Bankers Are A Step Ahead With E-Discovery - InformationWeek
Software // Enterprise Applications
02:55 PM
Ransomware: Latest Developments & How to Defend Against Them
Nov 01, 2017
Ransomware is one of the fastest growing types of malware, and new breeds that escalate quickly ar ...Read More>>

Bankers Are A Step Ahead With E-Discovery

New rules require banks to put their content management efforts into high gear. We ask the experts how they're doing.

New e-discovery rules that went into effect Dec. 1 pose a range of challenges for banks. And what the bankers are learning from complying with amendments to the Federal Rules of Civil Procedure can be extended to other companies grappling with e-discovery. InformationWeek's sister publication, Bank Systems & Technology, had freelance writer Peggy Bresnick Kendler discuss banks' compliance efforts with four experts.


Barry Murphy, principal analyst, Forrester Research: The amendments affect organizations in three ways. First, they require a framework for early attention. Organizations not ready to address issues when litigation or regulatory requests hit will immediately be behind.

Second, they give a safe harbor for data destruction, meaning there are no penalties for deleting electronically stored information in keeping with routine operation of IT systems if the party took reasonable steps to preserve it. However, this means that organizations must have granular retention policies in place, and technology to enforce those policies and audit the enforcement as well.

Finally, there's the requirement for native file production. Organizations must be able to produce electronically stored information in its native format with its metadata intact and prove a valid chain of custody. Again, this spotlights the need for technology to manage the full life cycle of information.

John Mancini, president of AIIM, the enterprise content management association: Companies need to know what electronic information they're storing and where it is. They need policies in place governing the management of electronic information, they need to follow those policies, and they need to be able to prove compliance. The it's-too-hard-to-produce argument won't stand up anymore. These sound simple and basic on the surface. But according to AIIM surveys, the environment in most firms is barely controlled chaos.


Murphy: In my experience, banks are only ready for specific discovery requests, like those relating to Securities and Exchange Commission Rule 17a-4. To comply with that rule, many banks have deployed e-mail archiving systems. However, they have done so only for brokers. Discovery truly applies to all employees and to all kinds of content, not just e-mail. The large banks I've spoken with have yet to connect records management with e-discovery, which says to me that they're definitely not ready to deal with the amended rules proactively.

Mancini: Banks and other organizations with pre-existing requirements related to electronic information are probably in better shape than most to deal with the new electronic discovery requirements. They already have some experience with managing electronic information in a structured fashion.

Michael Sears, VP of enterprise discovery, Mathon Systems: Banks, like most large institutions today, lack the fine-grain policies and the enforcement tools necessary to stay ahead of the wave of documents and e-mail. I say "fine grain" to mean those policies that closely consider the content, originator, receiver, and time/date of the communication. All of those factors should be considered in creating a records- and message-retention policy.

Most organizations decide en masse to maintain all documents for five years and then delete no matter what as a policy. That's not going to work for a court that's trying to facilitate a good-faith search for a needle in a haystack. You must have a detailed policy and then the mechanism to enforce.

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll