I’ve read that it’s important to use document management software that will create an audit trail for documents. I’ve been looking for SEC regulations or rulings that require this and haven’t found any. Can anyone point me to such regs or rulings?
I just read that Sarbanes-Oxley requires audit trails for “sensitive” documents. Doesn’t SOX appy only to public companies, meaning share issuing corporations?
In my opinion, it is not necessarily important to use document management software to create an audit trail. I am a former regulator and a compliance consultant with RIA, b/d, as well as SOX experience. While SEC requirements would state what types of documents need to be maintained, they would not state, that I’m aware of, that it is necessary to use document management software. How you keep the required records for the required time period and easily accessible is really a personal preference. It also depends what type of business you’re referring to (an RIA or b/d?) and how large your firm is. For a large firm with many clients that processes many transactions, a document management software may be a good idea, or even a necessity. It’s really a personal preference on how you organize, just as long as the required documents are maintained for the required length of time.
I hope this helps!
Managing Director, Polaris Compliance Consulting, LLC