FINRA Compliant Document Storage & File Sharing

What are FINRA rules?

The FINRA (Financial Industry Regulatory Authority) rules are a set of industry requirements detailing the need for financial and securities firms to develop, implement, and maintain administrative, technical, and physical safeguards to protect the security, integrity, confidentiality, and timely retrieval of financial and account specific documentation.

Who has to comply with FINRA?

Under FINRA Rule 3190, the compliance burden is placed on the member financial or securities firm for any work or services for which they use a third-party service. This means that those firms will be very involved in evaluating and examining the qualifications and competencies of all of their service providers.

So, while the burden for compliance does not rest with you as a non-securities firm, an understanding of the FINRA Rules and how they apply to your business can create a significant business advantage in working with financial and securities firm customers. This is especially true for those anyone working in the document storage and retrieval space, as well as data backup and recovery.

What if you fail to comply with FINRA rules?

Under FINRA, penalties for non-compliance have resulted in large fines, and the regulatory group has been raising these penalties even higher over time. Pershing LLC was fined $3 million for violating the Customer Protection rule and associated supervisory failures1 ; Morgan Stanley Smith Barney was fined $800,000 for failing to issue account statements and confirmations for numerous customer accounts and transactions.2 In addition, banking and securities firms can be expelled from FINRA membership and officers and employees can be barred from working in the securities industry.3

How does SmartVault support you in complying with FINRA rules?

As your trusted online document storage provider, SmartVault provides industry standard security measures such as encryption, authentication, access controls, and auditing to support compliance with FINRA rules for the financial services industry.

Where FINRA requires: SmartVault offers solutions:
Comprehensive written Information Security ProgramTo meet the FINRA requirements for security, your storage system must have reasonable controls to prevent and detect unauthorized creation of, additions to, alterations of or deletion of records. As part of the security controls in place at SmartVault, we have clearly documented processes and procedures for every aspect of our services and ensure that our staff understand and operate by those procedures.
Clear systems documentationSmartVault’s information security program is clearly documented, with supporting policies and procedures for all aspects of safeguarding your information, and it is reviewed on an annual basis to ensure it is still meeting the needs of the changing business landscape.
Technical Safeguards

Industry Standard SSL encryption for documents in transit – protecting your documents, passwords and interactions with SmartVault from eavesdropping

  • Granular access – ability to grant access to specific folders
  • Activity Logs – complete audit history of who accessed and/or modified
    documents stored in SmartVault
  • Document access via authenticated login – files are only accessible to
    users of the service (no anonymous sharing of files)
Physical SafeguardsPhysical access to our data centers is strictly controlled. Only those employees and contractors with a demonstrated need are permitted access and that access is controlled through a series of technical controls such as badge readers on the doors, biometric locks on the data center and physically keyed or combination locks on cabinets and safes.

SmartVault Supports Your Compliance Efforts

It is important to remember that FINRA compliance is a securities firm obligation, not a technical specification. So when we say that SmartVault supports a FINRA compliant workflow, what we mean is that our service gives you the tools that securities firms like yours need in order to work in a compliant fashion.

While we are not a FINRA compliance consulting firm, we are happy to assist you in getting pointed in the right direction.


  1. FINRA Fines Pershing LLC $3 Million for Customer Protection Rule Violations and Supervisory Failures
  2. FINRA Fines Morgan Stanley $800,000 for Deficient Conflict of Interest Disclosures in Equity Research Reports and Public Appearances by Research Analysts
  3. FINRA News Releases

Get Started Now

Open a free trial account to get started now.

Start Free Trial
See SmartVault in Action

Book a 15-minute demo to see exactly how SmartVault can work for your business.

See A Demo