New compliance assessment strengthens trust in Microsoft 365 Copilot for financial servicessector
Financial services firms using Microsoft 365 Copilot can now feel reassured that their systems align with the latest compliance regulations from the SEC. These regulations mandate stringent record-keeping practices to safeguard investors and deter fraud, making it crucial for firms to select products and services capable of meeting regulatory requirements.
In response to the new SEC rules, Microsoft collaborated with Cohasset Associates to conduct an extended evaluation of Microsoft 365 services, encompassing Microsoft Copilot and Microsoft Loop. Released in December 2024, this report serves as a comprehensive guide for firms seeking to leverage Copilot’s generative AI features and explore the innovative collaboration tools of Microsoft Loop while ensuring compliance.
SEC Rules 17a-4 and 18a-6 impose record-keeping obligations on brokerage firms, dealers, security exchange members, and security-based swap entities. These rules mandate the retention of specific records for designated timeframes to facilitate regulatory oversight and audits. By preserving transaction records, account statements, and client communications, firms can uphold market integrity and provide regulatory bodies easy access to crucial information when necessary.
Microsoft’s collaboration with Cohasset Associates addresses compliance concerns raised by the SEC’s revised rules. In October 2023, a previous evaluation confirmed that SharePoint, OneDrive, Microsoft Teams, Exchange, and Viva Engage met standards for storing electronic records in a secure and unalterable format. The recent assessment builds upon this foundation, offering detailed insights and recommendations for configuring Copilot and Microsoft Loop to align with regulatory requirements.
Beyond SEC regulations, the assessment also considers compliance obligations outlined by FINRA Rule 4511 and CFTC Rule 1.31, underscoring Microsoft’s commitment to addressing a wide range of regulatory frameworks. The integration of these rules into Microsoft Cloud for Financial Services simplifies compliance for firms by providing off-the-shelf accelerators, partner collaborations, and robust security controls that align with current regulations and industry best practices.
Microsoft’s Purview Compliance Manager offers firms a holistic view of their compliance posture, helping them manage regulatory obligations efficiently. Solutions like Immutable storage for Azure Blob Storage and Preservation Lock enable the secure preservation of electronic records by establishing retention policies that prevent unauthorized modification or deletion. This ensures that records remain intact and accessible for audits and investigations.
In conclusion, Microsoft’s dedication to compliance empowers financial institutions to leverage cloud and AI technologies confidently. By aligning services with global regulatory standards, Microsoft facilitates firms in unlocking business value while deepening customer relationships in an evolving digital landscape. For additional information on SEC regulations and Microsoft’s compliance offerings, financial institutions can access resources on the Microsoft Learn platform and the Microsoft Service Trust Portal.