Blog » Audit-Proof Archiving of the Communication via an Enterprise Messaging App
26 Apr 2018 |
There are several legal requirements that oblige companies to archive business communications. This applies to traditional media such as the letter and the fax as well as to digital media for the communication such as the email but also instant messaging and chat apps and even chat bots. In the following, we describe which communications have to be documented and archived by an enterprise messaging app.
In general, the archiving requirements for business communication affect all enterprises. The requirement to archive communication via an enterprise messaging app in an audit-proof manner can result from tax and accounting obligations as well as legal requirements. Frequently, internal compliance also plays an important role. The duties of archiving are the responsibility of the management. Enterprises that do not archive their business communications can face legal consequences and sometimes significant penalties.
Not only enterprises need to ensure that their archiving practices are up to date. Even public sector organizations must ensure that not only email records are archived in compliance with the law, but all electronic communication, including chat apps and instant messaging.
The following laws and regulations may be important for the audit-proof archiving of the communication via an enterprise messaging app:
- national accounting laws
- national tax laws
- national electronic record keeping laws
- data protection laws such as the "Federal Data Protection Act", the "European General Data Protection Regulation" (EU GDPR) and the "Telecommunications Act"
- industry specific regulations like the "Markets in Financial Instruments Directive" (MiFID II), "Federal Rules of Civil Procedure" (FRCP), "Sarbanes-Oxley-Act" (SOX), Health Insurance Portability and Accountability Act (HIPAA), Financial Industry Regulatory Authority (FINRA), Securities and Exchange Commission Rules (SEC)
All these rules for archiving are generally not alternative, but cumulative. Especially accounting and tax laws are normally comprehensive with regard to archiving. Which rules are relevant for the audit-proof archiving of the communication via an enterprise messaging app depends on the legal form of the company, the activity field, branch offices and the content of the communication. In that sense, the rules can be extensive and complex.
Generally all communication with the enterprise messaging app, which has a relation to the business correspondence of a company or a tax relevance, should be archived. That means the entire external and internal communication used to initiate, prepare, execute and conclude a transaction must be archived in compliance with the law.
Legally compliant archiving of project, trade and business communication is of great importance to all enterprises, not just those that have stringent government regulations. Businesses may end up in court for warranty cases, breach of contract, misconduct, etc. Detailed records of the chat communication between the parties involved and of internal votes may be used by the company for the purposes of providing evidence as well as for possible court orders for the transfer of certain information. Thereby audit-proof archiving also helps a company to gain legal certainty.
A legally compliant archive of the communication via an enterprise messaging app can be relevant for the following cases:
- documentation of a commercial transaction
- proof of a business correspondence
- tax audit
- GDPR case/investigation (search for personal data)
- legal proceedings
- misconduct of management or employees
- warranty case
- documentation of a project
The communication via an enterprise messaging app, which has a relation to the business correspondence of a company, should normally be archived legally compliant for 6 years. For communication containing invoices, accounting documents, financial statements, balance sheets, management reports or other organizational documents, a retention period of 10 years can apply. The retention periods for the chat archives vary depending on the case and are also dependent on the enterprise's internal compliance.
An audit-proof archiving of the communication via an enterprise messaging app must be:
- always available, and
- machine-readable / searchable.
It is important to not confuse an archive of the chat communication with a backup. While a backup is used to restore chat data when needed (for example, if data is lost, hard drives are damaged, or users make mistakes), archiving is about documenting communications through the enterprise messaging app.
The archiving of Teamwire is characterized by the following features:
- With our enterprise messaging app the communication can be archived for selected periods of time. Archiving is also possible for individual users of the enterprise.
- Teamwire's chat archive is encrypted to ensure organizational privacy and prevent tampering.
- The archiving has an authorization concept to protect against unauthorized access. Only authorized individuals with a private key can access the messaging archive and view content.
- The archiving of Teamwire guarantees a complete traceability of the communication of the enterprise. The Teamwire archive contains all the chats as well as all text messages and media of the communication (e.g. photos, videos, files) in chronological order.
- The Teamwire chat archive is a searchable file. Content can be quickly searched for and evaluations are easily possible if needed.
- The archive can be stored by authorized personnel at any location.
With the audit-proof archiving Teamwire contributes to the compliance of IT systems and helps enterprises to minimize liability risks and ensure legal certainty. If you have questions about the audit-proof archiving of our enterprise messaging app, please contact us.