U.S.-based financial service institutions such as banks,
broker-dealers and record keepers are required to comply
with a number of regulations specifying requirements for
electronic records retention, including the Securities and
Exchange (SEC) Rule 17a-4(f), Commodity Futures Trading
Commission (CFTC) Rule 1.31(c)-(d), and Financial Industry
Regulatory Authority (FINRA) Rule 4511(c). Requirement
categories include retention length, record format, record
quality, and record availability, among others.
If a Google Cloud customer determines that any of these
regulations apply to them, they should complete their own
compliance assessment with the oversight of their legal
counsel and financial regulator. To assist customers with
this process, Google Cloud engaged Cohasset Associates, Inc.
(“Cohasset”) to obtain an independent and objective
assessment of Google Cloud Storage’s compliance
capabilities. Cohasset has determined that Google Cloud
Storage, when properly configured and used with the Bucket
Lock feature, may help users address U.S. record retention
regulations, such as: SEC Rule 17a-4(f), CFTC Rule
1.31(c)-(d), and FINRA Rule 4511(c). The Google Cloud
Storage Bucket Lock feature includes integrated control
codes that can provide you with WORM (write once read many),
immutable storage on Cloud Storage.