Is Wasabi’s implementation of S3 Object Locking (aka object immutability) compliant with SEC Rule 17a-4(f)/FINRA/CFTC?
    • 28 Aug 2024
    • 1 Minute to read
    • PDF

    Is Wasabi’s implementation of S3 Object Locking (aka object immutability) compliant with SEC Rule 17a-4(f)/FINRA/CFTC?

    • PDF

    Article summary

    Is Wasabi’s implementation of S3 Object Lock (aka object immutability) compliant with SEC 17 CFR § 240.17a-4(f), FINRA Rule 4511(c), and CFTC 17 CFR § 1.31 (c)-(d)?

    Wasabi’s immutability functionality (object lock with compliance mode) fulfills the following requirements relative to certain electronic storage requirements specified in the following regulations:

    • Securities and Exchange Commission (SEC) in 17 CFR § 240.17a-4(f), which regulates exchange members, brokers or dealers.

    • Financial Industry Regulatory Authority (FINRA) Rule 4511(c), which defers to the format and media requirements of SEC Rule 17a-4(f). 

    • Commodity Futures Trading Commission (CFTC) in 17 CFR § 1.31(c)-(d), which regulates commodity futures trading. 

    For more detailed information about how Wasabi’s implementation of S3 Object Lock satisfies these regulations, see the “SEC 17a-4(f), FINRA 4511(c), and CFTC 1.31(c)-(d) Compliance Assessment - Wasabi Hot Cloud Storage” by Cohasset Associates. This report also includes the updated SEC Rules that had a compliance date of 5/3/2023.

    For additional information about physical security, network architecture, and data privacy, refer to our white paper “Ensuring SEC Compliance with Wasabi’s Data Immutability”.                                                     

    A customer case study on the use of Wasabi’s immutability feature is available here

    If you need a D3P (designated third-party) that works with Wasabi, we recommend the Iron Mountain D3P service.

    If you need to request an alternate undertaking letter per 17 CFR 240.17a 4(i)(1)(ii)(A), please contact compliance@wasabi.com.