email archiving business driversspic3.com/symantec/nbu_ev6/how_to_sell/enterprise... · z...
TRANSCRIPT
Email Archiving Business Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2
Contents . . . . . . . . .
Executive Summary …………………………………………………………… 3
Email compliance and audit …………………………………………………… 4
Storage optimisation ……………………………………………………………. 6
Improved backup/restore management …………………………………….. 7
Shortened Disaster Recovery time …………………………………………… 8
General management of email growth ………………………………………. 9
Elimination of Microsoft PST files ……………………………………………. 10
Improved end-user productivity ………………………………………………. 12
Optimize Exchange consolidation and migration tasks ………………….. 13
Appendices ………………………………………………………………………. 14
© 2005 Symantec Corporation
3
Executive Summary . . . . . . . . . . . . . . . . . . . .
Key Risks
Global exposure to compliance regulations Escalating costs associated with manual and unreliable email discovery Uncontrolled growth of distributed email storage Financial penalties for non-production of emails Risk of loss of corporate intellectual property Non-compliance with corporate email policy Auditable process for email discovery
This document presents key business drivers and offers a high level summary of the main benefits offered by an email archiving solution, based on our experience with over 1,500 customers worldwide, including Financial Services Authority (UK), APRA, ASX, Macquarie Bank, CSFB, CitiGroup, BT Financial Group (a division of Westpac), ING Bank, and recently the Australian Department of Defence. Today, all areas of business faces considerable exposure around compliance, internal and regulatory discovery issues, in addition to escalating costs around an uncontrolled storage environment. Globally, organisations face the risk of exposure to operating licenses, litigation, ongoing escalating costs, and a reduced competitive advantage. Many organisations have taken the opportunity to address these business risks immediately with email archiving solutions being funded from current and future cost savings and reductions.
Potential Savings
Deferred storage, software, server, labour and media costs Reduced litigation exposure Substantial cost saving per discovery Substantial cost saving in managing the messaging environment
4
Email compliance and audit . . . . . . . . . . . . . . . . . . . . . . . . . .
Key Risks
Email is a mission-critical tool for business Internal email policies are usually not enforced and audited – typically a manual process Loss of corporate IP to external sources, bodies, ex-staff, competitors Regulations require the retention of all business communications made via email Non-compliance will directly affect competiveness in the market Sarbanes-Oxley (SOX) and other regulations call for varying retention periods up to 75
years or longer
Over the past decade, email has become a mission-critical tool for many businesses. However, email archive and retrieval procedures are enacted in a largely ad hoc fashion in today's environment. Few companies have taken the time to clearly define policies regarding the use of messaging, what sorts of data will be transmitted, and what types of protection messaging data needs to have. Many organisations are discovering the need to have a system in place to ensure that data within their Exchange Server messaging systems is safely stored in a searchable and retrievable format. While many regulations impacting businesses do not necessarily call out a requirement for message archiving, today’s regulatory environment is undergoing a period of change, and all businesses should be aware of the influence this will have regarding the long-term operations of their messaging systems. Businesses in the financial and healthcare industries have long been aware of the need to archive and track their communications due to regulations such as SEC Rule 17A-4, various FDA rules and HIPAA. Now, industries that have not previously felt the need to retain data sent using email may face that necessity. Regulations such as the Sarbanes-Oxley Act of 2002 (SOX) have highlighted the need for all industries to maintain, store, and secure data, including electronic messages, for periods of up to several years. Increasingly, it is recommended that corporate governance best practices are implemented including defining and implementing policies on the retention of potential evidence stored in files or emails, which can prove invaluable in situations like commercial lawsuits, EU anti-trust investigations, wrongful termination cases etc. For organisations listed on the New York Stock Exchange the corporate governance requirements are regulated by the Sarbanes-Oxley Act, which calls for all forms of communications related to the preparation of the financial records and their audit, to be archived for a 7-year period. Similar rule-sets are being considered by the European Commission and leading analysts, such as Gartner Group, urge European organisations to prepare for this by implementing better document management and audit trail procedures and systems as per the report contained in the appendices.
5
An email archiving solution must, in conjunction with the journaling feature in Microsoft Exchange, provide the ability to archive, or journal, messaging data sent within an organisation and to and from external systems, and enables organisations to quickly search and retrieve archived data. This capability is vital in ensuring an organisation’s communications are captured and can be verified if necessary With a compliance and archiving solution in place, organisations can respond to any inquiry in a matter of hours, as auditors, HR or senior management can perform indexed search across all (or a subset) of all email sent or received by the organisation. The costs savings – both direct and in-direct – can be extremely high, as the evidence recovery process is automated allowing the organisation to respond to any from of legal challenge quickly and with full confidence. In case of legal disputes, email records are increasingly a prime source of information and proof – it is therefore problematic that the oldest email records which a large organisation, on average, can recover from their backups is 10 months old (source: Ostermann Research, 2003). One Symantec customer, the British retailer Somerfield, experienced loss of email records when members of their buying team lost their PST files or left the organisation. Somerfield decided to implement an email archiving solution to archive all email data and thereby make the information easily accessible though the index search offered by the product. As an example, the archiving solution enabled the company to retrieve information from the mailbox of a buyer who left the organisation, which secured Somerfield an additional £120,000 in credits from suppliers, as old email conversations were restored to document previous agreements. While this example is specific to the retail industry, its principle is applicable to all industries, as the ability to quickly and effectively search through large email repositories is increasingly becoming an important competitive, financial and legal asset.
Potential Savings
Automatically archive business critical emails Allow for easy retrieval of emails through an indexed search of both emails and their
attachment Avoid legal issues – and potential huge costs - by ensuring adequate records retention
policy can easily be implemented Reduce the likelihood of incurring penalties due to none-compliance Automate the discovery of critical records thus eliminating the need for manual searches
through a huge number of emails Reduce data handling costs associated with maintaining the archived data Increase the ability to swiftly respond the legal challenges
6
Storage optimisation . . . . . . . . . . . . . . . . . . . .
Key Risks
Growing MS-Exchange disk capacity on expensive storage is costing businesses too much Most email data is older than 2-3 months, and should be moved to lower cost storage Expensive disk or backup system upgrades can be postponed or avoided altogether
Organisations using Microsoft Exchange require an ever increasing disk capacity to cope with the constant growth in both the volume and size of emails. With most organisations storing their Exchange data on high specification storage systems either directly attached or on a Storage Area Network (SAN), the cost of these high-performance disk systems with snap-shot and mirroring technologies, associated host bus adapters etc. is significant when adding new storage capacity. The need for a high level of performance and security on the primary Exchange disk system brings with it high costs and prevents organisations from benefiting from the attractive price/performance offered by lower specification disk systems such as NAS devices or SAN-systems with ATA disks. When analysing the Exchange data kept online at our customer sites we find that, on average, 50-70% of the typical Exchange Message store is taken up by emails older than 2-3 months. Expensive disk-systems and backup technologies are thereby deployed to hold and protect data which is very infrequently accessed and only needs to be stored as historic reference data. With an email archiving solution in place, organisations can implement and enforce automatic storage policies which offload older data onto a secondary archive storage system with a price point that typically is 1/3 or less of a high-spec DAS or SAN systems. While it can be difficult to realize the storage optimisation benefits from day one, as the current DAS or SAN infrastructure is already in place, the storage infrastructure and management savings become real and significant when expensive disk or backup system upgrades can be postponed or avoided altogether.
Potential Savings
Move data growth from expensive SAN to cheaper disk technologies Postpone or remove the need for expensive disk-system upgrades
7
Improved backup/restore management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Key Risks
MS-Exchange backups are taking longer and longer to complete Significant manpower costs are being reported due to labour-intensive custom backups Exchange was never designed for efficient backup/restores
Having considered the potential storage savings by moving data from a highly redundant/protected storage platform to a lesser protected disk-system; a natural next step is to consider the time and cost savings on the backup front. Most large Exchange users are experiencing that backups are taking longer and longer to complete, which makes it difficult (or in some case, impossible) to complete the crucial backups within the planned backup window. The natural reaction is to purchase expensive backup devices and/or implement disk snapshot technologies; in both cases capital investments are required – investments, which with an email archiving solution in place can be avoided or reduced. However, the most significant cost of backup environments is the ongoing operations costs triggered by manual operator intervention in the backup procedures. The ongoing need for tuning of the backup policies to ‘fit’ with the backup windows is costly and the costs skyrocket when restores are required from a large and fragmented Exchange backup. Symantec’s customers are reporting significant costs in the form of man-power are incurred when single email or single mailbox restores are required. An email archiving solution must allow for full restore self-service, enabling end-users to search for and recall all historic email items without any administrator interference. From its birth 10+ years ago, Microsoft Exchange was designed to deliver swift online performance to its users; its database structures are therefore optimised for performance instead of ease of operations and backup – this requires backup solutions with specific Exchange agents to provide workarounds to the architectural shortcomings of the email message storage. The email archiving solution must provide relief on two levels: first, as described in the previous section, by offloading data from the primary store and, secondarily, by storing emails in a format optimised for backup and search/retrieval instead of frequent online access. This should result in only a fraction of the archived data, typically 10% or less, being ‘open’ for updates and therefore requiring ongoing backup services; the majority of the archived data is stored in a read-only format, which eliminates the need for performing full backups of the complete dataset.
Potential Savings
Reduce the time administrators spend on daily backups Avoid administrators performing time-consuming single email or mailbox restores Postpone or remove the need for backup system upgrades Dramatically reduce the amount of data that needs to part of the daily backups
8
Shortened Disaster Recovery time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Key Risks
How long does it take for a complete recovery of Exchange? Some organisations have reported a recovery time measured in days Reducing the online message store can eliminate most recovery time pain
Directly related to the longer backup times experienced by most Exchange users, the ‘worst case scenario’ question is often asked: ‘How long will it take you to perform a full restore of the Exchange system including the message stores?’ Luckily, few users are able to answer this question based on real-life experience – in Symantec’s experience the feedback from our customers, who have been through a full Disaster Recovery restore, is not encouraging as customers report very long Disaster Recovery times ranging from 12 hours up to several days. In many organisations, Microsoft Exchange is one of the most mission critical applications and the business expects, regardless of whether a Service Level Agreement is formally agreed or not, that the email system can be restored in hours instead of days. An email outage for even a few hours means lost employee productivity, delayed customer responsiveness, loss of image/credibility to partners and customers and potentially to loss of business opportunities. An email archiving solution does not magically solve the Disaster Recovery problems surrounding Microsoft Exchange. However, by reducing the online message store by 50-75% it can facilitate a much quicker restore, as the storage savings typically also can be directly applied to the restore times. This helps organisations accomplish their main objective: getting Exchange operational in the shortest possible time to ensure that emails can again be sent and received; restoring access to the archive is of much lower priority, as the archived information is of historic nature and does not interfere with the availability of the core email service.
Potential Savings
Postpone or remove the need for expensive disk snapshot solutions or high-end backup systems
Reduce the time required for a Disaster Recovery restore by 50-75% Reduce the productivity, image, cost and revenues losses incurred in a Disaster Recovery
situation
9
General management of email growth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Key Risks
Organisations are calling for more stability in MS-Exchange server platforms Exchange message stores should never grow past organisation-defined limits Higher user email quotas combined with archiving will maintain constant server footprints
The current usage pattern of Microsoft Exchange systems is dynamic and hard to predict, which combined with Exchange’s limited capabilities in the areas of capacity management, usage reporting and storage optimisation makes it difficult to perform effective long-term planning regarding required upgrades to mail servers and storage systems. Many organisations wish to break this circle of constant growth and maintain a steady state on the email servers thus allowing them to perform fewer hardware upgrades and changes to operations and backup procedures. An email archiving solution’s quota management functionality must ensure that the primary Exchange message store will never grow past the limits defined by an organisation, thus eliminating the surprise element of unmanageable data growth resulting in unplanned downtime, time-consuming manual tasks for both administrators and end-users and continuous, expensive hardware upgrades of the server platform. As an example, an Exchange installation with 2,000 users can implement a 50MB quota and thereby ensure that the Exchange message stores will never grow past 100GB – this achieved without imposing restrictions or time consuming manual tasks of the end-users. The archiving solution ensures that users are kept under their quotes by automatically offloading older emails onto the much cheaper archive storage system and thereby allow for effective long-term planning and design of server capacity, storage and backup systems and for the backup, restore and disaster recovery procedures.
Potential Savings
Optimise and reduce investments in servers, storage and backup systems by maintaining a ‘steady state’ storage consumption on the application servers
Reduce the need for administrator time required to handle expansion of storage system and changes to backup procedures
10
Elimination of Microsoft PST files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Key Risks
PST files are unsupported by Microsoft User PST file management is a major resource headache for organisations Lack of central control of email in PST files introduces potential data risks There is a significant help-desk overhead associated with PST support issues
Most organisations using Microsoft Exchange have implemented Exchange storage quotas to cap the growth of the Exchange message store – unfortunately, this forces end-users to perform data clean-up or move data away from the Exchange system. As most knowledge workers wish to retain their full email history indefinitely deleting emails is not an option. Users are therefore forced to utilise Microsoft Outlook’s personal folder solution, PST files, which introduces a number of significant costs and risks. Firstly, Microsoft Exchange has a single-instance storage model meaning that, for example, a 2MB file sent to 100 people is only stored once on the disk-system; pointers are simply added to the 100 mailboxes thus minimising the need for storage capacity. When users are hitting their Exchange quotas they move data into their individual PST files – by doing so the single-instance storage is lost as each full email is stored in its entirety in each separate PST file. The 2MB of data stored in Exchange thereby grows to 200MB if all 100 users retain the email in their personal folder. While email quotas are effective in forcing data away from the primary Exchange message store, the storage problem is only multiplied as data are retained in PST files leading to an explosion in the storage consumption. Secondarily, when data is stored in PST files the information is under the sole control of the individual users, which makes performing regular backups a key issue. Many organisations address this problem by requiring end-users to store their PST files of network file servers covered by proper backup procedures, which leads to exploding storage costs due to the ineffective storage model and an often overlooked impact on the daily backups. Microsoft Outlook is designed in such a away that all PST files associated with an Outlook profile are updated every time Outlook is launched; in practice this means that most PST files enter the daily backup every single day, even though the data is 100% static. Many organisations have deployed an email archiving solution simply to address this exact issue, as centrally stored PST files drive the need for storage and backup system upgrades at a cost, which far exceeds the cost of buying and implementing an archiving solution.
11
Thirdly, the IT organisation can not control that PST files are indeed stored on file servers (and thereby are protected) and in reality some users choose to store their personal folders on their local PC/laptop. While this does reduces the need for expensive file server storage capacity, it introduces a significant risk of loss of data as the full email track-records for individual users are left unprotected and at risk when PC upgrades, disk crashes, intentional deletion or theft occurs. Furthermore, organisations reported a significant help-desk overhead from PST related issues, as the handling of PST is not intuitive and PST files are occasionally lost or become corrupted, which requires restore operations (when possible) to be performed as a manual administrator process.
An email archiving solution must allow organisations to eliminate the use of PST files altogether leading to significant benefits that can be translated into real savings. The storage consumption from historic email can be dramatically reduced by restoring single-instance storage and applying data compression – in many cases the PST files can be reduced by more than 50%. Furthermore, by removing PST files from file servers a significant strain on the daily backups is removed, leading to simplified backups, which reduces the need for backup system upgrades. Likewise, by moving local PST files into a centrally managed archive all end-users are protected against the loss of their electronic records. Finally, the number of help-desk calls is reduced as the less-than-bullet-proof PST methodology is decommissioned and replaced by an automated archiving solution.
Potential Savings
Reduce the storage capacity needed for keeping historic emails by 50%+ Simplify the daily backup procedures and postpone/remove the need for backup system
upgrades Ensure that historic email records are stored in protected and easily searchable manor Reduce the number of help-desk calls by eliminating the use of the PST technology
12
Improved end-user productivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Key Risks
Email archiving will introduce significant productivity improvements A 30,000 email user organisation can incur over $2.25m per annum in lost productivity Lack of integrated, total content indexed rich searching hampers user efficiency
Estimating end-users saving – and quantifying the resulting improvements in productivity – is always a challenge when producing ROI studies. However, based on experiences from our customers, Symantec is convinced that an email archiving solution offers significant productivity improvements in two key areas. Firstly, when imposing a quota limit on the email store and the user home directory, the IT department is in effect transferring the task of data deletion and archiving to the end-users, where it become a time-consuming and non-productive task that is performed manually. By offering an ‘unlimited’ mailbox through the use of an archiving solution the need for manual data cleansing and archiving is eliminated, freeing up the employees to perform their primary job functions. A very conservative estimate is that end-users on average waste 15 minutes per month performing storage house-keeping in Microsoft Outlook; with an equally conservative estimate of $25 as the cost per hour this translates into a productivity loss of $75 per annum per user. For an organisation with 30,000 email users this means a productivity loss of $2.25m per year is incurred based on the previously mentioned assumptions. Secondly, knowledge workers are typically suffering from the poor search functions offered by Outlook resulting in lost productivity as the native search tool is both time-consuming and only returns a small set of correct search results. Through the use of comprehensive indexing, an email archiving solution must perform full text searches of emails and their attachments in seconds. When factoring in even very modest productivity gain, many organisations are realising a payback to their investment in an email archiving solution, including hardware, training and implementation, in less than 12 months.
Potential Savings
Reduce the end-user time wasted on performing manual data cleanup and data movement Improve end-users ability to quickly locate historic emails and attachments
13
Optimise Exchange consolidation and migration tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Key Risks
MS-Exchange upgrades and server consolidations are inevitable in all organisations Lengthy migration periods will cause email downtime and raise costs Temporary aggressive retention policies would allow minimal data to be migrated
Most organisations using Microsoft Exchange at some point are faced with an upgrade, consolidation or restructure of their Exchange server infrastructure. The most obvious event is the inevitable upgrade from older versions (Exchange 5.5 or Exchange 2000) to Exchange 2003, which typically triggers a server upgrade or consolidation. This leads to a migration of every mail item in the Exchange message store, which is a lengthy processing requiring supervision and ongoing manual intervention. Similar to the benefits offered in relationship to a Disaster Recovery situation, an email archiving solution must minimise the amount of data that needs to be migrated by archiving older data away from the Exchange message store prior to launching the migration activity. The migration period, which typically takes place at night or over weekends, can thereby be kept to an absolute minimum and reduce overtime costs and/or minimise the amount of external consultancy assistance that needs to be purchased. Many Symantec customers maximise their benefit of the email archiving solution by temporally implementing an extreme archiving policy, for instance 7 days, which reduces the online message store to an absolute minimum, thereby making the otherwise time consuming migration much quicker to perform. Once the migration to the new platform is completed the archive is re-connected to the new Exchange infrastructure and the normal archiving policies of 60-90 days are reinstated.
Potential Savings
Reduce the time and labor required to perform Exchange restructures, upgrades and migrations
Automate data migrations, which otherwise would be a partially manual process
14
Appendices . . . . . . . . . . .
Case Study One ……..…………………………………………………………… 15
Case Study Two ……………..…………………………………………………… 16
IDC Group Opinion ………………………………………………………………. 17
Gartner Group Opinion …………………. …………………………………….. 18
Various Legal Cases ………………..…………………………………………… 19
Sarbanes Oxley 802 …………………….………………………………………. 20
SEC Rule 17a-4 …………………………………………………………………. 21
15
Case Study One . . . . . . . . . . . . . . .
Email Retention A Must After Morgan Stanley Case May 22, 2005 The $1.45 billion judgment against Morgan Stanley for deceiving billionaire Ronald Perelman over a business deal has a lesson all companies should learn - keeping emails is now a must, experts say. Banks and broker-dealers are obliged to retain email and instant messaging documents for three years under U.S. Securities and Exchange Commission rules. But similar requirements will apply to all public companies from July 2006 under the Sarbanes-Oxley corporate reform measures. At the same time, U.S. courts are imposing increasingly harsh punishments on corporations that fail to comply with orders to produce email documents, the experts said. Where judges once were more likely to accept that incompetence or computer problems might be to blame, they are now apt to rule that non-compliance is an indication a company has something to hide. Circuit Court Judge Elizabeth Maass, frustrated at Morgan Stanley's repeated failure to provide Perelman's attorneys with emails, handed down a pretrial ruling that effectively found the bank had conspired to defraud Perelman when he sold Coleman to appliance maker Sunbeam in 1998. Morgan Stanley was working for Sunbeam, which entered bankruptcy in 2001, rendering worthless the shares Perelman had received in part payment for Coleman. Other cases have also resulted in rulings on emails. Last July, U.S. District Judge Shira Scheindlin found that Swiss bank UBS had wilfully destroyed potential email evidence in a sex discrimination case brought by equity saleswoman Laura Zubulake. The judge ordered UBS to pay Zubulake's costs, and a jury later awarded her $29.2 million. Experts said email retention could be a double-edged sword if not accompanied by corresponding training for employees on the legal implications of emails they send. When New York Attorney General Eliot Spitzer investigated the research divisions of Wall Street firms five years ago, he fined Morgan Stanley a little under $10 million for not having a proper email retention policy in place. Source: Routers
16
Case Study Two . . . . . . . . . . . . . . .
Five firms fined $8.25 million for record-keeping violations Regulators today announced that they have fined five brokerage firms a combined $8.25 million for failing to adhere to record-keeping requirements. The fines were levied by the SEC and self-regulatory bodies NYSE and NASD. Deutsche Bank Securities, Goldman, Sachs, Morgan Stanley, U.S. Bancorp Piper Jaffray and Salomon Smith Barney consented to the fine without admitting or denying the allegations. Each firm will pay a $1.65 million penalty to the U.S. Treasury. The firms are charged with failing to keep and maintain records in accordance with regulations set forth in the Securities Exchange Act of 1934. Further, both NYSE and NASD regulations require firms to preserve any business-related electronic communications for three years. Firms must also keep emails and interoffice memos in an "accessible place" for the first two-years. Beyond that, NYSE Rule 342 and NASD Rule 3010 require firms to create a supervisory system to ensure compliance with NASD and NYSE regulations. According to the SEC, the five firms had "inadequate procedures and systems to retain and make accessible email communications." Source: PRIMEDIA Business Magazines & Media Inc.
17
IDC Group Opinion . . . . . . . . . . . . . . . . .
IDC Says SOX Significantly Increases Importance of Archiving The Sarbanes-Oxley Act -- and more specifically SEC Rule 17a-4 -- requires email retention. "The introduction of legislation such as the Sarbanes-Oxley Act of 2002 and the Health Insurance Portability and Accountability Act [HIPAA] has significantly increased the importance of managing, securing and storing all information within the enterprise," the report stated. "More specifically, because of regulations such as SEC Rule 17a-4 that are very prescriptive for the retention for email, and the numerous and very costly public lawsuits in which an email has been the deciding factor, email has emerged as one of the most important content types that need to be retained." According to Julie Rahal Marobella, senior research analyst, Information Management for Compliance at IDC, organisations have a much greater obligation than before to ensure that their email is retained in its original state without being altered, viewed, or deleted by unauthorised people. As a result, email archiving has emerged as a crucial piece of a comprehensive, sustainable strategy for corporate compliance, corporate governance, and risk management. Mergers and acquisitions involving email archiving, storage software, and content management vendors are transforming the landscape of this emerging market. Vendors must find the most appealing and efficient way to address both urgent near-term and important long-term customer needs for automating the increasingly important business process of archiving content in internal and external email communications. "The need to know what information your firm has and where you can store and find that information in an efficient manner is driving the surge in demand for email archiving applications. Whether it is delivered as dedicated solutions or as embedded functionality, email archiving will most likely be appearing in a datacenter near you," said Mark Levitt, research vice president, Collaborative Computing at IDC. Source: IDC
18
Gartner Group Opinion . . . . . . . . . . . . . . . . . . . . .
Get Ready For European ‘Sarbanes-Oxley’ Audit Rules Corporations must ensure that they have business process management procedures, including audit trails and document manager, in place and are ready to respond to the proposed European Union auditing rules directive. Event: On 16 March 2004, the European Commission published a proposed directive on auditing rules for corporations within the European Union (EU). The proposal, which must be approved by the European Parliament and the Council of Ministers, is aimed at ensuring that shareholders can rely on the accuracy of audited corporate accounts. It is part of a larger plan for reforming corporate governance and contains some provisions similar to those of the U.S. Sarbanes-Oxley Act, which regulates financial reporting and external audits of U.S. corporations’ accounts. First Take: Gartner has been warning for some time that the EU would introduce legislation similar to Sarbanes-Oxley. Though the timetable is uncertain, we believe it’s inevitable that the EU will introduce a directive based on these proposals. Once the Council of Ministers has agreed to the directive, it will then need to be implemented in the laws of the EU member states. The EU will then set up an audit regulatory committee of member states, but supervision of auditors will be carried out mainly by member states. Source: Gartner Group FirstTake, March 17 2004
19
Various Legal Cases . . . . . . . . . . . . . . . . . . .
Coleman v. Morgan Stanley, 2005 WL 679071 (Fla. Cir. Ct. 2005): verdict for $1.45 bn ($604 mm compensatory; $846 mm punitive) after instruction to find for plaintiff on liability; statement of Morgan Stanley’s “discovery abuses” read to jury for consideration on punitive damages
Failure to identify or search thousands of back-up tapes or search its “live” archive system for emails
Search system “script error” prevented identification of “attachments” and Lotus Notes emails
Resulted in false certifications by Morgan Stanley and counsel that the company had property responded to discovery requests
Zubulake v. UBS Warburg, LLC, 2004 WL 1620866 (S.D.N.Y. 2004): $30 mm verdict ($9.1 mm compensatory; $20.2 mm punitive) after adverse inference instruction given to jury with respect to deleted and lost emails
Deleted and late-produced emails Failed to preserve back-up tapes Failed to give litigation hold instruction to “key employee”
SEC/NYSE/NASD Brokerage Firm Settlements
Seven firms paid settlements totaling $12.45 million (5 firms paid $1.65 million each; 2 firms paid $2.1 million each)
SEC has stated that backup tapes are not a sufficient substitute for immediately accessible email archives
SEC expects companies to have excellent email retention procedures
20
Sarbanes-Oxley Section 802 . . . . . . . . . . . . . . . . . . . . . . . . . .
Under Sarbanes-Oxley Section 802, a court may impose a twenty-year prison sentence against a defendant who has destroyed any document (e.g., deleing an email) “in contemplation” of a federal investigation or “matter” that may not yet exist, if that such person’s intent was to “impede, obstruct or influence” such future matter. Presuming the inevitability of a federal investigation into the financial activities of any large public company, companies and their officers who adopt policies requiring systematic deletion of all corporate emails, within weeks of their creation, for the very purpose of preventing possible adverse evidence from falling into the hands of federal investigators, may be subjecting themselves to possible criminal prosecution and lengthy prison terms.
21
SEC Rule 17a-4 . . . . . . . . . . . . . .
Rule 17a-4 -- Records to Be Preserved by Certain Exchange Members, Brokers and Dealers Every member, broker and dealer subject to Rule 17a-3 shall preserve for a period of not less than 6 years, the first 2 years in an easily accessible place, all records required to be made pursuant to Rule 17a-3(a) (1), (2), (3), and (5). Every such broker and dealer shall preserve for a period of not less than 3 years, the first two years in an accessible place: All records required to be made pursuant to paragraphs (a)(4), (a)(6), (a)(7), (a)(8), (a)(9), (a)(10), and (a)(16) of Rule 17a-3. All check books, bank statements, cancelled checks and cash reconciliations. All bills receivable or payable (or copies thereof), paid or unpaid, relating to the business of such member, broker or dealer, as such. Originals of all communications received and copies of all communications sent by such member, broker or dealer (including inter-office memoranda and communications) relating to his business as such. All trial balances, computations of aggregate indebtedness and net capital (and working papers in connection therewith), financial statements, branch office reconciliations, and internal audit working papers, relating to the business of such member, broker or dealer, as such. All guarantees of accounts and all powers of attorney and other evidence of the granting of any discretionary authority given in respect of any account, and copies of resolutions empowering an agent to act on behalf of a corporation. All written agreements (or copies thereof) entered into by such member, broker or dealer relating to his business as such, including agreements with respect to any account. Records which contain the following information in support of amounts included in the report prepared as of the audit date on Form X-17A-5 (§ 249.617 of this chapter) Part II or Part IIA or Partr IIB and in annual audited financial statements required by Rule 17a-5(d) and Rule 17a-12(b): Money balance position, long or short, including description, quantity, price and valuation of each security including contractual commitments in customers' accounts, in cash and fully secured accounts, partly secured accounts, unsecured accounts, and in securities accounts payable to customers;
22
Money balance and position, long or short, including description, quantity, price and valuation of each security including contractual commitments in non-customers' accounts, in cash and fully secured accounts, partly secured and unsecured accounts, and in securities accounts payable to non-customers; Position, long or short, including description, quantity, price and valuation of each security including contractual commitments included in the Computation of Net Capital as commitments, securities owned, securities owned not readily marketable, and other investments owned not readily marketable; Amount of secured demand note, description of collateral securing such secured demand note including quantity, price and valuation of each security and cash balance securing such secured demand note; Description of futures commodity contracts, contract value on trade date, market value, gain or loss, and liquidating equity or deficit in customers' and non-customers' accounts; Description of futures commodity contracts, contract value on trade date, market value, gain or loss and liquidating equity or deficit in trading and investment accounts; Description, money balance, quantity, price and valuation of each spot commodity position or commitments in customers' and non-customers' accounts; Description, money balance, quantity, price and valuation of each spot commodity position or commitments in trading and investment accounts; Number of shares, description of security, exercise price, cost and market value of put and call options including short out of the money options having no market or exercise value, showing listed and unlisted put and call options separately; Quantity, price, and valuation of each security underlying the haircut for undue concentration made in the Computation for Net Capital; Description, quantity, price and valuation of each security and commodity position or contractual commitment, long or short, in each joint account in which the broker or dealer has an interest, including each participant's interest and margin deposit; Description, settlement date, contract amount, quantity, market price, and valuation for each aged failed to deliver requiring a charge in the Computation of Net Capital pursuant to Rule 15c3-1; Detail relating to information for possession or control requirements under Rule 15c3-3 and reported on the schedule in Part II or IIA of Form X-17A-5 (§ 249.617 of this chapter);
23
Detail of all items, not otherwise substantiated, which are charged or credited in the Computation of Net Capital pursuant to Rule 15c3-1, such as cash margin deficiencies, deductions related to securities values and undue concentration, aged securities differences and insurance claims receivable; and Other schedules which are specifically prescribed by the Commission as necessary to support information reported as required by Rule 17a-5 and Rule 17a-12. The records required to be made pursuant to Rule 15c3-3(d)(4) and (o). The records required to be made pursuant to Rule 15c3-4 and the results of the periodic reviews conducted pursuant to Rule 15c3-4(d). All notices relating to an internal broker-dealer system provided to the customers of the broker or dealer that sponsors such internal broker-dealer system, as defined in paragraph (a)(16)(ii)(A) of Rule 17a-3. Notices, whether written or communicated through the internal broker-dealer trading system or other automated means, shall be preserved under this paragraph (b)(11) if they are provided to all customers with access to an internal broker-dealer system, or to one or more classes of customers. Examples of notices to be preserved under this paragraph (b)(11) include, but are not limited to, notices addressing hours of system operations, system malfunctions, changes to system procedures, maintenance of hardware and software, and instructions pertaining to access to the internal broker-dealer system. The records required to be made pursuant to Rule 15c3-1e(c)(4)(vi)(D) and E. Every such member, broker and dealer shall preserve for a period of not less than 6 years after the closing of any customer's account any account cards or records which relate to the terms and conditions with respect to the opening and maintenance of such account. Every such member, broker and dealer shall preserve during the life of the enterprise and of any successor enterprise all partnership articles or, in the case of a corporation, all articles of incorporation or charter, minute books and stock certificate books. Every such member, broker and dealer shall maintain and preserve in an easily accessible place: All records required under paragraph (a)(12) of Rule 17a-3 until at least three years after the "associated person" has terminated his employment and any other connection with the member, broker or dealer. All records required under paragraph (a)(13) of Rule 17a-3 until at least three years after the termination of employment or association of those persons required by Rule 17f-2 to be fingerprinted; and All records required pursuant to paragraph (a)(15) of Rule 17a-3 for the life of the enterprise. All records required pursuant to paragraph (a)(14) of Rule 17a-3 for three years.
24
The records required to be maintained and preserved pursuant to Rule 17a-3 and Rule 17a-4 may be immediately produced or reproduced on "micrographic media" (as defined in this section) or by means of "electronic storage media" (as defined in this section) that meet the conditions set forth in this paragraph and be maintained and preserved for the required time in that form. For purposes of this section: The term micrographic media means microfilm or microfiche, or any similar medium; and The term electronic storage media means any digital storage medium or system and, in the case of both paragraphs (f)(1)(i) and (f)(1)(ii) of this section, that meets the applicable conditions set forth in this paragraph (f). If electronic storage media is used by a member, broker, or dealer, it shall comply with the following requirements: The member, broker, or dealer must notify its examining authority designated pursuant to section 17(d) of the Act prior to employing electronic storage media. If employing any electronic storage media other than optical disk technology (including CD-ROM), the member, broker, or dealer must notify its designated examining authority at least 90 days prior to employing such storage media. In either case, the member, broker, or dealer must provide its own representation or one from the storage medium vendor or other third party with appropriate expertise that the selected storage media meets the conditions set forth in this paragraph (f)(2). The electronic storage media must: Preserve the records exclusively in a non-rewriteable, non-erasable format; Verify automatically the quality and accuracy of the storage media recording process; Serialise the original and, if applicable, duplicate units of storage media, and time-date for the required period of retention the information placed on such electronic storage media; and Have the capacity to readily download indexes and records preserved on the electronic storage media to any medium acceptable under this paragraph (f) as required by the Commission or the self-regulatory organisations of which the member, broker, or dealer is a member. If a member, broker, or dealer uses micrographic media or electronic storage media, it shall: At all times have available, for examination by the staffs of the Commission and self-regulatory organisations of which it is a member, facilities for immediate, easily readable projection or production of micrographic media or electronic storage media images and for producing easily readable images. Be ready at all times to provide, and immediately provide, any facsimile enlargement which the Commission or its representatives may request.
25
Store separately from the original, a duplicate copy of the record stored on any medium acceptable under Rule 17a-4 for the time required. Organise and index accurately all information maintained on both original and any duplicate storage media. At all times, a member, broker, or dealer must be able to have such indexes available for examination by the staffs of the Commission and the self- regulatory organisations of which the broker or dealer is a member. Each index must be duplicated and the duplicate copies must be stored separately from the original copy of each index. Original and duplicate indexes must be preserved for the time required for the indexed records. The member, broker, or dealer must have in place an audit system providing for accountability regarding inputting of records required to be maintained and preserved pursuant to Rule 17a-3 and Rule 17a-4 to electronic storage media and inputting of any changes made to every original and duplicate record maintained and preserved thereby. At all times, a member, broker, or dealer must be able to have the results of such audit system available for examination by the staffs of the Commission and the self-regulatory organisations of which the broker or dealer is a member. The audit results must be preserved for the time required for the audited records. The member, broker, or dealer must maintain, keep current, and provide promptly upon request by the staffs of the Commission or the self-regulatory organisations of which the member, broker, or broker-dealer is a member all information necessary to access records and indexes stored on the electronic storage media; or place in escrow and keep current a copy of the physical and logical file format of the electronic storage media, the field format of all different information types written on the electronic storage media and the source code, together with the appropriate documentation and information necessary to access records and indexes. For every member, broker, or dealer exclusively using electronic storage media for some or all of its record preservation under this section, at least one third party ("the undersigned"), who has access to and the ability to download information from the member's, broker's, or dealer's electronic storage media to any acceptable medium under this section, shall file with the designated examining authority for the member, broker, or dealer the following undertakings with respect to such records: The undersigned hereby undertakes to furnish promptly to the U.S. Securities and Exchange Commission ("Commission"), its designees or representatives, upon reasonable request, such information as is deemed necessary by the Commission's or designee's staff to download information kept on the broker's or dealer's electronic storage media to any medium acceptable under Rule 17a-4.
26
Furthermore, the undersigned hereby undertakes to take reasonable steps to provide access to information contained on the broker's or dealer's electronic storage media, including, as appropriate, arrangements for the downloading of any record required to be maintained and preserved by the broker or dealer pursuant to Rules 17a-3 and 17a-4 under the Securities Exchange Act of 1934 in a format acceptable to the Commission's staff or its designee. Such arrangements will provide specifically that in the event of a failure on the part of a broker or dealer to download the record into a readable format and after reasonable notice to the broker or dealer, upon being provided with the appropriate electronic storage medium, the undersigned will undertake to do so, as the Commission's staff or its designee may request.
If a person who has been subject to Rule 17a-3 ceases to transact a business in securities directly with others than members of a national securities exchange, or ceases to transact a business in securities through the medium of a member of a national securities exchange, or ceases to be registered pursuant to section 15 of the Securities Exchange Act of 1934 as amended, such person shall, for the remainder of the periods of time specified in this section, continue to preserve the records which he theretofore preserved pursuant to this section. For purposes of transactions in municipal securities by municipal securities brokers and municipal securities dealers, compliance with Rule G-9 of the Municipal Securities Rulemaking Board will be deemed to be in compliance with this section. If the records required to be maintained and preserved pursuant to the provisions of Rule 17a-3 and Rule 17a-4 are prepared or maintained by an outside service bureau, depository, bank which does not operate pursuant to Rule 17a-3(b)(2), or other recordkeeping service on behalf of the member, broker or dealer required to maintain and preserve such records, such outside entity shall file with the Commission a written undertaking in form acceptable to the Commission, signed by a duly authorised person, to the effect that such records are the property of the member, broker or dealer required to maintain and preserve such records and will be surrendered promptly on request of the member, broker or dealer and including the following provision: With respect to any books and records maintained or preserved on behalf of [BD], the undersigned hereby undertakes to permit examination of such books and records at any time or from time to time during business hours by representatives or designees of the Securities and Exchange Commission, and to promptly furnish to said Commission or its designee true, correct, complete and current hard copy of any or all or any part of such books and records. Agreement with an outside entity shall not relieve such member, broker or dealer from the responsibility to prepare and maintain records as specified in this section or in Rule 17a-3. Every member, broker or dealer subject to this section shall furnish promptly to a representative of the Commission such legible, true and complete copies of those records of the member, broker or dealer, which are required to be preserved under this section, as are requested by the representative of the Commission.
27
Exchanges of futures for physical. Except as provided in paragraph (k)(2) of this section, upon request of any designee or representative of the Commission or of any self-regulatory organisation of which it is a member, every member, broker or dealer subject to this section shall request and obtain from its customers documentation regarding an exchange of security futures products for physical securities, including documentation of underlying cash transactions and exchanges. Upon receipt of such documentation, the member, broker or dealer shall promptly provide that documentation to the requesting designee or representative. This paragraph (k) does not apply to an underlying cash transaction(s) or exchange(s) that was effected through a member, broker or dealer registered with the Commission and is of a type required to be recorded pursuant to Rule 17a-3.