SEC Rule 17a-4(f), CFTC Rule 1.31(c)-(d), and FINRA Rule 4511(c)
U.S.-based financial service institutions such as banks, broker-dealers and record keepers are required to comply with a number of regulations specifying requirements for electronic records retention, including the Securities and Exchange (SEC) Rule 17a-4(f), Commodity Futures Trading Commission (CFTC) Rule 1.31(c)-(d), and Financial Industry Regulatory Authority (FINRA) Rule 4511(c). Requirement categories include retention length, record format, record quality, and record availability, among others.
If a Google Cloud customer determines that any of these regulations apply to them, they should complete their own compliance assessment with the oversight of their legal counsel and financial regulator. To assist customers with this process, Google Cloud engaged Cohasset Associates, Inc. (“Cohasset”) to obtain an independent and objective assessment of Google Cloud Storage’s compliance capabilities. Cohasset has determined that Google Cloud Storage, when properly configured and used with the Bucket Lock feature, may help users address U.S. record retention regulations, such as: SEC Rule 17a-4(f), CFTC Rule 1.31(c)-(d), and FINRA Rule 4511(c). The Google Cloud Storage Bucket Lock feature includes integrated control codes that can provide you with WORM (write once read many), immutable storage on Cloud Storage.