Amendments to FINRA Rule 8210 as outlined in Regulatory Notice 10-59 went into effect Wednesday, December 29. 2010. The new mandate is aimed at any FINRA-registered firm that sends physical electronic media to the regulatory body.
As stated in the amendments, physical electronic media (CD-ROMs, DVDs, portable hard drives, etc.) are now required to be encrypted when sent to FINRA. In addition, other mandates stated in Regulatory Notice 10-59 include:
- The encryption method needs to meet industry standards for strong encryption (FINRA suggests 256-bit or higher).
- FINRA staff has to be provided with the confidential process or key to decrypt the encryption in a communication separate from the encrypted information itself (a different email, letter or fax, for example).
Rule 8210 gives FINRA staff the authority to compel a firm/person over which FINRA has jurisdiction to produce documents, provide testimony or supply written responses or electronic data in connection with an investigation, complaint, examination or adjudicatory proceeding. Responses to requests from FINRA frequently require the use of physical electronic media because of the size and format of files.
Smarsh clients - if you have any questions on the amendments to FINRA Rule 8210, contact your Smarsh Account Executive to learn about the steps we take to secure your critical data.
- Are Pre-approved Social Media Posts Necessary? - March 24, 2015
- 7 Social Media Risk Management Practices for Mortgage Lenders - October 22, 2014
- Do Regulators Now Have Their Eye on the Mortgage Lending Industry? - October 1, 2014