Learn what documentation is needed to support recordkeeping, client account-opening controls, and internal-disciplinary decisions.
Compliance depends on evidence. A firm may believe that it followed the right process, but if the required documents are incomplete, inconsistent, or missing, the regulator may conclude that compliance was not established.
This section brings together three record categories that are often tested separately but rely on the same principle: records must be sufficient to show what the firm knew, what it did, who approved it, and why the decision was defensible at the time.
Recordkeeping is not only an operations function. It is a compliance control. Good records support supervision, complaint handling, reporting, investigations, and business continuity. Weak records undermine all of those functions.
The firm should keep records that are accurate, accessible, complete, and retrievable for the required period. A document that exists but cannot be produced reliably is a weak control.
Students should also distinguish between record creation and record quality. A poorly completed form, an undated checklist, or an unsigned approval does not become strong evidence simply because it sits in the file. The point of recordkeeping is not storage by itself. It is to create an audit trail that allows a later reviewer to reconstruct the decision.
Account-opening files should normally include the materials necessary to establish client identity, the account relationship, authority, KYC information, service model, and relevant approvals. Depending on the account type, that may also include risk disclosures, margin agreements, corporate-authority documents, trusted contact or power-of-attorney information, and evidence of review or approval by the appropriate person.
The exam often tests sufficiency rather than document naming. The stronger answer is usually the one that asks whether the file can prove that the account was opened properly, not merely whether the file contains several forms.
That is particularly important when the account is more complex than an ordinary retail cash account. Corporate, trust, margin, managed, discretionary, or leveraged accounts usually require the file to prove not just client identity, but authority, capacity, suitability-related information, special agreements, and supervisory review. If the account terms changed later, the amendment record should be just as clear as the original opening record.
Internal discipline should also be documented. The file should show the conduct under review, the investigation status, the basis for the decision, the measure imposed, who approved it, and whether the event created further reporting or supervision obligations.
Without that record, the firm may be unable to explain why it chose a particular response or whether it treated similar cases consistently. That weakness can matter in examinations, reporting reviews, and later litigation or employment disputes.
This is another area where students should think beyond the headline decision. A short note saying that the matter was “handled” is weak if it does not explain what happened, whether the conduct was admitted or contested, what remedial steps followed, and whether the issue triggered closer supervision, client remediation, or regulatory reporting.
A useful exam question in this area is whether the records are sufficient to evidence compliance. Sufficiency usually turns on whether the file:
This is why a file with only unsigned forms or vague notes is often not enough, even if staff can explain the background orally.
Files also need to be organized in a way that makes later review realistic. A branch may believe the documentation exists, but if approval records sit in one system, KYC updates sit in another, and disciplinary notes are stored in private email folders, the firm may struggle to evidence compliance promptly. From a regulator’s perspective, that is not just an efficiency problem. It raises doubt about whether the control process is dependable.
Consistency matters too. If one form says the account is non-discretionary, another shows discretionary-style trading authority, and the notes do not explain the mismatch, the file is not merely incomplete. It is internally contradictory. The strongest exam answer notices that contradiction and treats it as a control weakness.
A dealer opens a corporate account with basic onboarding forms but keeps no board resolution, no authority evidence for the signing officer, and no record of the supervisory approval. The stronger exam answer is that the documentation is insufficient because the firm cannot prove the account-opening decision was properly authorized and reviewed.
Record sufficiency is an evidence question. The file should show what the dealer knew, what it did, who approved it, and when the decision was made. That applies whether the file concerns general recordkeeping, opening a client account, or documenting internal discipline.
A useful exam approach is to ask whether a later reviewer could reconstruct the decision from the record alone. If the file depends on memory, informal oral explanations, or scattered branch documents that are not centrally accessible, the documentation is weaker than it appears.
It is also worth asking whether the file supports downstream obligations. Can the records support complaint handling, books-and-records review, suitability review, internal-discipline consistency, or regulatory reporting? If not, the documentation may be too weak even if the front-end transaction looked complete on the day it occurred.
flowchart TD
A[Client or control event] --> B[Required documents created]
B --> C[Approvals and dates captured]
C --> D[Records stored and retrievable]
D --> E[Used later for supervision, reporting, or investigation]
The theme is evidentiary sufficiency: the file should stand up to later review without guesswork.
A dealer opens a corporate margin account using basic onboarding forms, but the file does not contain a board resolution, proof that the signing officer had authority, or any record of supervisory approval. Months later, the representative is internally disciplined for unauthorized transfers in the account, yet the discipline file contains only a one-line HR note saying the matter was addressed.
What is the strongest analysis?
Correct answer: D.
Explanation: The account-opening file should support authority and required approvals, and the internal-discipline file should show the underlying conduct, rationale, and follow-up. Both files fail the core evidentiary test: they do not adequately prove what happened or why the firm’s decisions were defensible. Options A, B, and C each understate part of that weakness.