Views on improving the integrity of global capital markets
26 April 2018

Ethics in Practice: Compliant with Record Retention Standard? Case Analysis Now Included

CFA Institute Ethical Decision-Making Framework

How did you do assessing the actions of the compliance officer in this week’s case (23 April)? Check out the analysis below.

The CFA Institute Code of Ethics and Standards of Professional Conduct (Code and Standards) address the issue of record retention in investment management firms. Read on about a chief compliance officer working to fulfill his duties and decide whether you think his actions are in compliance, and then join the conversation to share your thoughts.


Ianetta is the chief compliance officer for Rocky Mountain Investments (RMI). He is responsible for establishing and maintaining appropriate regulatory compliance policies, including a document retention policy. RMI’s policies require retaining and archiving the emails of the firm’s personnel. RMI has rapidly expanded over the years, and Ianetta determines that the firm should move to a new and less expensive email archive provider. But during the transition, several thousand emails are temporarily inaccessible. In addition, the new system does not capture emails from accounts hosted on an external server, and it does not archive emails sent from a third-party provider’s application (“cloud” email). Do Ianetta’s actions comply with the CFA Institute Code and Standards?

  1. No because the record retention system Ianetta implemented is inadequate.
  2. Yes, as long as the inaccessible emails are able to be recovered.
  3. Yes because emails sent and received outside RMI’s email system are not required to be retained.
  4. Yes, if the emails are more than five years old.


The issue in the case involves record keeping. CFA Institute Standard V(C): Record Retention states that CFA Institute members must “develop and maintain appropriate records to support their investment analyses, recommendations, actions, and other investment-related communications with clients and prospective clients.” Emails to and from firm personnel are important records of the firm’s business. As the firms’ chief compliance officer, Ianetta has the responsibility to develop policies and procedures to meet the record retention requirements for RMI. The emails of firm personnel must be preserved regardless of what email service or platform is used to generate them. The requirement is not limited to only emails sent and received through the firm’s internal server.

Guidance for Standard V(C) recommends that records be retained up to seven years in the absence of regulatory requirements. It is not clear what regulatory regime RMI is subject to if any, but best practice would be to keep seven years of the email records. The facts state that during the transition to the new email archive service provider, the records (emails) were temporarily unavailable, although it is not clear for how long. But even if the records are not available for a short time, it would be unacceptable. Lack of access to records for any amount of time could certainly cause issues with clients and regulators who may be wanting to review emails to substantiate investment recommendations, confirm communications, examine client/adviser discussions, and so on. Therefore, by not adequately fulfilling his responsibility to maintain appropriate records for RMI, Ianetta is in violation of Standard V(C), so the best answer is A.

The facts of this case are based on a 2013 enforcement action by the US Financial Industry Regulatory Authority.

Have an idea for a case for us to feature? Send it to us at

More About the Ethics in Practice Series

Just as you need to practice to become proficient at playing a musical instrument, public speaking, or playing a sport, practicing assessing and analyzing situations and making ethical decisions develops your ethical decision-making skills. The Ethics in Practice series gives you an opportunity to “exercise” your ethical decision-making skills. Each week, we post a short vignette, drawn from real-world circumstances, regulatory cases, and CFA Institute Professional Conduct investigations, along with possible responses/actions. We then encourage you to assess the case using the CFA Institute Ethical Decision-Making Framework and through the lens of the CFA Institute Code of Ethics and Standards of Professional Conduct. Then join the conversation and let us know which of the choices you believe is the right one and explain why. Later in the week, we will post an analysis of the case and you can see how your response compares.

Image Credit: ©CFA Institute

About the Author(s)
Jon Stokes

Jon Stokes is the Director of Ethics and Standards Education at CFA Institute. His responsibilities include design and creation of on-line ethics education, development and maintenance of the CFA Institute Code of Ethics and Standards of Professional Conduct, and the design and management of the CFA Institute Ethical Decision-Making and Giving Voice to Values education programs. Stokes holds a JD degree.

Leave a Reply

Your email address will not be published. Required fields are marked *

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.