Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Regulators Rip Records Managers

Enforcement agents in financial services are aggressively pursuing firms to make sure that electronic records, including email, are adequately managed. And they're showing no mercy.

The last few weeks have produced a cornucopia of fines and sanctions for companies caught with their electronic pants down. Here's a sampling (all emphasis added):

  • October 4: National Association of Securities Dealers (NASD) fined New York's Oppenheimer & Co. Inc. $800,000 for what it calls "failures to respond to regulatory requests for information; failures to report, or to report timely and accurately, thousands of municipal securities transactions, and failure to retain business-related internal email."
  • Sept. 19: NASD announces the imposition of separate $5 million fines on three companies owned by MetLife -- MetLife Securities Inc. (MSI) of New York, New England Securities Inc. (NES) of Boston, and Walnut Street Securities Inc. (WSS) of St. Louis -- "for providing inaccurate and misleading information to NASD, allowing late trading of mutual funds, failing to produce e-mails in a timely fashion and other conduct that violates NASD's rules."
  • Sept. 13: Wachovia Corp. is fined $600,000 by New York Stock Exchange (NYSE) Regulatory Inc. for failing to meet email retention rules from 1999 through April 2006. In the NYSE's words, Wachovia "failed to provide for the review and/or retention of certain e-mail communications as required by NYSE Rules and the federal securities laws, on both operational and supervisory levels." What's more, the firm failed "to appropriately monitor or supervise" the process of backing up emails, and to "take due care to ensure that certain records could be retrieved. With regard to certain e-mail and instant messaging systems, the firm failed to review such electronic communications."

Despite all this, it's not clear that the message to better manage email is getting across to IT managers. In a recent AIIM survey profiled by Byte and Switch, just 17 percent of 1,043 respondents -- of which 14 percent work for financial or insurance companies -- reported they "use a product to search across e-mail systems and archives to fulfill compliance requirements or legal discovery demands." A full 61 percent said they don't use anything like the tack described. (See Email Looms as IT Threat.)

And in a July 2006 study commissioned by Iron Mountain and email filtering software maker Orchestria, 61.4 percent of 533 IT managers polled answered "No" when asked whether they "have a way of efficiently identifying different types of email within your archive." (See Stop That Email!) In the same survey, even though 82 percent of respondents claimed receive fewer than 25 requests to dig up historical emails annually from regulators or their own companies, 64.5 percent said external or regulatory pressures are their top concern for 2007 regarding archiving electronic records.

The ongoing problem is also reflected in a slew of disciplinary actions that haven't made the headlines this past year. In some cases, the wording of the judgments -- in which the accused companies admitted no wrongdoing -- show the level of scrutiny NASD is using:

  • A.C.R. Securities of Cedarhurst, N.Y. -- fined $10,000 by NASD in September.
  • 1