What you need to know about the Securities and Exchange Commission

SEC - regulating the US securities market

The mission of the Securities Exchange Commission (SEC) is to protect investors, maintain fair, orderly, and efficient markets and facilitate capital formation. The SEC’s goal is to promote a market environment that the public finds trustworthy. In order to accomplish this, SEC oversight of the financial sector includes the following activities:

  • Inform and protect investors
  • Facilitate capital formation
  • Enforce U.S. securities laws
  • Regulate securities markets
  • Provide data

SEC oversight responsibilities

The SEC is responsible for oversight of 21 security exchanges in the U.S., with the two largest being the New York Stock Exchange (“NYSE”) and the National Association of Securities Dealers Automated Quotations (“NASDAQ”). This oversight includes supervision of all activities by more than 25,000 market participants that operate on the 21 different exchanges.

Record keeping a core focus for the SEC in 2022

While the SEC will focus on a number of different areas of oversight, as part of their remit for 2022, the Transfer Agents Division of the SEC, “will continue to examine core functions of transfer agents including the timely turnaround of items and transfers, record keeping and record retention, and safeguarding of funds and securities.”

SEC Record Keeping Rules

The original SEC record keeping rules were outlined in the Securities and Exchange Act of 1934 (“SEA”). Given all the changes that have taken place with respect to technology, data and privacy, the SEC has implemented several updates which better align record keeping rules with today’s financial markets and institutions. Key changes or amendments that were put in place were Rules Title 17, Chapter 2, part 240 Rule 17a-3 and Rule 17a-4 as well as Rule 18a-5 and Rule 18a-6.

What is SEC rule 17a-3?

Rule 17a-3 of the SEA highlights examples of the books and records broker-dealers are required to retain, such as:

  • Brokerage orders and dealer transactions, including blotters and confirmations,
  • account statements,
  • customer account records,
  • customer complaints,
  • compensation, and
  • any communications with the public.

While Rule 17a-3 primarily outlines what types of books and records must be retained, Rule 17a-4 primarily outlines how the records must be retained and the length of time for which they must be retained.

What is SEC rule 17a-4?

According to 17a-4, records must be retained and indexed for a period of no less than three years with immediate access for two years. In certain cases, records must be retained for a minimum of six years. Rule 17a-4(f) states that the “records required to be maintained and preserved” can be stored on “micrographic media … or by means of electronic storage media.” The rules for ‘electronic storage media’ are as follows:

  • records must be preserved exclusively in a non-rewriteable, non-erasable format, write once and read many (“WORM”)

  • the quality and accuracy of the storage media recording process must be automatically verified 

  • originals need to be serialized and, if applicable, units of storage media must be duplicated and have the time-date for the required retention period on the storage media

  • the media recording process must contain the ability to readily download indexes and the preserved records to any medium

What challenges do financial firms face with regard to SEC record keeping?

There are a number of broad challenges related to record keeping, regardless of the regulatory agency rules.


SEC Record keeping challenge 1: Identifying which records need to be retained 

One of the first and biggest challenges relates to being able to identify which records need to be retained and produced.

Building the inventory of records requires an understanding of which products/services the institution operates within, and then based on this, which rules and records are within scope. 

SEC Record keeping challenge 2: Keeping up with new rules

In addition, new record keeping rules require institutions to review any new requirements and assess whether improvements in technology are required to meet minimum standards for SEC record keeping. This can be costly in terms of both time and money.

SEC Record keeping challenge 3: Growing data volumes

Another challenge includes the volume of data and the complexity of technologies. The sheer amount of data institutions are faced with capturing and retaining creates a serious challenge as far as what is to be collected and how to retain it.

SEC Record keeping challenge 4: Capturing and storing communications data like WhatsApp and iMessage

The complexity of technology such as outside messenger services like WhatsApp creates a number of challenges as far as tracking and retaining these communications. As more and more interactions, both internally and externally, are being conducted on mobile or non-work devices, tracking and keeping those records has become increasingly difficult. 

Recent SEC Record Keeping Enforcements

There have been a number of enforcements related to record keeping violations. Two large violations that have occurred more recently include:

December 17th, 2021 –Tier one bank admits to widespread record keeping failures and agrees to pay $125 Million penalty to resolve SEC charges. Learn more >

September 20th, 2019 – SEC charges bank holding company and two officers with reporting, record keeping, and internal controls violations. Learn more >

SteelEye Record Keeping

SteelEye provides an efficient and reliable response to firm's SEC record keeping needs. The platform brings together structured and unstructured data from a wealth of sources and stores it in an immutable format, WORM compliant format. 

SEC Trade and Communications Surveillance

Under SEC rules, firms are required to establish, maintain, and enforce written supervisory policies and procedures for operational oversight or trade and communications surveillance. They are also required to implement internal controls to detect and prevent compliance breaches, such as the misuse of material non-public information.

This practice is done to ensure that firms are not participating in any manipulative or deceptive trading practices. Market manipulation rules by the SEC fall within sections 9 and 10 of the Securities and Exchange Act of 1934, which prohibits manipulation of security prices and regulates the use of manipulative and deceptive devices. This, therefore, gives the SEC the right to issue enforcement actions against firms for any violation of rules set out in Sections 9 or 10.

Additionally, SEC Rule 206-4 requires investment advisors to implement internal compliance controls that will detect and prevent regulatory violations; establish supervisory policies and procedures for client communications; and monitor the accuracy of disclosures made to investors, clients, and regulators, among other things.

Meeting SEC Supervisory Oversight rules

To meet SEC trade surveillance and market manipulation rules it is imperative that firms have in place a supervisory oversight program covering trades and communications. Such a program should include policies, processes and controls designed to ensure there is no violation of the regulations and rules.

While the SEC does not prescribe exactly the way in which surveillance of trades and communications must be carried out, there are aspects of supervisory oversight that firms must adhere to in order to meet SEC regulatory guidance. Firms should be aware of the fact that the SEC retain the right to examine surveillance and communications programs in order to check whether the programs are appropriate to meet the regulations at hand.


What does SEC market manipulation look like?

The concept of market manipulation is broad in nature, but may include any of the following activities:

  • Spoofing is a market abuse behavior where a trader moves the price of a financial instrument up or down by placing a large buy or sell order and canceling it before execution, thus creating the impression of market interest in that instrument.

  • Layering is a specific form of Spoofing where the individual places multiple orders at defined price levels (layers) to give an impression of market liquidity. The orders are not intended to be executed and will be canceled once the price has moved to a favorable place and a real order has been placed on the other side.

  • Ramping, also known as Momentum Ignition, involves the trading of a significant portion of a financial instrument or derivative, driving the price either up or down, when there is no news or obvious reason for the activity. 

  • “Wash Trading”, where one takes both the buy and sell side of a trade using a third party to generate increased activity and thus increased price.

  • “Price-Fixing”, which is a relatively simple and straightforward type of fraud where those who publish a price conspire to set it falsely and benefit their own interests (e.g. the LIBOR scandal).

Read about prominent market abuse behaviors here

The SEC website, offers further types and examples of market manipulations, as well as examples of enforcement actions they have taken against those in violation of their rules in the past.

What challenges do financial firms face with regard to SEC market manipulation and surveillance rules?

There are many challenges firm’s face in relation to trade and communications surveillance and market manipulation rules. Below sets out a few examples. However as many firms operate in different manners, additional challenges may present themselves, which will also need to be accounted for.

SEC Trade Surveillance Challenge 1: Broad definition of market manipulation

One of the biggest challenges the industry faces concerning trade and communication surveillance is the broad nature of the rules themselves. The rules are written with no prescribed way in which surveillance should be conducted, allowing the SEC a significant amount of room to determine what they deem as violations of market manipulation rules and take enforcement action.

SEC Trade Surveillance Challenge 2: Use of new communications channels

More widespread use of new communications channels such as third-party apps like WhatsApp or iMessage, prompted by the Covid pandemic and increases in remote working, makes surveillance even more challenging for compliance teams. This is because communications on new channels either need to be captured or made prohibited through a corporate policy. But when a platform is banned, firms need to be able to identify intent among employees to, for example, start talking on this unmonitored channel to ensure policies are being adhered to. This can be done through lexicon searches for phrases like “let’s talk on WhatsApp”. However, a lot of surveillance technology is not up to date with modern ways of communicating.

SEC Trade Surveillance Challenge 3: Determining actual wrongdoing

A firm’s ability to distinguish between clear signals of wrongdoing and simply ‘noise’ within the trading environment makes it even more challenging for firms to comply with SEC market manipulation rules. Many trade surveillance systems find it difficult to distinguish between false results (or "false positives") and instances that actually warrant an investigation. Additionally, there needs to be evidence of intent, which further complicates matters for firms.

SEC Trade Surveillance Challenge 4: Disparate systems

Surveillance doesn't have to be done holistically. In fact, many firms today still use different systems for different types of data or even asset classes. For example, many financial firms carry out their communications and trade surveillance separately, through different platforms. However, trades don’t happen in isolation and this data is deeply interconnected. Disparate data not only impacts the time it takes for firms to respond to potential instances of misconduct or market manipulation but it also prevents them from getting a holistic view of their trading operations. 

Recent SEC Market Manipulation and Trade and Communications Surveillance Enforcements

There have been a number of enforcements related to SEC market manipulation violations. Two large violations that have occurred more recently include:

September 2021, the SEC charged two individuals for wash trading scheme involving options of "Meme Stocks." Learn more >

September 2020, the SEC charged a tier one bank for manipulative trading in U.S. Treasuries. Learn more >

SteelEye Holistic Trade and Communications Surveillance

Holistic surveillance solution that delivers simple, effective and efficient supervisory controls. The platform brings together multidimensional data on a single, flexible platform with rich reporting, automated workflows and analytics that identify suspicious activity, quickly.

Learn more

SteelEye Communications Surveillance

SEC Resources

SEC record keeping and retention rules:

SEC Rule 17a-3  SEC Rule 17a-4  SEC Rule 18a-5  SEC Rule 18a-6  SEC 17 CFR Part 240  SEC Final Rule: 17 CFR Parts 200, 240, and 249  SEC Rule 206-4  

SEC Trade and Communications Surveillance and market manipulation rules:

Securities and Exchange Act of 1934 

(Section 9 – page 85, Section 10 – page 89)


Learn more about global financial services regulations


Latest News

Top Five Enforcement Areas by North American Regulators in 2023

| 28 Sep 2023

SteelEye’s Women in RegTech: Michelle Hunt

| 21 Sep 2023

SteelEye Named Best Integrated Surveillance Firm For Second Time in 2023

| 14 Sep 2023

Unaddressed Compliance Gaps - Navigating Microsoft Teams Archiving and Supervision

| 12 Sep 2023

Tier One Bank Fined by CFTC for Second Time in a Year for Record Keeping Failures

| 30 Aug 2023

A Guide to Monitoring and Maintaining Surveillance Controls

| 16 Aug 2023