Rule 17a-4 Designated Third-Party Services

Services Provided

Maintain compliance with SEC Rule 17a-4 by partnering with Bluesource for D3P services.

  • Bluesource will check to ensure the following tasks are in place and/or available:
    • Written, enforceable retention policies.
    • Searchable index of all data stored.
    • Data must be viewable and readily retrievable.
    • Storage of data on WORM (write once read many) electronic media.
    • Offsite storage of data
  • Log in to each repository once every six months to keep access active. The customer must specify if logging in more frequently is necessary to maintain access.
  • Draft and deliver a digital copy of the executed Letter of Undertaking (a.k.a. attestation letter). Customers may upload the letter to the Financial Industry Regulatory Authority (FINRA) Member Web Portal. A hard copy letter can be sent upon request.

The financial industry faces regulations under the Securities and Exchange Commission (SEC). The SEC enforces rules designed to protect investors, maintain fair markets, and promote transparency. The SEC covers everything from fraud, insider trading, pyramid schemes, and market manipulation. SEC Rule 17a-4 relates to electronic data security and states the requirement for Designated Third Party (D3P) services.

SEC logo

What is SEC Rule 17a-4?

Rule 17a-4 is a regulation under the Securities Exchange Act of 1934 outlining record-keeping requirements for financial institutions and broker-dealers.  Rule 17a-4 requires broker-dealers and institutions to retain their electronic records in a non-rewriteable, non-erasable format to ensure that records are retrievable for inspections and audits, even if the firm is unable or unwilling to so. A Designated Third Party maintains access to data and can respond to requests from the SEC if the firm fails to provide the requested information. 

Designated Third-Party Service Provider

As a Designated Third-Party Service Provider, Bluesource maintains access to retrieve data in response to unfulfilled SEC requests.  D3P Services ensures that financial institutions and dealer-brokers maintain compliance with SEC policies.

Stay prepared for SEC requests by testing and regularly assessing D3P access and the ability to retrieve data. Semi-regular logins ensure access remains active and ready to respond to a records request.

Failure to adhere SEC rules and regulations can result in disgorgement or repayment, suspension, and civil monetary fine of possibly millions or hundreds of millions of dollars.

Get Audit Details and Pricing