Financial Services

Teams call recording for financial services

Broker-dealers, advisers, and swap dealers have to prove what was said — not hope someone pressed record. Our fully managed service captures your in-scope Microsoft Teams calls automatically and archives them in your own tenant, so you can meet FINRA, SEC 17a-4, Dodd-Frank, and MiFID II recordkeeping obligations with confidence.

Why regulated firms record Teams calls

In financial services, a business conversation is a business record. When a registered representative discusses an order over Microsoft Teams, negotiates a swap, or advises a client on a transaction, regulators expect that communication to be captured, preserved, and producible on demand. The obligation does not depend on whether the conversation happened over a desk phone, a chat window, or a Teams call — it follows the content of the communication, and Teams has become one of the primary channels where that content now lives.

That is why recordkeeping is not optional for firms in scope of FINRA and SEC rules. Supervisors are expected to review communications; examiners can request specific calls years after the fact; and disputes with clients or counterparties are frequently decided on the record of what was actually said. A firm that cannot produce the relevant communication is not just inconvenienced — it is exposed to findings, fines, and adverse inferences.

The problem is that Microsoft Teams, out of the box, was not built to satisfy these obligations. Its built-in Record button is manual and per-meeting: someone has to remember to press it on every call, in-scope users can simply decline to record, and the resulting file lands in a user's OneDrive with default retention rather than in a governed archive. For a regulated firm, that is a compliance gap, not a compliance control. Recording business communications reliably requires an automatic, policy-driven capture layer sitting on top of Teams — which is exactly what a compliance recording service provides. See our overview of Microsoft Teams compliance recording for how that layer works.

There is also a cultural shift behind the technical one. As firms moved trading, advisory, and client conversations from the office phone and the trading floor onto collaboration platforms like Teams, regulators made clear that the recordkeeping expectation moved with them. The channel changing does not change the obligation. Enforcement actions in recent years over "off-channel" communications have underscored the point: it is not enough to record some conversations on some systems while a whole category of business communication happens, unrecorded, somewhere else. A firm that has standardized on Teams needs a recording control that is native to Teams, applied consistently to everyone in scope, and complete enough that it can honestly say the record is whole.

The rules you answer to

Financial firms rarely answer to a single rule. Depending on your registrations, business lines, and where your clients sit, several overlapping regimes apply at once. None of them is satisfied by call recording alone — but each of them expects communications to be captured and preserved, and that is where a recording service earns its place in your program. The main frameworks are below, described plainly.

FINRA — supervision and books & records

FINRA Rule 3110 requires member firms to establish and maintain a supervisory system, including the review of communications, reasonably designed to achieve compliance with securities laws. You cannot supervise communications you never captured — so recording relevant Teams calls is a practical prerequisite for meaningful supervision. FINRA Rule 4511then requires firms to make and preserve books and records, retaining them in the form and for the periods specified under the SEC's recordkeeping rules. In other words, FINRA points you at the SEC's preservation standard for how records must be kept.

The practical takeaway for a Teams-based firm is that these two rules work together. Rule 3110 creates the expectation that in-scope communications are reviewable, and Rule 4511 dictates that once you have those records you retain them properly. A recording service helps you satisfy both by ensuring the communications exist as complete, attributable records in the first place, and by preserving them in an archive with retention configured to the required periods.

SEC Rule 17a-4 — preserving communications

SEC Rule 17a-4 is the core electronic recordkeeping rule for broker-dealers. It requires firms to preserve business communications, commonly for periods of three to six years depending on the record type, with the most recent records kept readily accessible. Historically the rule required electronic records to be stored in a non-rewriteable, non-erasable (WORM) format; a 2023 amendment introduced an audit-trail alternative that permits recreating or recovering the original record, provided the controls demonstrate the record has not been altered. Either way, the emphasis is on records that are complete, tamper-evident, and retrievable. You can read the SEC's rules directly at sec.gov.

The phrase "readily accessible" is worth dwelling on, because it shapes how you should store recordings. Regulators expect the most recent records to be produced quickly, not recovered from cold archival storage over days or weeks. Keeping recordings and their transcripts in a SharePoint library within your own tenant — indexed, searchable, and under your familiar Microsoft 365 controls — is a natural fit for the ready-access expectation, while still allowing longer-term retention for the full required window.

Dodd-Frank — swap dealers

Firms acting as swap dealers or major swap participants are subject to CFTC recordkeeping requirements under the Dodd-Frank Act. These generally require retaining records of relevant communications — including those that lead to the execution of a swap — for at least five years, and being able to retrieve them within regulatory timeframes. If your Teams environment is where trading-related conversations happen, those conversations fall squarely within this obligation. Because swap negotiations often move quickly across calls and meetings, the automatic, always-on nature of policy-based capture matters here in particular: a conversation that leads to execution has to be on the record even if no one thought to record it in the moment.

MiFID II — transaction communications

For firms with EU or UK-linked activity, MiFID II requires the recording of communications that relate to transactions and the reception, transmission, and execution of orders — even where those communications do not result in a transaction. Records must be retained for five years, and up to seven yearswhere a competent authority requests it. The European regulator's guidance is published by ESMA. MiFID II is also notable for expecting firms to take reasonable steps to prevent employees from making relevant calls on private or unmonitored devices — reinforcing that recording has to be applied consistently across the channels your people actually use, rather than being something that can be sidestepped.

Retention done right

Retention is where recordkeeping most often goes wrong — because different rules demand different periods, and keeping records for too short a time is itself a violation. The service applies configurable retention so recordings and transcripts are held for exactly as long as your obligation requires, in an archive you control. The table below summarizes the typical periods; treat it as a planning starting point, not legal advice, and confirm the exact requirement for your registrations with counsel.

Rule / regimeTypical retention
SEC Rule 17a-4 (broker-dealers)3–6 years; recent records readily accessible
FINRA Rule 4511 (books & records)Per SEC 17a-4 periods
Dodd-Frank (swap dealers)At least 5 years
MiFID II (transaction comms)5 years, extendable to 7 on request

For a fuller walk-through of how these periods interact and how to configure them, see our Teams recording retention requirements guide.

How our service supports these obligations

A recording service does not make your firm compliant on its own — compliance is a whole program, and recording is one control within it. What the service does is close the specific gaps that make Teams unsuitable for recordkeeping out of the box, so your program has reliable, attributable, well-governed records to build on:

  • Automatic policy capture. A Microsoft compliance recording policy is assigned to your in-scope users, and from that point every call they make or receive is captured automatically. There is no button to forget and no way for a user to quietly opt out — the single biggest failure mode of manual recording is removed.
  • Per-participant audio and transcription. Each call produces both a combined recording and per-participant (unmixed) audio, so every speaker is on their own track. Automatic transcription with speaker diarization then turns each call into accurate, attributable text — essential when a record has to stand up to scrutiny.
  • Archiving in your own tenant. Recordings and transcripts upload automatically to a SharePoint document library inside your Microsoft 365 tenant, under your access controls — not on a third-party platform outside your governance.
  • Configurable retention. Retention is set to your regulatory obligation, so records are preserved for the required period and disposed of on schedule rather than by accident.
  • Single-tenant isolation. The entire service runs on a dedicated, US-hosted server provisioned for your firm alone, keeping your data out of any shared, multi-tenant environment.

The end-to-end capture, transcribe, and archive workflow is described in full on the compliance recording service page.

A defensible, searchable archive

An archive is only useful if you can find the right record quickly. When an examiner requests a specific call, when a supervisor reviews communications, or when legal responds to an eDiscovery request, the difference between a compliant response and a scramble is searchability. Because every recording is transcribed with speaker diarization, your archive is not a wall of audio files — it is searchable, speaker-labelled text that maps back to the underlying recording.

That makes routine supervision practical rather than aspirational: reviewers can search across transcripts for the topics, phrases, or participants that matter, instead of listening to every call end to end. And because everything lives in a SharePoint library in your own tenant, the same controls, audit trails, and legal holds you already apply to Microsoft 365 apply to your recordings too. Learn more about automatic transcription and SharePoint archiving.

Attribution is the other half of defensibility. Because each call is captured as both a combined recording and per-participant, unmixed audio, and because transcription is speaker-diarized, you can point to a specific person saying a specific thing at a specific time — rather than an ambiguous mixed track where two voices overlap. When a record has to withstand challenge from a regulator, a counterparty, or opposing counsel, being able to attribute the words cleanly is often what makes the record persuasive rather than merely present.

Dedicated-server isolation

Most compliance recording products are multi-tenant SaaS: your firm's recordings are processed and stored alongside other organizations' data, separated only by software boundaries. For a regulated financial firm handling sensitive client and transaction communications, that shared surface is a real consideration in vendor due diligence and risk assessment.

We take a different approach. Every client runs on a single-tenant, dedicated, US-hosted serverthat we provision, host, monitor, patch, and support. Your recordings, transcripts, configuration, and processing are never co-mingled with anyone else's — a meaningful reduction in risk surface and a differentiator that is easy to explain to your own auditors and clients. Details are on our security page.

Because the server is fully managed, that isolation does not become your operational burden. We provision, host in the US, monitor, patch, and support the environment, so your IT and compliance teams get the benefits of a single-tenant deployment without having to stand up or maintain recording infrastructure themselves. For firms whose vendor due-diligence questionnaires probe data segregation, hosting location, and change management, a dedicated, US-hosted, managed model gives clear, defensible answers. Note that formal certifications such as SOC 2 and ISO 27001 are on our roadmap and in progress rather than held today; we are happy to discuss where that work stands as part of your assessment.

Frequently asked questions

No. Native Teams recording is a manual, per-meeting feature — it is not a recordkeeping solution by itself. Meeting FINRA and SEC obligations requires automatic capture of in-scope communications plus a governed archive with configurable, enforced retention. Our service adds both: policy-driven capture that no user can opt out of, and archiving into your own tenant with retention set to your obligation.

See compliance recording running on your own Teams tenant

Book a walkthrough and we'll show you policy-based capture, transcription, and SharePoint archiving on a dedicated server built for your organization.