 21st century. While the audit trail alternative may seem complex initially, it paves the way for a more nimble and responsive organization once incorporated into a firm’s policies and procedures. Firms that take advantage of this shift can potentially generate massive cost savings. 

With the possibility of a recession looming, and cost savings beginning to be at the forefront of firms’ minds, those that successfully implement an audit trail system will enjoy a massive competitive advantage. Compliance has always been viewed as a cost center, and this could drastically reduce its footprint on firms’ income statements. Whether the audit trail is done in-house or outsourced to a vendor, these firms will be able to save tremendously on contracts, maintenance and oversight, thereby redirecting those funds to more revenue-generating efforts. 

Unfortunately, financial services firms can sometimes be slow to adopt new technologies, and their compliance teams can be even more sluggish. Since WORM is still a viable option, it could be years before we see widespread adoption of the audit trail solution. While early adopters may struggle a bit with implementation, once they smooth out their solution, they’ll be miles ahead of their competitors.

[More: SEC proposes expanding advisor custody rule]

Bill Simpson is the director of compliance at Hearsay Systems.

Related Topics: Hearsay Systems, Securities and Exchange Commission