Web Archiving for FINRA Compliance



[author: John Grant]

Do your web archives have inTegrity?

There’s a trend today toward more interactive and personalized web content, but that makes online archiving technically challenging. In the financial services industry, FINRA and SEC regulations demand that all online content that represents business communications must be supervised and retained. But haphazardly taking screenshots or downloading social media content through application program interfaces (APIs) won’t meet your compliance goals. What you need are archives with integrity.

Let’s look at the challenges posed by dynamic online content, the regulatory requirements that demand complete archives, and the characteristics that define high-quality web archives—those that are complete, incorruptible, and sound.

The Trend Toward Dynamic Online Content

Websites used to be more straightforward but less satisfying: webpage designers essentially took every piece of information they had available and jammed it all onto one page. Most of the time, these old-school websites seemed to incorporate lengthy menu lists with flashing links and bright red or lime green text (or both) to draw attention to important information.

Nowadays, websites are sleek, with clean pages, sharp images, and minimal text. On most sites, you can’t even see a full menu; you have to interact with the menu bar at the top or the hamburger icon to see what your navigation choices are.

This evolution of web design reflects improved internet access speeds, faster processors, and the shift toward web browsing on mobile devices rather than full-size computers, but the how developed in part due to the pressure of a powerful why. Namely, we are arguably better able to create dynamic online content because we’ve learned that interactive websites are more compelling, making it more likely that casual browsers will convert to customers.

While businesses in the financial services industry historically took a cautious approach to online marketing and social media use, these and other highly regulated businesses aren’t immune to the dynamic website trend. The trendsetters in the industry are raising the bar on interactive web experience. From common elements like interactive menus, carousel images, and mouse-over text all the way to specialized investment calculators, funds pages, slider bars to adjust a customer’s desired timeframe or risk tolerance, and forums to answer simple questions, financial websites are packed with dynamic and interactive content. Then there are personalized aspects that affect what a particular customer sees, whether that’s based on the viewer’s location, demographic information, or investment profile. And, of course, there’s linked content, which is subject to its own host of regulatory requirements.

All of this interactive, dynamic, and personalized content produces a cleaner website appearance that draws customers in, making their overall web experience richer, more personal, and more convincing. Great news so far—but dynamic content also makes it harder to fully archive online communications.

Who cares about web archiving? Oh, only the Financial Industry Regulatory Authority (FINRA) and the Securities Exchange Commission (SEC), for starters.

The Need to Archive Web Content That Contains Business Communications

FINRA has clarified that online communications, including those on social media, are subject to its general rules on communicating with the public. That means that financial services firms need to retain records of all of their online communications about anything that qualifies as “business as such,” just as they would retain records of communications that happened over more traditional modalities.

FINRA’s Regulatory Notice 17-18, Social Media and Digital Communications, clarifies that online and social media content is subject to the usual rules requiring disclosures, guarantees of truthfulness and fairness, and supervision and monitoring of all business communications. These requirements do not make any exceptions for the type of device or communication channel that a communication is sent from; the content, not the medium, governs.

Interactive and linked content pose special challenges. For example, Regulatory Notice 17-18 states that a firm adopts content—thus becoming responsible for ensuring that it complies with regulatory demands—merely “by sharing or linking to [that] specific content.” That means archives must extend beyond the main page of interest to capture related or linked pages as well.

In short, the financial services industry’s regulatory framework demands that firms retain copies of all of their online business communications no matter where, or how, they occur.

No problem, you say: we’ll just snap a daily screenshot of our webpage and our social media pages. That’ll show what we’re saying to potential customers, right?

Not even close. A screenshot or PDF capture might’ve sufficed in the early days of web design, when everything there was to see was right there, spelled out in full text. But today? It won’t even show what your menu options are, much less what recommendations you may have made to a customer who engaged with your calculators or who accessed a personalized version of your site that accounted for her location, age, and risk tolerance.

What about using APIs to capture your social media content? Maybe, but they’re inherently flawed as a compliance tool. Not only are APIs subject to incomplete or incorrectly formatted captures, but they also leave you at the mercy of the platform provider, which may restrict the utility of those APIs or cut off access to them altogether.

To ensure compliance with both the letter and the spirit of FINRA and SEC regulations, your archives need to reflect the entirety of your original content in its full dynamic context.

In a word, your archives need to have integrity.

Archiving With Integrity

Merriam-Webster defines integrity as the quality or state of being complete, incorruptible, and unimpaired or sound. This perfectly describes the ideal for web archiving.

Complete archives capture every aspect of a website or social media page in its native format, as viewed by the user or customer. Unlike screenshots, PDFs, or API captures, native-format archives preserved in the ISO 28500-compliant Web ARChive (WARC) file format are based on tools that crawl every inch of the site’s original code and reproduce it. This means you can revisit your archives and see the full dynamic site—with every interactive and dynamic element and every personalized variant—exactly as the user would have seen it live at the time of capture.

Incorruptible archives are protected against changes, stored in “write once read many” (WORM) storage, as mandated by SEC Rule 17a-4. They’re also shielded from the live web to further ensure that they’re not updated, remaining an accurate reflection of the content that was displayed on the date of capture.

Finally, unimpaired or sound archives don’t just tolerate access—they’re actually useful, providing functionality for both supervisory review and exporting for regulatory inquiries. Sound archives allow you to filter and search for specific results, receive notifications of specific changes, monitor communications, and produce complete records for any authority that requests them.

In fact, integrity means that you can do better than just produce complete records: you’ll be able to hand over your exported archive to any regulatory agency without backpedaling, explaining, or making excuses. It means being confident that your archives are complete, incorruptible, and sound and unimpaired. With archives like that, you’ll preserve every piece of original content in an unchanged format that you can fully use or export.

Written by:


Hanzo on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide