Designated Third Party (D3P) Compliance Service

Broker-Dealer Compliance Peace of Mind.




Get SEC 17a-4(f)(3)(vii) compliant.

The Securities and Exchange Commission (SEC) requires broker-dealers to adhere to numerous regulations, including SEC 17a-4(f)(3)(vii), also known as the Designated Third Party for Broker Dealers. SEC 17a-4(f)(3)(vii) details critical record keeping requirements on how electronic data is stored. Broker-dealers are required by this rule to retain a designated third party who can access electronically stored information for the SEC’s review.

How Veritas gets the job done.

Veritas’s Designated Third Party (D3P) service offers a safe, secure and compliant solution. Veritas assists financial institutions in meeting the SEC’s and FINRA’s requirements. Users who have D3P have their data continuously available, which helps achieve compliance.

Veritas’s comprehensive environmental plans not only satisfy the independent third-party requirement, but also help uncover system and configuration issues in advance of an audit. Veritas’s detailed methodology involves analyzing your compliance status with record archiving and retrieval procedures to the SEC, FINRA and/or other regulatory authorities.

Veritas’s solution is applicable to all WORM compliant (write once, read many) storage archives, whether they are on-premises or in the cloud. Our team will work with your network and systems administrators to access the records we’re asked to cover.

The result is peace of mind and assurance that your firm has satisfied these requirements in a secure and reliable manner.

Veritas D3P service provides:

All documentation needed to file with the SEC and other self-regulatory organizations.

  • A Letter of Intent which is proof you are working towards a Letter of Undertaking.
  • A Letter of Undertaking for the repository.
  • A yearly update that goes through a full cycle of the download procedure to cover any infrastructure changes.
  • An annual test and report that proves compliance and verifies our access and service capabilities to regulators.

Make sure your D3P service provider delivers:

  • Documented procedures for accessing data in your system, including the types of data that are subject to regulations.
  • Create a System Configuration Plan (SCP) for each system.
  • Have a qualified and experienced systems analyst review and validate your System Configuration Plan.
  • Enjoy the credibility of partnering with a Fortune 500 provider of designated third-party services.
  • Have the security of a provider with the longevity and stability you need to ensure that the designated third-party services are there when needed.

Two forms of testing to best meet your needs:

Onsite Testing

Veritas can send an analyst to your facility to perform on-site testing.


Online Testing

Veritas can access your system remotely online once you provide access.

Giving you the protections the SEC requires:

You don't want your company to be front-page news for the wrong reasons.

Your customers only want to work with broker-dealers they can trust.

You need to show compliance with SEC Rule 17a-4(f)(3)(vii).

FINRA auditors are asking for proof that broker-dealers have established this important designated third-party relationship.

Contact us

Questions about which solutions are right for your organization? Need help locating an authorized reseller? We can help.  

Learn more