Automation. Collaboration. Integration.
The Dodd-Frank Effect on Information Management
Today’s Speakers: Katey Wood Jacquie SafranAnalyst Director of Sales ESG Exterro, Inc.
Shannon Smith John IsazaParalegal Partner Rabobank Howett Isaza Law Group LLP
Today’s Speakers
Shannon Smith Paralegal Rabobank Group
Shannon Smith has worked as a paralegal in Rabobank Nederland, New York Branch’s Legal Department since 2005. Her role includes litigation support and she has been instrumental in implementing an e-discovery readiness program for the bank.
Shannon received her BA from Hunter College in New York and will be attending law school in the fall.
Today’s Speakers
John Isaza Partner Howett Isaza Law Group LLP
John Isaza, Esq. is a California-based attorney and partner of Howett Isaza Law Group, LLP (HiL). Mr. Isaza is widely recognized as one of the country’s foremost experts on electronic information governance, records management, and e-discovery preparedness. His clients include some of the most highly regulated Fortune 500 companies.
Prior to forming HiL, Mr. Isaza served as in-house General Counsel to a publicly traded medical device manufacturer now owned by Abbott Laboratories. At present, he is an active speaker in the ARMA, AIIM, ABA and IT compliance circuits. Mr. Isaza chaired the Chicago Program Committee for ARMA’s 2005 international conference; he is a member of ARMA’s Electronic Discovery Advisory Group and the GARP® Metrics Task Force and he has served on the Board of Directors of ARMA International. Mr. Isaza co-authored a book entitled 7 Steps for Legal Holds of ESI & Other Documents released in July 2009.
Today’s Speakers
Katey WoodAnalyst ESG
Katey Wood joined ESG in 2011 covering Information Management, including e-discovery, enterprise search, content management, archiving, and records management. Prior to ESG, she covered e-discovery, enterprise search, information governance, and text analytics as an analyst at the 451 Group. She also worked previously on the rollout of New York State’s Statewide Access Child Welfare Information System (SACWIS), a Federally-funded data warehousing and BI initiative.
Katey holds a double Masters in Information Systems and Library Science from Drexel University, and a BA from Wellesley College, and has studied at NYU’s Arthur L. Carter Institute of Journalism in Cultural Criticism and Reporting.
Today’s Speakers
Jacquie SafranDirector of Sales Exterro, Inc.
Jacqueline Safran brings more than 12 years of sales and marketing experience, and nine years of experience focused on providing corporations and law firms with e-discovery and information management technology.
Safran has successfully provided solutions covering every phase of the Electronic Discovery Reference Model, and excels in understanding organizations' business needs and providing clients with technology that best meets their requirements.
Todays’ Agenda
• Brief overview
• Who is affected
• Status of agency responses
• Impact on non-financial companies
Overview of Dodd-Frank
• Establishing a strong information governance policy
• A unified approach to mission critical functions
Impact on Information Governance Policies
• Proposed CFTC rules
• Creating an airtight retention and disposition policy
New Record Keeping Requirements
• Trigger Events
• Crafting a defensible legal hold
Impact on Legal Holds
Dodd-Frank Wall Street Reform and Consumer Protection Act:To promote the financial stability of the United States by improving accountability and transparency in the financial system, to end ‘too big to fail’, to protect the American taxpayer by ending bailouts, to protect consumers from abusive financial services practices, and for other purposes.
Dodd-Frank Act Overview
Status of Agency Responses
848- Page Document “Recordkeeping” mentioned 34 times
“Record” Mentioned 198 times
Only 1 supplemental comment
Soft Metrics re: Recordkeeping and the Act:
* Earliest deadline for regulators is 7/11, so too early to tell* Supplemental comment provided by Federal Reserve (Official Staff
Interpretation)• Reg Z, TILA, Part 226• Nothing substantive re: recordkeeping
Status of Agency Responses
• Financial Stability Oversight Council - tasked with oversight of non-bank financial companies
• Office of Financial Research
• Both given authority to promulgate regulations
• No final rules reported at this time
Title I, focusing on financial stability, creates…
Status of Agency Responses
• Unless otherwise required by applicable Federal law or court order, the Corporation may not, at any time, destroy any records that are subject to clause (i) [recordkeeping requirements].
• The terms ‘‘records’’ and ‘‘records of a covered financial company’’ mean any document, book, paper, map, photograph, microfiche, microfilm, computer or electronically-created record generated or maintained by the covered financial company in the course of and necessary to its transaction of business.
Title I tasks FDIC (the “Corporation”) as follows:
Status of Agency Responses
• Agencies asked to jointly prescribe regulations requiring that financial companies maintain such records with respect to qualified financial contracts (including market valuations)
• The Federal primary financial regulatory agencies shall prescribe joint final or interim final regulations not later than 24 months after the date of enactment of this Act.
• No final rules reported at this time.
Title II, focusing on Liquidations, provides for new recordkeeping requirements, and ostensibly tasks FDIC with coming up with more:
Status of Agency Responses
• Comptroller of the Currency
• FDIC (the “Corporation”)
• Federal Reserve’s Board of Governors
Title III, delegates powers to:
Title IV, Regulates Advisers to Hedge Funds and Others
No final rules reported at this time re: additional recordkeeping requirements, other than those mentioned in the Act
Status of Agency Responses
• Federal Insurance Office
• Another prospect for later regulations
• No final rules reported at this time
Title V, focusing on insurance sector, creates:
Status of Agency Responses
Title VI, imposes improvements to Regulation of Banks and Savings Association Holding Companies and Depository Institutions
• “Each supervised securities holding company and each affiliate of a supervised securities holding company shall make and keep
for periods determined by the Board of Governors such records, furnish copies of such records, and make such reports, as the Board of Governors determines to be necessary or appropriate to carry out this section, to prevent evasions thereof, and to monitor compliance by the supervised securities holding company or affiliate with applicable provisions of law”
• “AVAILABILITY—A supervised securities holding company or an affiliate of a supervised securities holding company shall promptly provide to the Board of Governors, at the request of the Board of Governors, any report...”
• Availability is one of the GARP® Principles
Status of Agency Responses
Title VII, Wall Street Transparency and Accountability:
• “The Commodity Futures Trading Commission and the Securities and Exchange Commission, in consultation with the Board of Governors *Federal Reserve’s+, shall engage in joint rulemaking to jointly adopt a rule or rules governing books and records regarding security-based swap agreements, including daily trading records, for swap dealers, major swap participants, security-based swap dealers, and security-based swap participants.”
• No additional “final” recordkeeping rules reported at this time
Status of Agency Responses
Title IX, Investor Protections and amendments to securities regulations
• Affecting 1933 and 1934 Acts, including Investment Advisers Act
• No significant or apparent changes to length of retention requirements
• However, broad authority to impose more retention and reporting requirements
• No additional “final” recordkeeping rules reported at this time
Status of Agency Responses
Title X, establishes Bureau of Consumer Financial Protection
• The Bureau shall seek to implement and, where applicable, enforce Federal consumer financial law consistently for the purpose of ensuring that all consumers have access to markets for consumer financial products and services and that markets for consumer financial products and services are fair, transparent, and competitive
• No final recordkeeping rules reported at this time
Status of Agency Responses
Title XIV, calls for Mortgage Reform and Anti-Predatory Lending
• Regulate loan originations• Minimum standards for mortgages• Regulates high cost mortgages• Establishes Office of Housing Council• Regulates mortgage servicing• Regulates appraisal activities• No final recordkeeping rules reported at this time
Status of Agency Responses
• Restrictions on use of US funds for foreign governments
• Taxpayer protections
• Dealings with conflicts minerals (e.g., blood diamonds)
• Coal and mine safety
Title XV, imposes:
Impact on Non-Financial Companies
A number of provisions are included on corporate governance and executive compensation which apply to all public companies without regard to industry
• Clawback requirement for incentive compensation paid to executives based on misstated financial statements
• Increased executive compensation disclosures
Consumer Finance Operations
• CFPB will serve as regulatory authority over all consumer financial products and services unless clearly exempted (charities, auto dealers and professional services firms). CFPB will have the authority to regulate covered persons offering consumer financial products or services.
• Will be subjected to considerable regulatory burdens that will include extensive new record keeping and reporting requirements
Impact on Non-Financial Companies
Will apply to any company with a potential securities or commodities law violation
May apply to violations of FCPA
Companies must be prepared to prove they are in compliance
The Whistleblower Provision…
Impact on Information Governance Policies
• The Dodd-Frank Act mandates a number of significant changes that include improving regulatory reporting capabilities
• Changes need to be executed in a coordinated fashion across a number of business units
• Will require a well managed information flow across different teams and stakeholders
Financial services firms are already struggling to manage their vast data stores in a way that satisfies existing privacy and regulatory requirements
Establishing a Strong Information Governance Policy
Where to Start…
Form a Working Group
• To improve coordination among the various segments of the organization
• Clarify issues, formulate strategies, and develop action plans
Perform a gap analysis
• Determine groups affected by proposed legislation
• Determine processes in place and those needed
Establishing a Strong Information Governance Policy
The GARP® Principles:
ISPOSITION
OMPLIANCEVAILABILITYETENTION
ROTECTION
CCOUNTABILITY
RANSPARENCYNTEGRITY
D
CAR
P
A
TI
A Unified Approach to Mission Critical Functions
The shift to consolidate…
• The Act will boost regulatory requests • Legal action against wall street firms such as Goldman Sachs illustrate
the need to be able to respond to an increase in both civil and criminal legal inquiries
• New whistleblower provisions with increased monetary motivation will likely spur whistleblower reporting leading to additional independent internal investigations
Corporate legal departments at financial institutions should take a unified approach to internal investigations, e-discovery, audit and compliance.
A shift to consolidate these areas will help drive efficiency, cost effectiveness, and break down departmental silos.
A Unified Approach to Mission Critical Functions
New Record Keeping Requirements
proposed CFTC rules require companies to maintain full and complete transaction and position information for all swap activities.
• Records must be maintained in a “manner that is identifiable and searchable by transaction and by counterparty.”
• Require the retention of basic business records, including corporate governance minutes, organizational charts, and audit/compliance documentation.
• The Act’s data retention requirements even extend to certain financial records (such as information related to cash positions or forward transactions used to hedge), records of complaints against personnel, and marketing materials.
New Record Keeping Requirements
• Know your data, where it lives, who has access, its retention requirements
• Make sure data is accessible to respond to requests
• Retain only what you need – regulators can collect data outside of formalized retention requirements
• Delete de-commissioned data defensibly and thoroughly
• Coordinate routine retention and deletion with legal hold preservation requirements to prevent spoliation
• Self-audit to gauge performance and ongoing-readiness
Have an air-tight retention and disposition policy
Impact on Legal Holds
The confluence of increasing data volumes along with expectations of increased regulatory oversight and actions underscores the importance of
sound enterprise wide information retention and disposition programs. This program, in combination with formalized legal hold protocols, is a
critical line of defense during a litigation event.
Treat legal holds as an enterprise process rather than a legal department task
Close coordination among key
stakeholders —corporate counsel,
compliance officers, and IT managers.
Align information risk management and
compliance objectives with your information
retention and legal hold program
1. Trigger Event2. Analyze Duty
To Preserve
3. Define Scope
4. Implement Hold
5. Enforce & Examine
6. Modify
NO
Implementation / Oversight / Training / Audit / Tracking / Legal Hold Releases
Preservation Not Required
YES
7. Monitor & Remove
Developing a Strong Legal Hold Process
Crafting a defensible legal hold
why the recipient of the hold was identified in laymen's terms provide information about the
preservation requirement, including relevant date ranges explicit instructions for preservation efforts that must be
taken the consequences of failing to comply with the hold the contact information for whomever they can call with
questions that they must affirmatively acknowledge their intent to
comply with the requirements outlined in the hold
What to communicate in the hold
Crafting a defensible legal hold
Policy to reassess the sufficiency of preservation efforts as litigation progresses.
Process to evaluate the sufficiency of the notice in light of any changes in scope or subject of the litigation.
Process to modify and re-issue the hold. Process to remind custodians of their preservation
obligations. Policy and process to notify custodians of release and
disposition Process to communicate requirements relating to
terminated employees to appropriate IT and HR personnel.
Ongoing Compliance
Some regulations have yet to be written, but financial institutions and corporations who may be subject to the Act need to stay ahead of impending rules
Key Take-Aways
Keys to success• Auditable processes and content• Flexibility to adapt to these and other new regulations• Consistent and timely management and disposition of documents• A unified approach to internal investigations, e-discovery, audit and
compliance• Use technology solutions to drive transparency, automation, and
workflow management• Align information risk management and compliance objectives with
your information retention and legal hold program
For more information, contact Exterro at:
Thank You!
© 2010 Exterro, Inc.. All rights reserved.
THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY AND IS NOT INTENDED AS ADVERTISING. ALL WARRANTIES RELATING TO THE INFORMATION IN THIS DOCUMENT, EITHER EXPRESS OR IMPLIED, ARE DISCLAIMED TO THE MAXIMUM EXTENT ALLOWED BY LAW. THE INFORMATION IN THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT NOTICE.
Automation. Collaboration. Integration.
http://www.exterro.com/contact-us/[email protected](877) 398-3776