SEC-17a-4 (17 CFR § 240.17a-4 - Records to be preserved by certain exchange members, brokers and dealers.) is a US regulatory related to the records preservation.
The main areas are related to secured storage, retention management, change and deletion prevention, legal hold, and audit trail.
For the record documents storage, we will use Amazon S3 capabilities with a bucket with the following parameters:
- Versioning turned on
- Compliance mode turned on
- No default retention in the bucket (or default retention as 0)
- As a broker dealer, I want to guarantee that a record is deleted once a granted user requested a deletion of the record, so that I am compliant with the legal regulation
There are 2 specific behaviours with the SEC 17a-4 features that impact the deletion part:
- When a document is declared as a record (cf. NXP-27382 and https://jira.nuxeo.com/browse/NXP-27379 ), the file content is copied from the standard S3 bucket to the compliance mode S3 bucket.
- When we copy the file content in the compliance mode S3 bucket, we turn-off the deduplication feature (cf. https://jira.nuxeo.com/browse/NXP-27388 ),
Based on that, the main goals are to:
- put in place a synchronous deletion process (no garbage collector for the compliance mode S3 bucket),
- allow the original blob file (the one in the S3 standard bucket) to be deleted as any other document (using garbage collector)
The expected behavior is described in the attachment SEC17a_4_seq_deletion.png