In October 2025, the Securities Industry and Financial Markets Association (SIFMA) formally petitioned the U.S. Securities and Exchange Commission (SEC) to revise current communications retention rules that govern broker-dealers and investment advisers. Specifically, SIFMA’s proposal calls for updates to Exchange Act Rule 17a-4 and Advisers Act Rule 204-2(a)(7), aiming to align compliance obligations with the realities of today’s digital communications environment.
While the SEC has not made any changes to these regulations as of this writing, the proposal has prompted firms to begin analyzing their current recordkeeping practices and technology infrastructure.
In this article, we break down the context and key elements of SIFMA’s proposal and what areas might warrant further consideration by compliance and operational teams.
SIFMA’s Case for Change: A Shift in Communication Norms
Regulators originally wrote communications retention rules in 1997, an era of paper records, faxes, and emails. Fast forward to today, and firms now leverage a range of channels for internal operations and client communications: Slack, Microsoft Teams, WhatsApp, iMessage, LinkedIn InMail, and more.
SIFMA’s letter notes that the existing regulatory framework does not consistently account for the nature and scope of new communication formats. As a result, it suggests, firms may be retaining large volumes of content that do not contribute meaningfully to investor protection, while navigating increasing costs and administrative complexity.
Highlights of the SIFMA Proposal
SIFMA’s October 15 letter recommends several revisions:
Clarification of Scope of Retention
Limit requirements to communications that are “client-facing” and “substantively related to investment advice or transactions.” This change would exclude messages with no regulatory or investor protection benefit, such as emojis, administrative scheduling messages, or unsolicited inbound communications.
Exclude AI-Generated and Collaboration Content
Meeting transcripts or Slack messages used for internal collaboration would no longer be required to be archived unless they meet the proposed threshold of client-facing, substantive communication.
Create a Safe Harbor for Policy Adherence
Firms that implement and maintain reasonable compliance policies and procedures may be protected from enforcement actions in cases where inadvertent non-compliance occurs despite good-faith efforts.
Standardize Retention Periods
SIFMA recommends a consistent three-year retention requirement across both broker-dealers and investment advisers, replacing the current mix of three- and five-year rules.
Modernize Third-Party Access Requirements
The current need for third-party storage providers to guarantee SEC access may be seen as a barrier to adopting modern cloud-based storage technologies. SIFMA suggests reevaluating or eliminating this requirement.
A Measured Response: What Firms Should (and Shouldn’t) Do Now
No regulatory changes have been adopted yet. Firms remain obligated to comply with the current requirements and enforcement expectations until official guidance is issued. However, that doesn’t mean staying still.
The SIFMA proposal may prompt firms to begin assessing the effectiveness and scalability of their current communications archiving strategies.
Firms may consider the following questions:
-
Are we capturing communications across all channels currently used by employees and clients, including emerging platforms?
-
Do our compliance review processes allow us to effectively distinguish between material communications and those unlikely to be subject to regulatory scrutiny?
-
Is our archiving infrastructure designed to provide timely, secure, and audit-ready access to records in line with existing SEC requirements?
-
Have we evaluated how our current systems and policies would adapt if future regulatory guidance redefined what communications must be retained?
-
Are we engaged with legal and compliance advisors to ensure our approach aligns with both current obligations and potential areas of regulatory focus?
Even without a rule change, these questions point toward the need for a more agile compliance architecture. One that supports channel diversity, customizable capture policies, and automated oversight without drowning teams in noise.
Looking Ahead: Regulation Is a Moving Target
The SIFMA proposal represents a significant step in the ongoing conversation around regulatory modernization in financial services. While no immediate regulatory changes have been implemented, the issues raised – such as communication volume, relevance, and technological fit – are central to how firms approach compliance in a digital-first era.
As regulatory developments unfold, firms may benefit from staying informed, consulting legal and compliance advisors, and evaluating their operational readiness. Monitoring the SEC’s response to this proposal will help firms understand how future guidance might shape recordkeeping obligations in the years ahead.
Change may be coming, but readiness starts today.
