Get answers to the most common questions here

Our knowledge base can be searched and filtered by using the form below.

For assistance please email support.

Support Hours – M-F 9am-6pm Eastern.

Response times may vary but is typically within 10 minutes of email receipt.

 
clear form
 

An employee has left the company and we want to remove their account or old emails from the archive system.

Emails cannot be deleted from the archive; however, you can set the user account to “Inactive” status by editing the user account. Select the “Users” icon from the menu bar and select the user account. Next, set the radio button for “Is Active” to “No” and click “Save”.

Just this topic

Compliance Glossary

Compliance Glossary

17a-4:  Definition: A regulation by the U.S. Securities and Exchange Commission (SEC) that specifies record-keeping requirements for broker-dealers. ABAC:  Acronym: Anti-Bribery and Anti-Corruption. Definition: A comprehensive approach that includes policies and procedures to prevent bribery and corruption within an organization. ADEA:  Acronym: Age Discrimination in Employment Act. Definition: U.S. law prohibiting age discrimination against employees who are 40 years or older. AFA:  Acronym: Anti-Fraud Awareness. Definition: Programs and initiatives aimed at educating employees about recognizing and preventing fraud. AML/CFT:  Acronym: Anti-Money Laundering/Countering the Financing of Terrorism. Definition: Measures and regulations designed to prevent money laundering and terrorist financing. Anti-Bribery and Corruption (ABC):  Definition: A set of laws, regulations, and practices aimed at preventing bribery and corruption in business transactions. Anti-Kickback Statute:  Definition: A U.S. law that prohibits offering, paying, soliciting, or receiving kickbacks for referrals in federal healthcare programs. Anti-Money Laundering (AML):  Definition: Measures and regulations designed to prevent money laundering and terrorist financing. Anti-Trust Laws:  Definition: Laws aimed at promoting fair competition and preventing monopolistic behavior and anticompetitive practices. Asset Forfeiture:  Definition: The confiscation of assets acquired through illegal activities as a penalty for wrongdoing. Audit Committee:  Definition: A committee of a company's board of directors responsible for oversight of financial reporting and internal controls. Audit Trail:  Definition: A chronological record of system activities and transactions used to monitor and review actions for compliance and security purposes. Bank Secrecy Act (BSA):  Definition: U.S. legislation requiring financial institutions to assist in detecting and preventing money laundering. Basel III:  Definition: A global regulatory framework for banking institutions that establishes minimum capital and liquidity requirements. Beneficial Ownership:  Definition: Identifying and reporting the individuals who ultimately own or control a legal entity. Best Practices:  Definition: Industry-accepted standards and practices that represent the most effective way of achieving compliance and ethical conduct. Blockchain Technology:  Definition: A distributed ledger technology that can be used for secure and transparent record-keeping, including compliance records. Board of Directors:  Definition: A group of individuals elected by shareholders to oversee the management and strategic direction of a corporation. Board Oversight:  Definition: The responsibility of a company's board of directors in overseeing compliance efforts and ensuring ethical behavior. Bribery Act 2010:  Definition: UK legislation that criminalizes bribery and imposes strict anti-bribery measures on businesses. Business Continuity Plan (BCP):  Definition: A plan that outlines procedures and resources to maintain critical business operations during disruptions, including compliance with regulations. Business Ethics:  Definition: Principles and values that guide ethical decision-making and behavior in the business environment. CAMELS Rating:  Definition: A rating system used by bank regulators to assess the safety and soundness of financial institutions. Certification of Compliance:  Definition: A formal declaration that an organization is in compliance with specific laws, regulations, or industry standards. CFT:  Acronym: Countering the Financing of Terrorism. Definition: Efforts to prevent the funding of terrorist activities through financial transactions. CFTC:  Acronym: Commodity Futures Trading Commission. Definition: A U.S. regulatory agency overseeing commodity and futures markets. Chief Compliance Officer (CCO):  Definition: The senior executive responsible for overseeing an organization's compliance program. Code of Conduct:  Definition: A set of guidelines and principles that outline acceptable behavior and ethical standards for employees within an organization. Code of Ethics:  Definition: A document that outlines an organization's core values, principles, and ethical standards. COI:  Acronym: Conflict of Interest. Definition: A situation where an individual's personal interests may interfere with their ability to make impartial decisions in their professional role. Compliance Framework:  Definition: A structured approach and set of processes used to ensure an organization's compliance with laws and regulations. Compliance Officer:  Definition: An individual responsible for ensuring that an organization adheres to relevant laws, regulations, and internal policies. Conflict Minerals:  Definition: Minerals (e.g., gold, tin, tungsten, and tantalum) sourced from conflict zones, subject to disclosure and due diligence requirements. Conflict of Interest Policy:  Definition: A formal policy that outlines procedures for identifying and addressing conflicts of interest within an organization. Conflict of Interest:  Definition: A situation in which an individual's personal interests or relationships may interfere with their ability to make impartial decisions in their professional role. Consumer Financial Protection Bureau (CFPB):  Definition: A U.S. government agency responsible for consumer protection in the financial sector. Corporate Culture:  Definition: The shared values, norms, and behaviors that shape an organization's character and influence compliance practices. Corporate Governance:  Definition: The system of rules, practices, and processes by which a company is directed and controlled to enhance accountability and transparency. Corporate Social Responsibility (CSR):  Definition: An organization's commitment to ethical and socially responsible business practices. Crisis Communication Plan:  Definition: A strategy and set of procedures for communicating with stakeholders during a crisis or compliance incident. Crisis Management:  Definition: The process of planning for, responding to, and recovering from critical events that may impact an organization's compliance and reputation. Customer Due Diligence (CDD):  Definition: The process of verifying and understanding the identity of customers, often required for anti-money laundering compliance. Dark Web:  Definition: A hidden part of the internet used for illegal activities, including the sale of stolen data and hacking tools, posing compliance risks. Data Breach Response:  Definition: The coordinated actions taken by an organization to address and mitigate the impact of a data breach. Data Breach:  Definition: The unauthorized access, disclosure, or acquisition of sensitive data, often resulting in a security incident. Data Classification:  Definition: Categorizing data based on its sensitivity and importance to determine appropriate security and handling measures. Data Encryption:  Definition: The process of converting data into a code to prevent unauthorized access, essential for data security compliance. Data Governance:  Definition: The framework and practices for managing data assets, ensuring data quality, and compliance with data regulations. Data Privacy:  Definition: The protection of sensitive information and personal data in accordance with data protection laws and regulations. Data Protection Officer (DPO):  Definition: An individual appointed to oversee data protection and compliance with data privacy regulations. Debarment:  Definition: The exclusion of individuals or entities from participating in government contracts due to compliance violations. Deferred Prosecution Agreement (DPA):  Definition: An agreement between a prosecutor and an organization to suspend criminal charges in exchange for certain actions, such as compliance improvements. Digital Rights Management (DRM):  Definition: Technologies and strategies to protect digital content from unauthorized copying and distribution. Directors and Officers (D&O) Insurance:  Definition: Insurance coverage that protects directors and officers from personal liability related to their management decisions. Disaster Recovery Plan (DRP):  Definition: A plan that outlines procedures and resources for recovering IT systems and data in the event of a disaster. Diversity and Inclusion:  Definition: Efforts to promote a diverse workforce and inclusive workplace, often associated with compliance with equal employment opportunity laws. Document Management System:  Definition: Software and tools for organizing, storing, and managing documents and records, important for compliance records. Document Retention Policy:  Definition: Guidelines for the retention and disposal of organizational documents, taking into account legal and regulatory requirements. Dodd-Frank Wall Street Reform and Consumer Protection Act:  Definition: U.S. legislation aimed at reforming financial regulations to prevent another financial crisis. Due Diligence:  Definition: A comprehensive review and investigation process to assess the risks associated with a business transaction or relationship. E-Discovery:  Definition: The process of electronically identifying, collecting, and preserving information for legal proceedings, including compliance with e-discovery rules. EEOC:  Acronym: Equal Employment Opportunity Commission. Definition: A U.S. agency responsible for enforcing laws against workplace discrimination. Electronic Health Records (EHR):  Definition: Digital patient health records that must be managed in compliance with healthcare data privacy regulations. Employee Handbook:  Definition: A document that outlines an organization's policies, procedures, and expectations for employees. Employee Monitoring:  Definition: The practice of tracking employee activities to ensure compliance with company policies and legal requirements. Employee Training and Development:  Definition: Programs designed to educate and develop employees' skills and knowledge, including compliance training. Environmental Compliance:  Definition: Adherence to environmental laws and regulations to minimize an organization's impact on the environment. Environmental Impact Assessment (EIA):  Definition: A study that assesses the environmental consequences of a project, often required for compliance with environmental regulations. Environmental Management System (EMS):  Definition: A framework for managing an organization's environmental responsibilities and compliance with environmental laws. Equal Employment Opportunity (EEO):  Definition: The principle of providing equal employment opportunities without discrimination, subject to compliance laws. ESG:  Acronym: Environmental, Social, and Governance. Definition: A framework that evaluates a company's performance in terms of sustainability, social responsibility, and corporate governance. Ethics Hotline:  Definition: A confidential reporting mechanism for employees to report ethical concerns or compliance violations within an organization. Ethics Training:  Definition: Educational programs and initiatives that promote ethical behavior and decision-making within an organization. Export Control:  Definition: Compliance with laws and regulations governing the export of goods, services, and technology. Fair Credit Reporting Act (FCRA):  Definition: U.S. law regulating the collection and use of consumer credit information. Fair Labor Standards Act (FLSA):  Definition: U.S. labor law establishing standards for minimum wage, overtime pay, and child labor. Fair Lending:  Definition: Compliance with laws that prohibit discriminatory lending practices based on factors such as race, gender, or age. Fair Packaging and Labeling Act (FPLA):  Definition: U.S. law requiring honest and informative labeling of consumer products. Fair Trade:  Definition: A movement that promotes ethical trading practices and fair compensation for producers in developing countries. False Claims Act (FCA):  Definition: U.S. federal law imposing liability for submitting false claims to the government, often related to healthcare fraud. FATCA:  Acronym: Foreign Account Tax Compliance Act. Definition: U.S. legislation aimed at preventing tax evasion by U.S. persons with foreign accounts. FCPA:  Acronym: Foreign Corrupt Practices Act. Definition: A U.S. law that prohibits bribery and corrupt practices by U.S. companies and individuals abroad. FDA Compliance:  Definition: Adherence to regulations set by the U.S. Food and Drug Administration, particularly in the pharmaceutical and food industries. Financial Crimes Enforcement Network (FinCEN):  Definition: A bureau of the U.S. Department of the Treasury focused on combating financial crimes, including money laundering and terrorist financing. Financial Industry Regulatory Authority (FINRA):  Definition: A self-regulatory organization that oversees securities firms and brokers in the United States. Financial Statement Audit:  Definition: An independent examination of an organization's financial statements for accuracy and compliance with accounting standards. FINRA:  Acronym: Financial Industry Regulatory Authority. Definition: A self-regulatory organization that oversees securities firms and brokers in the United States. Foreign Account Tax Compliance Act (FATCA):  Definition: U.S. legislation aimed at preventing tax evasion by U.S. persons with foreign accounts. Foreign Corrupt Practices Act (FCPA):  Definition: U.S. law prohibiting bribery and corrupt practices by U.S. companies and individuals abroad. Foreign Exchange Compliance:  Definition: Compliance with laws and regulations governing foreign exchange transactions and currency trading. Form 10-K:  Definition: An annual report filed with the SEC by publicly traded companies, containing financial information and business operations details. Form 10-Q:  Definition: A quarterly report filed with the SEC by publicly traded companies, providing financial updates and disclosures. Form 8-K:  Definition: A report filed with the SEC to announce significant events, such as mergers, acquisitions, and changes in corporate governance. Fraud Prevention:  Definition: Strategies and measures to detect, deter, and prevent fraudulent activities within an organization. Fraud Triangle:  Definition: A model that describes the factors contributing to fraud: opportunity, motivation, and rationalization. Free and Prior Informed Consent (FPIC):  Definition: A principle in corporate social responsibility that requires obtaining consent from indigenous communities before undertaking projects on their land. Fringe Benefits:  Definition: Non-wage compensation provided to employees, often subject to tax and regulatory compliance. Full Disclosure Principle:  Definition: An accounting principle that requires organizations to provide complete and accurate information in financial reporting. Garnishment:  Definition: A legal process for collecting debt by deducting money from an employee's wages, subject to compliance regulations. GDPR:  Acronym: General Data Protection Regulation. Definition: European Union regulation governing data protection and privacy rights for individuals. General Data Protection Regulation (GDPR):  Definition: European Union regulation governing data protection and privacy rights for individuals. Gift Policy:  Definition: A policy that sets guidelines for giving and receiving gifts, often to prevent conflicts of interest and bribery. Gifts and Hospitality Policy:  Definition: A policy that sets guidelines for giving and receiving gifts, entertainment, and hospitality to prevent potential conflicts of interest. Gifts and Hospitality:  Definition: The giving or receiving of gifts, entertainment, or hospitality in a business context, often subject to compliance guidelines. GLBA:  Acronym: Gramm-Leach-Bliley Act. Definition: A U.S. law that requires financial institutions to protect consumers' personal financial information. Global Compliance:  Definition: The practice of ensuring an organization's adherence to laws, regulations, and standards across multiple countries. Good Clinical Practice (GCP):  Definition: International standards for conducting clinical trials and research, crucial in the pharmaceutical and healthcare industries. Good Manufacturing Practices (GMP):  Definition: A set of quality control guidelines and regulations for the pharmaceutical and manufacturing industries. Governance, Risk Management, and Compliance (GRC):  Definition: A holistic approach to managing an organization's governance, risk, and compliance functions. Greenwashing:  Definition: Misleading marketing practices that falsely suggest a product or company is environmentally friendly or sustainable. Health and Safety Compliance:  Definition: Adherence to laws and regulations aimed at ensuring the health and safety of employees and the public. HIPAA:  Acronym: Health Insurance Portability and Accountability Act. Definition: U.S. law that governs the security and privacy of healthcare information. Human Resources Compliance:  Definition: Compliance with laws and regulations governing employment, labor relations, and workforce management. Incident Response Plan (IRP):  Definition: A structured approach and documented plan for responding to and mitigating data breaches and security incidents. Incident Response Plan:  Definition: A structured approach and documented plan for responding to and mitigating data breaches and security incidents. Independent Review:  Definition: An external assessment of an organization's compliance practices and controls. Information Governance:  Definition: The framework and processes for managing and protecting an organization's information assets. Information Security Officer (ISO):  Definition: An individual responsible for overseeing an organization's information security program and compliance. Information Security Policy:  Definition: A set of guidelines and procedures to protect an organization's information assets from security threats and breaches. Insider Threat:  Definition: The risk posed by individuals within an organization who misuse their access or knowledge for malicious purposes, affecting compliance. Insider Trading:  Definition: Illegally buying or selling securities based on non-public, material information. Intellectual Property Rights (IPR):  Definition: Legal protections for inventions, creative works, and proprietary information, requiring compliance with IP laws. Interagency Working Group (IWG):  Definition: A collaborative effort between government agencies to address regulatory issues and promote compliance. Internal Audit:  Definition: A systematic review and evaluation of an organization's operations, processes, and controls to ensure compliance and identify areas for improvement. Internal Controls:  Definition: Policies, procedures, and practices implemented to ensure compliance, prevent fraud, and safeguard assets within an organization. International Traffic in Arms Regulations (ITAR):  Definition: U.S. regulations governing the export and import of defense-related articles, services, and technology. ISO 14001:  Acronym: International Organization for Standardization (ISO) Standard 14001. Definition: A standard for environmental management systems that helps organizations minimize their environmental impact. ISO 19600:  Acronym: International Organization for Standardization (ISO) Standard 19600. Definition: A standard that provides guidelines for establishing, implementing, maintaining, and improving a compliance management system. ISO 22000:  Acronym: International Organization for Standardization (ISO) Standard 22000. Definition: A standard for food safety management systems, essential for compliance in the food industry. ISO 27001:  Acronym: International Organization for Standardization (ISO) Standard 27001. Definition: A standard for information security management systems that helps organizations protect their data and information assets. ISO 45001:  Acronym: International Organization for Standardization (ISO) Standard 45001. Definition: A standard for occupational health and safety management systems, critical for workplace safety compliance. ISO 9001:  Acronym: International Organization for Standardization (ISO) Standard 9001. Definition: A standard for quality management systems that focuses on meeting customer requirements and improving processes. Kickback:  Definition: A form of bribery where a party offers or receives something of value in exchange for favorable treatment. Know Your Customer (KYC):  Definition: The process of verifying the identity of customers to prevent fraud and comply with anti-money laundering regulations. KYC:  Acronym: Know Your Customer. Definition: The process of verifying the identity of customers to prevent fraud and comply with anti-money laundering regulations. Labor Law Compliance:  Definition: Compliance with laws and regulations governing labor relations, wages, hours, and workplace conditions. Labor Law Poster Compliance:  Definition: Compliance with laws requiring employers to display posters informing employees of their rights and protections. Liability Insurance:  Definition: Insurance coverage that protects individuals or organizations from legal claims and financial losses. Licensing and Permitting:  Definition: Compliance with regulations that require businesses to obtain licenses and permits to operate legally. Lobbying:  Definition: Efforts by individuals or organizations to influence government decisions, often subject to specific regulations. Market Abuse Directive (MAD):  Definition: European Union directive aimed at preventing market manipulation and insider trading. Market Abuse Regulation (MAR):  Definition: European Union regulation aimed at preventing insider trading and market manipulation. Materiality:  Definition: The significance or importance of information or events in the context of financial and compliance reporting. Merger and Acquisition (M&A) Due Diligence:  Definition: The process of evaluating the legal, financial, and compliance aspects of a potential merger or acquisition. Mergers and Acquisitions (M&A) Compliance:  Definition: Ensuring compliance with laws and regulations during the acquisition or merger of companies. MiFID II:  Acronym: Markets in Financial Instruments Directive II. Definition: European Union regulation that enhances transparency and investor protection in financial markets. Money Laundering:  Definition: The process of disguising the origins of illegally obtained money to make it appear legitimate. Monitoring and Surveillance:  Definition: The practice of continuously observing and analyzing activities to detect compliance violations and security threats. National Labor Relations Act (NLRA):  Definition: U.S. law protecting employees' rights to organize and engage in collective bargaining. Non-Compete Agreement:  Definition: A contract that restricts an employee from working for competitors after leaving the organization, subject to compliance laws. Non-Disclosure Agreement (NDA):  Definition: A legal contract that binds parties to confidentiality, often used to protect sensitive information. Occupational Safety and Health Administration (OSHA):  Definition: U.S. agency responsible for enforcing workplace safety and health regulations. OFAC Sanctions List:  Definition: Lists of individuals, entities, and countries subject to economic and trade sanctions imposed by the U.S. Office of Foreign Assets Control (OFAC). OFAC:  Acronym: Office of Foreign Assets Control. Definition: A U.S. government agency that administers and enforces economic and trade sanctions. Office of Inspector General (OIG):  Definition: An independent office within a government agency responsible for investigating and preventing fraud, waste, and abuse. Operational Risk:  Definition: The risk of financial loss or compliance failure resulting from internal processes, systems, or human errors. Outsourcing Compliance:  Definition: Ensuring that outsourced services and functions comply with regulatory requirements and organizational standards. Payroll Compliance:  Definition: Compliance with laws and regulations governing employee compensation, including wage and hour laws. PCI DSS:  Acronym: Payment Card Industry Data Security Standard. Definition: A set of security standards for protecting payment card data. Penetration Testing:  Definition: Simulated cyberattacks on an organization's systems to assess vulnerabilities and security compliance. Personal Protective Equipment (PPE):  Definition: Safety gear and equipment required in certain workplaces to protect employees, subject to compliance. Phishing:  Definition: Deceptive attempts to trick individuals into revealing sensitive information, often for fraudulent purposes. Policy Management:  Definition: The process of creating, maintaining, and enforcing organizational policies, including compliance policies. Ponzi Scheme:  Definition: An investment fraud that promises high returns but pays earlier investors with the capital of new investors, often leading to compliance violations. Privacy Impact Assessment (PIA):  Definition: An evaluation of the potential risks and impacts on individual privacy associated with a new project or system. Product Liability:  Definition: Liability for injuries or damages caused by defective products, subject to product safety compliance. Product Recall:  Definition: The process of withdrawing or recalling a product from the market due to safety or regulatory concerns. Quality Assurance (QA):  Definition: Systems and processes that ensure products or services meet specified quality and compliance standards. Ransomware:  Definition: Malicious software that encrypts an organization's data and demands a ransom for its release, posing compliance and security risks. Records Management:  Definition: The systematic control of an organization's records, including storage, retrieval, and disposal, critical for compliance. Red Flags Rule:  Definition: U.S. regulations requiring certain businesses to establish identity theft prevention programs. Regulatory Affairs:  Definition: A function within organizations that focuses on ensuring compliance with regulatory requirements in their industry. Regulatory Compliance:  Definition: Conforming to laws, regulations, and industry standards relevant to an organization's operations. Regulatory Reporting:  Definition: The process of preparing and submitting required reports to regulatory authorities to demonstrate compliance with relevant laws and regulations. Regulatory Technology (RegTech):  Definition: Technology solutions and tools designed to help organizations streamline compliance processes and manage regulatory requirements. Reputation Risk:  Definition: The risk of damage to an organization's reputation due to compliance failures, unethical behavior, or other negative events. Responsible Sourcing:  Definition: The practice of ensuring that products are sourced and produced in an ethical and sustainable manner. Restitution:  Definition: The requirement to compensate victims or return ill-gotten gains as part of a legal settlement, often in compliance cases. Risk Assessment:  Definition: The process of identifying, evaluating, and prioritizing potential risks to an organization's compliance and operations. Risk Management:  Definition: The process of identifying, assessing, and mitigating risks to an organization's operations, finances, and reputation. Risk-Based Approach:  Definition: A method of compliance management that prioritizes resources based on the level of risk posed by specific activities or areas. Safeguarding:  Definition: Measures taken to protect individuals, assets, and information from harm or unauthorized access, essential for compliance. Sanctions:  Definition: Penalties or restrictions imposed by governments or international bodies to enforce compliance with specific regulations, often related to international trade or national security. Sarbanes-Oxley Act (SOX):  Definition: U.S. legislation that established accounting and reporting requirements for publicly traded companies to prevent corporate fraud. SEC Whistleblower Program:  Definition: A program established by the U.S. SEC that provides financial incentives and protections to individuals who report securities law violations. SEC:  Acronym: U.S. Securities and Exchange Commission. Definition: The regulatory agency responsible for overseeing securities markets and enforcing related regulations. Securities Fraud:  Definition: Deceptive practices in the buying or selling of securities, subject to securities law compliance. Security Clearance:  Definition: Authorization granted to individuals to access classified information, often subject to strict background checks and compliance. Security Incident:  Definition: An event that compromises the confidentiality, integrity, or availability of an organization's information or systems. Security Policy:  Definition: A documented set of rules, procedures, and guidelines for ensuring information security and compliance. Self-Regulatory Organization (SRO):  Definition: An organization that regulates its own industry members and members' compliance with industry standards. Sexual Harassment Policy:  Definition: A policy outlining measures to prevent and address sexual harassment in the workplace, subject to compliance requirements. Single Point of Contact (SPOC):  Definition: A designated individual or team responsible for managing compliance-related communications and inquiries. Social Engineering:  Definition: Manipulating individuals to disclose confidential information or perform actions that compromise security and compliance. Social Media Compliance:  Definition: Compliance with regulations and guidelines when using social media for business purposes. Social Responsibility:  Definition: An organization's commitment to ethical, sustainable, and socially beneficial practices. SOX 404 Compliance:  Definition: Compliance with Section 404 of the Sarbanes-Oxley Act, which requires the assessment and reporting of internal controls over financial reporting. Stakeholder Engagement:  Definition: Involving stakeholders in decision-making and dialogue, including discussions on ethical and compliance matters. Stress Testing:  Definition: Assessing an organization's financial resilience under adverse economic conditions, often required for regulatory compliance. Supervisory Control and Data Acquisition (SCADA):  Definition: A system for monitoring and controlling industrial processes, often critical for infrastructure compliance. Supply Chain Management:  Definition: The oversight and control of the processes, materials, and information involved in the production and distribution of goods, subject to compliance. System and Organization Controls (SOC):  Definition: Reports on controls at a service organization that may be relevant to user entities' internal control over financial reporting. Tax Compliance:  Definition: Adherence to tax laws and regulations, including accurate reporting and payment of taxes. Third-Party Audit:  Definition: An independent examination of a third-party organization's compliance with agreed-upon standards or requirements. Third-Party Due Diligence:  Definition: The process of assessing and monitoring the compliance and integrity of third-party vendors, suppliers, or partners. Third-Party Risk Assessment:  Definition: Evaluating and managing risks associated with third-party suppliers, vendors, and partners. Trade Compliance:  Definition: Adherence to laws and regulations governing international trade, including import and export controls, sanctions, and customs regulations. Trade Secret:  Definition: Confidential business information that provides a competitive advantage, subject to compliance with trade secret laws. Travel and Expense (T&E) Compliance:  Definition: Ensuring compliance with policies and regulations when employees incur travel and business expenses. UCC Filing:  Definition: The process of submitting a Uniform Commercial Code filing to establish security interests in personal property, subject to compliance with UCC regulations. Unclaimed Property:  Definition: Property, such as abandoned bank accounts and unclaimed dividends, that must be reported and remitted to state authorities as required by unclaimed property laws. United Nations Global Compact:  Definition: A voluntary initiative encouraging businesses to adopt sustainable and socially responsible policies. Vendor Code of Conduct:  Definition: A set of ethical and compliance guidelines that vendors and suppliers must adhere to when conducting business with an organization. Vendor Risk Management (VRM):  Definition: The process of assessing and mitigating risks associated with third-party vendors and suppliers. Voluntary Disclosure:  Definition: The act of voluntarily reporting compliance violations or irregularities to relevant authorities or regulators. Voluntary Self-Disclosure:  Definition: The act of an organization voluntarily reporting compliance violations to relevant authorities before they are discovered independently. Water Compliance:  Definition: Compliance with laws and regulations governing water quality, usage, and disposal. Whistleblower Protection:  Definition: Legal safeguards and mechanisms to protect employees who report wrongdoing within their organization from retaliation. Whistleblower:  Definition: An individual who reports illegal or unethical activities within an organization to authorities or management. Workplace Safety:  Definition: Compliance with laws and regulations that protect employees from hazards and ensure a safe working environment. Zero Tolerance Policy:  Definition: A policy that mandates strict consequences for specific behaviors, often related to compliance violations or ethical misconduct.

Just this topic

Dealing with an audit request

If you have an audit, legal or regulatory examination you can easily provide the requested data and here are the steps.Once you have logged into your MessageWatcher portal you will want to click on the Search tab. Enter the search criteria given by the auditor or examiner using the search options in the Search tab such as date range, senders, recipients, to/from domains, specific words, numbers or symbols, message type (email, social media, web pages, Slack, etc.) or any of the other options. Scroll down to the bottom of the box with the search criteria and click on the Export button.
You will get a box that shows the date range of the export, the file size, and the number of messages. You can use the Export Name box to type in a name for this file. Next hit the Export button. Screenshot below.
The export process will begin and can take from 1 seconds to a couple of minutes if the file is several GBs. In the box that pops up you can click on the Show Downloads or you can use the Exports tab to see the export file. In the exports tab, find the export file name you just created then click on the download icon. This will allow you to choose a folder on your computer into which the file will be saved.
To learn how to open the exported file in Microsoft Outlook please see the following help article - https://messagewatcher.com/support/how-do-i-import-a-messagewatcher-export-into-outlook You can email [email protected] to get help with any audit, examination or e-discovery request.

Just this topic

How do I activate archiving of Zoom SMS, voicemail and call logs?

To add archiving and flagging/monitoring for Zoom SMS, voicemails and call logs please follow these instructions.
  1. Click on your user name in the very bottom left corner.
  2. Click on the Services option.
  3. Toggle the Zoom button to the right to enable archiving of Zoom SMS, voicemails, and call logs.
  4. Click on the Yes button to confirm that you want to activate this service.
  5. Click on the Authorize button to proceed to the Zoom authorization steps which will include logging into your Zoom Phone/SMS account.
Add Zoom archiving services
Add Zoom services additional step.

Just this topic

How do I add a LinkedIn company page to an account that already has LinkedIn personal page archiving?

  1. Go to the Users tab.
  2. Click on All Users.
  3. Click on the name of the person who manages your organization's LinkedIn company page to edit their account.
  4. Click on the LinkedIn tab.
  5. Scroll down a bit and click on the Add Page button.
  6. If the LinkedIn account is already authorized for archiving click the “Edit” button under the Page Archive Information section to select the company page. Note – If the user has not yet authorized their LinkedIn account “No Page Selected” will be shown.  The user will be prompted to select their company page during the authorization process.
  7. Click on the Save button.
 

Just this topic

How do I add a new Administrator?

  1. Go to the Users tab.
  2. Click on the Add New User button under the column header Users.
  3. On the box that pops up you should enter the User’s name and their email address.
  4. If you don’t see the domain for their email address in the drop-down menu of available domains, you can click on the Add New Domain link to add the domain name.
  5. Click "Next" to continue.
  6. Click "Next" to skip "Step 2: Social Media Services".
  7. In "Step 3: Set Up Permissions" choose Account Administrator.
  8. Assign a login name and password for the new Administrator.
  9. Click "Add" to finish.
  10. You can have multiple Administrators on your account.

Just this topic

How do I add a new Reviewer?

  1. Go to the Users tab.
  2. Click on the Add New User button under the column header Users.
  3. On the box that pops up, you should enter the User's name and email address.
  4. If you don’t see the domain for their email address in the drop-down menu of available domains, you can click on the Add New Domain link to add the domain name.
  5. Click "Next"
  6. In "Step 2: Social Media Services," choose Next.
  7. In "Step 3: Setup Permissions," choose Reviewer.
  8. Assign a login name and password for the new Reviewer.
  9. Click "Add" to finish.
  10. You will then want to open that User's account in the User tab.
  11. Then click on Edit.
  12. Then, under the Group tab, you can drag the Group(s) under the "Group Reviewer" section to make this user a Group Reviewer for that Group or Groups.  In the example below, the user is a member of the Accounts Receivable group and is a reviewer for the San Diego Office.

Just this topic

How do I add a new user?

  1. You must have the account administrator role to add a new user.  You can first go to the Users tab.
  2. Click on the Add New User button.
  3. Type the user's name.
  4. Type the user's email address without @ and without the domain.
  5. Choose the domain from the drop down menu.  If the domain you want is not listed then use the Add Domain button to add a new domain name.
  6. Click Next.
  7. On the next screen you can choose which services to add for this user.  For example, you could enable YouTube like in the screenshot below.
  8. Next you can choose Archive Only, Reviewer (someone who can review emails for a specific group or groups), or Account Administrator.
  9. Choose the Group that this new user will belong to from the drop down menu.
  10. If the new user is a Group Reviewer select Group Reviewer otherwise leave this choice as Group Member.
  11. If the new user is a Group Reviewer or Account Administrator then they will need login credentials so type in the name you want them to use to log into the MessageWatcher portal.
  12. Provide a password.  The password can be changed by the user then they login or they can use the Forgot Password button on the MessageWatcher portal login screen.
  13. Confirm the password.
  14. The final step is to hit the Add button.

Just this topic

How do I add domains to my account?

    1. You must have the account administrator role permission to add services to your account.
    2. Select your user account preferences by selecting the user account icon located at the bottom of the menu barNext, select the "Domains" menu option.
    3. Enter the new domain name and click "Add Domain".
    4. Copy the DNS text record by selecting the copy link next to the new domain.  Add a new DNS text record to your domain using the text that was copied by following the steps below:

Go to https://www.whois.com/.

Click on “WHOIS” and enter your domain name in the box.

Then click the “SEARCH” button.

In the results, locate the nameserver to get the domain provider.

Log in to your domain provider control panel.

Locate the section for updating your DNS records—it could be Managed DNS, Name Server Management,  DNS Management, or Advanced Settings.

On the page, click the TXT record option and add the text for your DNS domain that you copied from the above step.

Save the settings and wait until they propagate. This can take a few minutes, up to 72 hours based on the "TTL" set on your domain record.

e. Click the "Verify" button to complete the addition of the new domain to your account.   Note: The domain will not be active in your account until it is verified using the DNS text record information shown on this page.  

Just this topic

How do I add groups?

  1. Click on the Groups tab.
  2. Click on the Add New Group button (below the title Groups).
  3. You will then see two tabs – Information and Users
  4. In the Information tab, choose a Name for your new Group.
  5. If applicable, drag surveillance policies from the Active Policies column to the Assigned Policies column.
  6. Click the Save button at the bottom of the section.
  7. Next, go to the User section of MessageWatcher, then click on the Group that you just added.
  8. Put checkmarks in the boxes next to the names of the people that you want in this new Group then click on Add to Group</strong

Just this topic

How do I add Instagram archiving to my account?

You will need to prepare your Instagram account for archiving, specifically you will need to do these two steps before your account can be archived.
  1. Please use the Instagram mobile app to prepare your account for archiving: Verify that your Instagram account is a business account. More on that can be found here – https://help.instagram.com/502981923235522
  2. Link your Instagram account to your Facebook business page. More on that can be found here – https://help.instagram.com/176235449218188.  Please note that you only need to link your Instagram account to your Facebook account.  You do not need to share Instagram to your Facebook page.
To enable social media services, you can always email [email protected] or you can enable the services in your portal using the steps in the screenshot below.
  1. Click on the Users tab.
  2. Click on All Users to find the user who would like Instagram archiving.
  3. Click on the box next to the person's name.
  4. Click on the Add Services button.
  5. Click on the Instagram box.
  6. Click Add.

Just this topic

How do I add new services?

    1. You must have the account administrator role permission to add services to your account.
    2. Select your user account preferences by selecting the user account icon located at the bottom of the menu bar.
    3. Click on the Services menu item.
    4. To enable a new service, toggle it on by selecting it from the available services in your account.  Note: Enabling RingCentral or Zoom requires that you authorize your account when you are prompted.
    5. After enabling any additional services in your account you may add these services to existing or new users to start archiving content.
 

Just this topic

How do I add services for users?

  1. Go to the Users menu item.
  2. Select the user account(s) that you would like to add services to.
  3. Select the "Add Services" button.
  4. Select each service that you would like to add to your selected user(s).  Note: Only services that have been enabled in your account can be added on this screen.
  5. Select "Add" to add the requested services to your selected user(s) to complete the process.
  6. You may edit a user to view the new service or to send the user an authorization link.   Note: All new services require that the user authorize the service before archiving can start.  Please see the following article for steps to authorize an account: https://messagewatcher.com/product-support/how-do-i-authorize-a-social-media-service/

Just this topic

How do I add users?

    1. Go to the Users tab.
    2. Click on the Add New User button under the column header Users.
    3. On the box that pops up you should enter the User’s name and their email address.
    4. If you don’t see the domain for their email address in the drop-down menu of available domains, you can click on the Add New Domain link to add the domain name.
    5. Step 2 lets you add social media for the new user, select one or more of the optional social media services if archiving is needed.
    6. Step 3 lets you choose the new user’s permission level, please see the table below to learn about the different permission levels.  If the user will not need to logon to the compliance portal the default permission "Archive Only" is recommended.

Just this topic

How do I archive Instagram Stories?

To archive Instagram stories, your Instagram account must be currently linked to an existing Facebook business page, and both pages must be added to your MessageWatcher archiving services.
When creating a new story please post it to your Facebook business page. This will allow it to be archived with your Facebook posts. It will also preserve the story past the 24hr expiration and will provide an audit history for compliance purposes. After adding a story to our Instagram account, you may select the option to "Share as Post..." as shown below when using the mobile app. When prompted please select the Facebook option as shown before using the “Share” button to save it to your Facebook business page. This will allow your story to be archived along with your other Facebook/Instagram content within MessageWatcher.

Just this topic

How do I archive only specific user accounts if I am using Google Workspace?

When following the instructions for Google Workspace, you can make the below adjustment to only archive select mailboxes if required. G Suite setting to archive only specific mailboxes using the routing rule: Please follow the steps provided in the instructions you received from MessageWatcher, then you can make an adjustment to select only specific mailboxes to be archived (by default the rule will archive all mailboxes).  In the Routing section you should see the rule for MessageWatcher.  This is the rule that determines what emails are archived. You can edit the rule and scroll to the bottom and select the “Use address lists to bypass or control application of this setting” option, and also select the “Only apply this setting for specific addresses/domains” option and enter your addresses that you would like to archive.
Finally save the rule.  Only the selected email accounts will now be archived.

Just this topic

How do I assign policies so content starts getting flagged?

We use the term 'rules' for word or phrases that are contained in Policies.  These Rules cause content to get flagged in MessageWatcher if they appear. To flag messages that contain those Rules the Policies must be applied to a User or to a Group (a Group is a list of all or a subset of employees). The Groups tab lets you click on a specific Group then you can see which Policies have been applied to a Group on the Information tab. You can drag polices between the Available Policies (ones you aren’t using) and the Assigned Policies column. The Users tab lists your employees assigned to that Group.
Screenshot showing how to apply or remove policies from a group.
To find the list of words that get flagged you can go to Policies, click on the policy that you are interested in, then click on the tab that says "Rules". This will show the list of words words that will cause messages to be flagged.  Please see the screenshot below.
Screenshot of how to view rules in a given policy.

Just this topic

How do I authorize a social media service for archiving?

    1. Note: All new services require that the user authorize the service before archiving can start.
    2. Go to the Users menu item.
    3. Select the user account that you would like to authorize.
    4. Select the new service from the user edit screen top menu. (this can be Twitter, LinkedIn, Facebook or YouTube).  In this example, we will select LinkedIn.
    5. If the new service is for yourself you may click the authorization link shown and follow the prompts to authorize us to archive your social account.
    6. If the new service is owned by another user, you may use the "Send Authorization Link" to compose an email to send to the user to request their authorization.
    7. After the new social service is authorized by the owner of the account, archiving will start the next day.

Just this topic

How do I authorize MessageWatcher to archive my YouTube content?

Archiving YouTube

Your Google YouTube data will be accessed and stored in your private MessageWatcher account and is retained for compliance purposes along with your other electronic communications. This data is only available to you and is never shared with any third party or used for serving advertisements. Your Google data will be retained for the duration of your specified retention period and will be deleted upon account closure. Upon authorization of your Google account we will access and store your YouTube channel name, description, video count, view count, subscriber count, featured channels and playlist names. We also access and store your channel discussion if you have it enabled. Additionally, we access and store your YouTube video titles, descriptions, publish dates and thumbnail images along with all comments made on the videos by yourself and others. Please authorize your YouTube channel by using the link that was sent to you from our support team. If you did not receive the link please navigate to your user account in your MessageWatcher portal and select the “YouTube” link on the top menu bar of the user dialog screen. Note, each user that archives a YouTube channel will have their own unique link to authorize our application for archiving. If you do not see the “YouTube” menu item in your user account, please contact MessageWatcher support and request that your YouTube channel be added to your account.

YouTube Archive

  1. Click on the Users tab
  2. Click on the YouTube in the list of groups of users
  3. Click on the User's name
  4. Click on the YouTube tab which is to the right portion of the tabs
  5. Select the “YouTube Authorization” link to start the authorization process. Please note that you will be asked to log onto the Google/YouTube account that manages your channel. MessageWatcher does not store your Google account logon information.
You will be prompted to “Sign in with Google”, please enter your YouTube account/password to continue.  Please note that MessageWatcher does not store your Google logon information.
Please allow the default permissions to your account, and select “Allow” to continue. After authorization is complete you should see a “Success” message indicating that you have completed the authorization process to archive your YouTube channel.
Please note that we archive your channel nightly so you will see your channel information in the archive the following business day.

Just this topic

How do I change my POP journal settings?

Log onto your MessageWatcher archive portal as the account administrator.  Select the "Config" tab.  There, you can set your server ip/hostname, username and password.  You also have the ability to test your connection to verify that it is working.

Just this topic

How do I change notification frequency?

  1. You must have the account administrator role to receive daily or weekly notifications.  This is the report that gets emailed to an administrator so they can see if volumes of email, social media, etc. are in line with their expectations.  You can first go to the Users tab.
  2. Click on Account Administrators.
  3. Click on the user's name.
  4. In the upper right, click on the Preferences tab.
  5. Scroll down to the Message Usage Notifications section.
  6. Choose None, Daily or Weekly to match how often you would like this admin to receive the reports.
  7. Choose what time of day the report will be emailed.
  8. Choose whether or not to have the admin receive reports on the weekend.
  9. Click Save.
 

Just this topic

How do I change the frequency of the Daily Archive Summary report?

If you would like to setup or change when you receive emails from MessageWatcher with details about how many emails, web pages, social media posts, etc. were archived in your account then follow these steps.
  1. Go to the very bottom left of the MessageWatcher portal screen then click on your user profile.
  2. Click on Preferences.
  3. Scroll down to the Message Usage Notification section.
  4. In the Schedule dropdown menu you can choose to receive the reports Daily, Weekly, or not at all (None).
  5. If you choose Weekly then choose the day of the week.
  6. Choose the time of day that you would like to receive the summary report in an email.
  7. Hit the Save button.
 

Just this topic

How do I convert files that I have downloaded from the archive to Outlook PST format?

Emails are saved in a standard RFC 822 EML format as they are received from the customer's email server.  This includes all headers and attachments as they were in the original, raw email.  We also offer the ability to download from the Search tab to an Outlook PST format which you can then import as a folder into Outlook.  The Export button is at the bottom of the Search Filters (below Date Range, Addresses, Message Type, Mail Nature, Randomize... all the way at the bottom of that section.)
.

Just this topic

How do I create a folder and add emails into a folder?

  1. Along the left menu bar click on Folders –
  2. Click on the Add New Folder button toward the top of the page.
  1. Choose a name for this folder (do not user a folder name that already exists).
  2. Place restrictions on the level of user who can access your folder.
  3. Choose the types of activities users who can access the folder can do. For instance, the first check box lets you determine if users can delete this new folder.
  4. Hit the Add button to finish.
  1. To move emails, tweets, web pages, etc. into a folder, you can click on the folder icon at the bottom of the message viewing box.
  1. To move multiple files to a folder at one time you can go to the Search tab, run your search then check the boxes by the messages you would like to move.  Or you can click the box above the checkboxes to highlight all of your search results.  Next hit the Add To Folder button.  See steps below.

Just this topic

How do I create policies?

  1. Choose Policies from the left menu.
  2. Click on the Add New Policy
  3. Choose a name for your new Policy and type it in the Policy Name
  4. Choose which type of policy this new policy will be from the available list
    1. Standard Policy
    2. Sender Domain Policy – flags content sent from specific domains, for instance, any email from SEC.gov
    3. Recipient Domain Policy – flags content sent to a domain, for example, any message sent to NCAA.org would get flagged as policy violations.
    4. Sender And Recipient Domain Policy – flags content to or from domains that you name, for instance any email to or from FBI.gov would get flagged as policy violations.
    5. Encrypted Password Protection Policy – flags emails with password protected or encrypted files.
    6. Attachment Policy – flags messages with attachments. An example of when this would be useful is if you wanted to use a policy to monitor specific users to make sure they were not sending confidential files to their personal email account.
    7. Whitelist Sender Email Policy – this policy type lets you create a list of senders for whom you do not want to flag email. For instance, [email protected]
    8. Whitelist Sender Domain Policy – with this policy you can create a list of domains from which you do not want to flag emails. An example might be, amazon.com
    9. Website Modified Policy – this policy type allows you to flag an instance when one of your web pages is changed, added, or removed.
    10. Website External Policy – with this policy type enabled you will flag any web page that has a link to an external website.
    11. Website Mandatory URL Policy – this policy type is useful if you are required to have a link to FINRA.org, SEC.gov or any other link on your website. MessageWatcher can flag web pages that do not have the link that they should have.
    12. Machine Learning Policy – this policy type is used if you are using our optional Machine Learning service which helps look at things like, employee sentiment, possible theft, unusual activity, off-hours activity and more.
  5. You can choose to duplicate an existing policy by choosing it from the drop down list under Copy Existing Rules if it will save you time or you can leave it as the default of Do Not Duplicate which means the new policy will not have any rules in it until you add rules to the policy.
  6. Under the Message Nature title, you can choose which types of communication you want to flag when rules in this new policy are violated. Inbound refers to messages coming in from outside servers or users, Internal is communication between your users and Outbound is communication from your users to outside domains.
  7. Click on the box next to Email Notification if you would like to be notified when there is a policy violation for this new policy.
  8. In the Additional Notification Address(es) box you can type the email addresses of others that you would like to have receive a notification anytime this policy is violated.

Just this topic

How do I delete a saved search?

Click on the Search tab (magnifying glass icon), then click on the box below the title Saved Searches.  Then, next to the saved search that you would like to delete, click on the trashcan icon. How to delete a compliance search that you have saved.

Just this topic

How do I delete a user or group from the MessageWatcher system?

For compliance reasons, you cannot delete any item within the archive system.  However, you can set the user account to “Inactive” status by editing the user account.  Select the “Users” icon from the menu bar and select the user account.  Next, set the radio button for “Is Active” to “No” and click “Save”.

Just this topic

How do I disable a rule?

If you would like to keep using a Policy but would like to disable one or more of the rules in the policy:
  1. Click on the Policies tab
  2. Choose the policy with the rule that you would like to disable
  3. Click on the Rules tab.
  4. Find the rule (the word or phrase) then click the green Active button to the left of the rule to be given the choice of disabling that rule.
For example, in the image below you can see the places to click to disable the word “attorney”.

Just this topic

How do I exclude a phrase from being flagged?

To add an “exclude” rule you will want to follow the steps in the screenshot below. The key is to use the “Rule Modifier” of “(-) Exclude” so any policy violation in the excluded phrase is ignored.
  1. Click on Policies
  2. Click on the Policy where you are seeing flagged messages that should be ignored.
  3. Click on the Rules tab
  4. Click on the “+ Add Rule” button
  5. Type in a Rule Name, usually the actual phrase or you could type something like “New Exclude Rule”
  6. Choose the Exclude modifier.
  7. Type in the phrase that is getting flagged, like “not guarantee” because “guarantee” is supposed to get flagged. This way if “guarantee” shows up in “not guarantee” then it will not get flagged.
  8. Click on the Add button.
 

Just this topic

How do I export a policy word list?

  1. To export a list of the words or phrases in apolicy first go to the Reports tab.
  2. Click on the Date Range you would like.
  3. Choose the policy that you would like.  The words and phrases ("Rules") for this policy will show up in the report along with the number of times the Rule was violated in the date range you chose in step 2.
  4. Click the Run Report button.
  5. Click on the Download Excel File button.  Then you can save it to your computer.
[caption id="attachment_1960" align="alignnone" width="863"]Steps to export list of words or phrases in a policy. Screenshot of steps to export words in policy.[/caption]

Just this topic

How do I export or download all client emails?

  1. Go to the Search tab.
  2. Enter a date range beginning date.
  3. Enter the date range ending date.
  4. Click on the + button next to "Addresses."
  5. Paste your clients' email addresses, separated by commas into the box under the "Include from any of these addresses" text.  For example, [email protected], [email protected].
  6. Click on OR so you can get emails to or from your client list.  If you choose and you will only get emails that are to and from clients, for example, one client emailing you and another client at the same time.
  7. Paste your clients' email addresses, separated by commas into the box under the "Include to any of these addresses" text.
  8. Click on the Apply button.
  9. Choose Email from the Message Type dropdown menu.  You can also include Instagram, LinkedIn, etc. if you want those items included.
  10. Scroll down in the Filter area to the very bottom where you will see Export Only Options.  Choose Outlook PST if you would like to be able to open or deliver the export in a format that can be opened in Microsoft Outlook.  Choose EML if you would like to export the data in a .eml format. This is the preferred export format for attorneys. where you can then click on the Export button.  Follow the prompts to name your file then save it.
  11. Your saved export file will show up in the Exports tab where you can click on the download icon to download the file, once it has finished being created.
 

Just this topic

How do I export or download content?

  1. Go to the Search tab
  2. Enter a date range and any other criteria that you have for the export.
  3. Choose any other criteria such as Message Type, Addresses (Senders and/or Recipients), etc.
      1. At the bottom of the column with the search criteria you will see Export Only Options
        1. Choose Outlook PST if you would like to be able to open or deliver the export in a format that can be opened in Microsoft Outlook.
        2. Choose EML if you would like to export the data in a .eml format. This is the preferred export format for attorneys.
      1. Click on the Export button
The exports will then show up in the Exports section of your MessageWatcher portal.

Just this topic

How do I find changes to a website

If you know what change or page and date you are looking for then go to the Search tab, choose the date range and other criteria, then pick Website from the Message Type dropdown menu then hit Run.
To see the specific pages that have changed, you can run the report Website Page Report for the date range in question (like the last 3 months).   This will show only the pages that have changed.
Alternatively if you want to see your entire site with the date of the last changes, run the report Website Reportfor the same time period, then select the website name link on the date in question. For example, if I select the website name link on the 7/30/2019 archive date:
You will then see the page(s) that were archived. If you then select any page or the manifest you will see the button “Snapshot”, if you press that you will then see your entire site showing all pages, the date the page was changed and you can view or export the pages on that date.

Just this topic

How do I find my RingCentral content?

RingCentral messages, call logs, faxes and voicemail messages can be easily searched, viewed or downloaded in the MessageWatcher portal. These messages include call log detail showing in/outbound calls from each phone, SMS messages sent/received by each phone, incoming and outgoings faxes and audio voice-mail recordings from each phone. RingCentral messages are integrated into your compliance portal so you have a single interface to review all electronic communications for your firm. To search for your RingCentral text messages (SMS), faxes, voicemails, and/or call logs you can go the Search tab, choose your date range from the date range calendar boxes, or you can type in the dates, then in the Message Type dropdown box choose "RingCentral".  Then click on the "Run" button above and to the right of the date boxes.

Just this topic

How do I find my RingCentral settings?

Your RingCentral account can be easily integrated with MessageWatcher for archiving call logs, faxes, SMS messages, and voicemails. You can view the status of your RingCentral account within MessageWatcher and easily authorize us to archive one or more of your phones. You can view the status of your RingCentral archiving within your MessageWatcher portal by clicking on Users choosing the Ring Central user then clicking on that account. Next, click on the Edit button to view the settings like phone number, associated employee name, associated email address and more.

Just this topic

How do I find the lists of words and phrases that get flagged?

To find the list of words that get flagged you can go to Policies, click on the policy that you are interested in, then click on the tab that says "Rules". This will show the list of words words that will cause messages to be flagged.  Please see the screenshot below.
Screenshot of how to view rules in a given policy.
We use the term 'rules' for word or phrases that are contained in Policies.  These Rules cause content to get flagged in MessageWatcher if they appear. To flag messages that contain those Rules the Policies must be applied to a User or to a Group (a Group is a list of all or a subset of employees). The Groups tab lets you click on a specific Group then you can see which Policies have been applied to a Group on the Information tab. You can drag polices between the Available Policies (ones you aren’t using) and the Assigned Policies column. The Users tab lists your employees assigned to that Group.
Screenshot showing how to apply or remove policies from a group.

Just this topic

How do I get my personal LinkedIn content archived?

MessageWatcher is a LinkedIn Compliance Partner so all you need to do is send an email to [email protected] with the name and email address of the person whose account should be archived.

Just this topic

How do I import a MessageWatcher export into Outlook?

Once you have used the Export button in the MessageWatcher Search screen to download/export content, you will be able to go to the Exports section of MessageWatcher to see the download/export. In the Export tab you will see that file with the name you chose. In the example below we chose “Demo export” as the file name. Click on the download icon, next to the trash icon, to put that file onto your computer (the file shows up in the bottom left corner of your browser).
Remember that folder because you will need to go to that folder in the next steps which are about importing that folder into Outlook. You can remind yourself of the folder by right clicking on that new file and select "Show in Folder"
Open Microsoft Outlook Click on File
Click on Open & Export
Open the folder into which you downloaded the Export file from MessageWatcher.
After you import the file the emails will be in a folder named Archive and show up in Outlook with your other folders like Trash and Junk.

Just this topic

How do I import old emails into the email archive?

Please contact us for this optional service. Messages can be imported into the MessageWatcher archive using many standard formats (Outlook PST files or EML files). This is a fee-based service.

Just this topic

How do I log into MessageWatcher?

  • 1-3 days after you signed up for the MessageWatcher service you received a welcome email with a link to your online MessageWatcher portal.
  • If you read through that email you will see a link to your portal, along with your username, password and a link to an online tutorial.

Just this topic

How do I prevent a disclaimer from causing policy violations?

If you have a disclaimer that contains a word or words that you flag as policy violations then you will want to create a new "exclude" rule to prevent words in the disclaimer from being flagged.
  1. Click on the Policies tab
  2. Choose the Policy (group of rules) that contains the rule causing the word or phrase in the disclaimer to get flagged.  That is, if want to exclude "warning" from getting flagged in your MessageWatcher portal then in this step you will want to choose the Policy that contains "warning" as a rule.
  3. Click on the Rules tab
  4. Click on the “+ Add Rule” button
  5. Name your new rule
  6. Choose “(-) Exclude” from the Rule Modifier dropdown menu
  7. In the Rule Phrase box paste the relevant portion of the disclaimer, be sure to include the word(s) that were violated. We recommend adding a few words before and after the violated phrase to be sure it will only exclude your disclaimer.
  8. Click on the Add button

Just this topic

How do I provide archived items for an audit or examination?

Once you have logged into your MessageWatcher portal you will want to click on the Search tab. Enter the search criteria given by the auditor or examiner using the search options in the Search tab such as date range, senders, recipients, to/from domains, specific words, numbers or symbols, message type (email, social media, web pages, Slack, etc.) or any of the other options. Scroll down to the bottom of the box with the search criteria and click on the Export button.
You will get a box that shows the date range of the export, the file size, and the number of messages. You can use the Export Name box to type in a name for this file. Next hit the Export button. Screenshot below.
The export process will begin and can take from 1 second to a couple of minutes if the file is several GBs. In the box that pops up you can click on the Show Downloads or you can use the Exports tab to see the export file. In the exports tab, find the export file name you just created then click on the download icon. This will allow you to choose a folder on your computer into which the file will be saved.
To learn how to open the exported file in Microsoft Outlook please see the following help article - How do I Import a MessageWatcher Export into Outlook You can email [email protected] to get help with any audit, examination or e-discovery request.

Just this topic

How do I reduce the number of false positive policy violations?

You will want to make sure that you are whitelisting domains and senders so that you are not flagging policy violations in common newsletters, market updates, e-commerce marketing, etc.  This can be done while reviewing a message by clicking on the ‘W’ icon at the bottom of the review box.
You can also modify your policies so that inbound emails are ignored for specific policies.  You can do this in the Policies tab by choosing the policy that you want to modify then uncheck the box next to “Inbound”, then click on “Save”.

Just this topic

How do I remove journaling for Microsoft 365 ?

Please see below for steps to remove the journaling configuration in your Office 365 account. Step 1 – Login to your Microsoft 365 Purview admin center using your Microsoft 365 admin account at: https://compliance.microsoft.com Select, the “Data lifecycle management” (1) to expand the menu, select the “Exchange (legacy) menu item (2), select the “Journal rules” settings on the top menu bar (3).
Step 2: Select the journaling rule that you added for MessageWatcher (1), then select the “Delete” icon (2) to remove the rule. Click “Delete” when asked to confirm. This will stop the email journaling that was used for archiving your emails.

Just this topic

How do I remove the journaling rule for Google Workspace?

Please follow the steps below to remove journaling for your Google email. Logon to your Google Workspace admin website, https://admin.google.com/ then from the Home page, select Apps.
From the menu bar, select Google Workspace, then select Gmail:
Scroll to the bottom of the Gmail page and select “Routing”:
Delete the “MessageWatcher” Routing rule as shown below.  After removing the MessageWatcher routing rule this will stop sending copies of your emails to MessageWatcher for archiving.

Just this topic

How do I retrieve an email from the archive to give to a user or my legal counsel?

You can retrieve any email from the system by performing a search within MessageWatcher.  Select the “Search” menu bar item, enter your criteria for finding messages, then select the “Search” button.  The messages will be displayed in your browser.  By selecting any of the items, you can print, reply, forward, or download to your desktop.   Note: downloaded messages are saved in EML format which is the “raw” or original format of the email as it was received from your server.  This EML format usually requires conversion before it can be displayed in an email client, such as Outlook.

Just this topic

How do I review policy violations?

  1. Along the left menu click on the Flag icon (Message Review)
  2. See Message Review section in the main body of this reference.
  3. You can then click on the messages to view the message content.
  4. When viewing the item the gray box at the top will indicate which policy and which rule caused the violation (flag).
  5. If you click on the down arrow at the far right of the gray Policy Violation box it will display the violation with 5-10 words before and after the rule violation to show you the context of the issue. This will hopefully save you time in reviewing your policy violations.
  6. Policy violations will also be highlighted in light blue throughout the message if you would like to read through the entire message.

Just this topic

How do I review the emails that are archived?

Using the URL and logon supplied with your Welcome Email, log onto MessageWatcher and select the “Search” page.  On this page, you can select the date ranges, sender, recipient, or message contents to find your message.  Note that entering more criteria will result in a more defined return on your search results.

Just this topic

How do I search for email?

  1. Go to the Dashboard by clicking on Dashboard link in the upper left of the screen.
  2. Scroll to the bottom of the right section of the page then click on Mail
  3. Or, go to the Search
  4. Enter a date range and any other criteria that you have.
  5. In the Message Type dropdown menu choose Mail.

Just this topic

How do I search for Facebook content?

  1. Go to the Dashboard
  2. Scroll to the bottom of the right section of the page then click on Facebook
  3. Or, go to the Search
  4. Enter a date range and any other criteria that you have
  5. In the Message Type dropdown menu choose Facebook.

Just this topic

How do I search for Instagram content?

In MessageWatcher, go to the Search tab, choose the date range that you would like, along with any other criteria.  Then, in the Message Type dropdown menu choose Facebook / Instagram.  Because Facebook owns Instagram, they bundle these files.
  1. Click on the Search option
  2. Choose your date range
  3. Choose Facebook / Instagram from the Message Type dropdown menu

Just this topic

How do I search for LinkedIn content?

  1. Go to the Dashboard
  2. Scroll to the bottom of the right section of the page then click on LinkedIn
  3. Or, go to the Search
  4. Enter a date range and any other criteria that you have.
  5. In the Message Type dropdown menu choose LinkedIn.

Just this topic

How do I search for web pages?

  1. Go to the Dashboard
  2. Scroll to the bottom of the right section of the page then click on Website
  3. Or, go to the Search
  4. Enter a date range and any other criteria that you have.
  5. In the Message Type dropdown menu choose Website.

Just this topic

How do I send a reauthorization link for social media archiving?

  1. Go to the Users tab.
  2. Click on the User whose accounts need authorization or reauthorization for archiving purposes.
  3. Click on the Facebook (LinkedIn, YouTube, or Twitter) tab.
  4. Scroll down a bit and click on the Send Authorization button.
  5. You will then see an email that is ready to send.  It will contain the authorization link for that User for the chosen social media platform.
 

Just this topic

How do I setup 2FA (two factor authentication, multi-factor authentication)?

  1. Go to the very bottom left of the MessageWatcher portal screen then click on your user profile.
  2. Click on Preferences.
  3. Click on the Two Factor Authentication dropdown menu.
  4. Choose to be sent your authentication codes via text or email.
  5. Click on the Save button.
 

Just this topic

How do I setup Random Review?

To set up random review please click on the user icon in the bottom left corner to access the preferences.  Next click on Random Review.  From there you will see a screen with fields for your Random Review settings.  You can change the number of months shown in your Random Review tab, then you can configure the percentage of emails, social media posts, web page updates, etc. using the boxes to type in your desired percentages.  For example, you can choose to review 0.5% of internal communications and 2% of outbound communications.  Once you have adjusted things to your liking you will need to click on the Save button.  

Just this topic

How do I stop LastPass from changing the login name when adding or editing users?

The below steps will show how to update the LastPass browser extension and edit the setting to prevent LastPass from updating form fields that have existing data.  This will allow you to use LastPass for your own login but will prevent it from updating login name/passwords when editing or adding users in our compliance portal.
Please follow the steps below if you are using Mozilla Firefox or Google Chrome. Mozilla Firefox: From the Firefox menu (three bars) select: Add-ons and Themes, select Extensions, then select the three dots by the LastPass extension to access the Preferences. Google Chrome: Step 1 - From the Chrome menu (three dots) select: Extensions, Manage Extensions, then click the “Details” button on LastPass extension. Google Chrome Step 2 - Select “Extension Options” for LastPass.

Edit LastPass Preferences:

In the LastPass preferences, select the General menu (1).

Scroll to the bottom of the preferences and select “Don’t overwrite fields that are already filled” (2).

Click “Save” to save your change.

  LassPass will no longer change fields in our compliance portal that already have data in them.   This will allow you to add/edit user accounts in the MessageWatcher portal without having LastPass change the login name, email address or password.   Note, you will still be able to use LastPass for filling your own login, but for fields that already have data LastPass won’t overwrite them.

Just this topic

How do I update my Password?

To change your password please log into MessageWatcher, at the very bottom left click on your user name (in this screenshot our user name is Account Administrator), then click on Account Settings, then type in your temporary password in the Current Password box then type in your new password, confirm the password then hit Save.  You can also use the Generate Password button to have MessageWatcher create a random password for you.

Just this topic

How do I verify that MessageWatcher is archiving my content?

  1. Log into your MessageWatcher portal.
  2. One way is to go the Dashboard then go to the bottom left and click on All Messages
  3. Or, along the left side of the screen you will see a magnifying glass / Search button, click on that.
  4. In the Filter column/box, choose your date range.
  5. Scroll down then in the Message Type box choose which type of content you would like to search for or All Message Types

Just this topic

How to download content?

  1. Go to the Search tab
  2. Enter a date range and any other criteria that you have for the export.
  3. Choose any other criteria such as Message Type, Addresses (Senders and/or Recipients), etc.
      1. At the bottom of the column with the search criteria you will see Export Only Options
        1. Choose Outlook PST if you would like to be able to open or deliver the export in a format that can be opened in Microsoft Outlook.
        2. Choose EML if you would like to export the data in a .eml format. This is the preferred export format for attorneys.
      1. Click on the Export button
The exports will then show up in the Exports section of your MessageWatcher portal.

Just this topic

How to manage Zoom phones with MessageWatcher integration

After authorizing your Zoom account with MessageWatcher you may utilize our compliance portal to manage your Zoom phone archiving.Note, you will need to assign each phone number to a user within our portal to archive it. The final step to start archiving your Zoom phone numbers is to assign each phone number to a user within our compliance portal. Logon to your MessageWatcher compliance portal to complete the following steps.
  1. Select the "Users" menu item
  2. Select the "Zoom Account" that is shown,
  3. Select the Zoom User Account
  4. Select the "Zoom" top menu link as shown below.
To assign your phone numbers to users in our compliance portal please complete the following steps.
  1. Select the Edit icon next to the "Associated Name"
  2. Using the drop-down list select the user that is assigned to the Zoom phone number listed.
  3. Select the "Update" button to complete the assignment.
Note – Please repeat this process for all unassigned phone number listed if you would like to archive the phone number shown.

Just this topic

I am new to MessageWatcher and don’t have a logon to the MessageWatcher service. How can I gain access to the system?

Using the URL and logon supplied with your Welcome Email, logon to MessageWatcher and select the "Search" page. On this page, you can select the date ranges, sender, recipient, or message contents to find your message. Note that entering more criteria will result in a more defined return on your search results.

Just this topic

I am unable to create more Exports.

MessageWatcher is set up to allow 3 exports per day, with 60,000 records per export.  This allows you to get 1.2 million records per workweek.  To create a new export if you already have four listed you must delete one of the existing exports.
  1. Click on the Exports tab
  2. Highlight one or more previous exports.
  3. Click on the delete (trash can) icon to remove that export file.

Just this topic

I changed email hosting providers; do I need to change anything to keep archiving my email?

Yes, any change in email hosting provider does require you to re-setup journaling with us for archiving your emails. Please contact [email protected] if you need assistance.   Please note that you must be using a business class email provider like Google G Suite or Microsoft Office 365 that supports journaling of emails.

Just this topic

I don't see any results when I search.

  1. Make sure your search criteria match what you are looking for
  2. In the Addresses box (Search by Address) checking the AND button means the emails comes from AND goes to the same sender or senders which occurs much less frequently.
  3. Did you reauthorize your social media accounts when you received a request to do so?
  4. If none of the above help please contact [email protected] so we can make sure your account is configured correctly.

Just this topic

I forgot my password

  1. When you go to your login page you will see a Forgot Password Click on that.
  2. Type in your email address then hit the Send New Password button
  3. Since the email goes out right away please check your spam filter for an email from no-re[email protected] then please whitelist this email address.
  4. If the message is not in your spam filter please email [email protected] to request a password reset.

Just this topic

I have forgotten my user name or password for the MessageWatcher archive portal. How can I reset it?

By selecting the “Forgot Password?” link on the Login page, you will be prompted for your email address. If your email address is valid, a new random password will be sent to the email account that you specified. Please note that accounts must be active in the system in order to access the account. If the administrator has disabled a login, the previous or new password for that account will not work.

Just this topic

I used the password reset link in my MessageWatcher portal but did not receive a way to reset my password.

Please allow up to 2 minutes. Also, please verify that your spam filter whitelist settings have [email protected] as an approved email address. This is the address MessageWatcher’s password reset emails come from.

Just this topic

MessageWatcher is not archiving LinkedIn, Facebook, Twitter, email, or a website for my account.

  1. Did you request the service on your initial order form, send an email to request the service, or use the https://messagewatcher.com/request-services/ to let us know you wanted this archived?
  2. Did you reauthorize the archiving of this service when a reauthorization request was sent? Social media platforms require reauthorization so services can’t access your content indefinitely.
  3. If yes to both of the questions above please email [email protected] with details.

Just this topic

Meta Threads Archiving Availability

Meta released Threads as an alternative to Twitter in July 2023.   As of November 2023 Meta has not yet released an API for developers to access the Threads platform so it is not yet supported for archiving in your MessageWatcher account.   MessageWatcher is a Facebook development partner and we intend to add support for the Threads platform when a public API is made available so that our customers may archive Threads accounts used for business communications.   We will update this page as more information is made available to us. As this article in Social Media Today points out, Meta is working on an API.  https://www.socialmediatoday.com/news/threads-developing-api-though-remains-wary-influence-news-content/698131/  

Just this topic

Need help with Third-Party or Vendor Due Diligence documentation?

  1. In your MessageWatcher portal click on your user name in the the very bottom left corner.
  2. Click on the Support tab.
  3. Click on the "Download MW Due Diligence PDF"
 

Just this topic

The policy violations are not getting flagged.

  1. Verify that you applied that policy to the Group(s) that need to be monitored by clicking on the Groups button, click on the Group that should have the policy applied to it, then you can drag policies from the Available Polices which are not being used, to the Assigned Policies column.  The Assigned Polices are active for that Group.  Then scroll down and click on the Save button.
  1. Make sure you created the policy and the rules in that policy – Along the left side of the screen click on Policies, choose the policy name, click on the Rules tab to see the list of rules.  You can use the "+ Add Rule" button if you would like to add a Rule.
  1. Click on Policies along the left then choose the Policy you are interested in looking at.  Next, under the Information tab look at the Message Nature section to make sure you are setup to look at what you want, like InboundOutbound, etc.  Then click on the Save button.

Just this topic

We just hired a new employee. What steps are required to start archiving their emails?

Log onto the MessageWatcher application and select the “Users” menu item.  Select the “Add User” link in the top right corner of the screen.  Next, enter the employee’s full name and primary email address.  (You can add more aliases later by editing the account.)  Select the user permission “Standard Account” for archive and review. Enter a username and password and click “Forward” and “Apply” to finish creating the user. You can edit the user to add additional email aliases. (All aliases need to be added if you need to archive them.)  Verify that the user account is set to “Active” and “Archive” enabled. Note: all of the email that is routed through MessageWatcher is archived, regardless of whether a user account is created or not.  The purpose of creating a user account within MessageWatcher is to enable the administrator to give permissions to the user and to pull user-based reports.

Just this topic

What is my URL to logon to the MessageWatcher email archive system?

Refer to your Welcome Kit letter; it includes your logon and URL for accessing your email archives.

Just this topic

What is the largest size email that can be archived?

The default limit is 250MB. If an email exceeds this limit, it will not be archived.

Just this topic

Why should my organization archive and flag content in employees' personal LinkedIn accounts?

While some employers are hesitant to monitor their employees’ personal social media accounts it not an option for investment advisors who are using their personal accounts to offer advice or to advertise their investment services. While some laws, like the state of Washington’s Revised Code of Washington 49.44.200, https://apps.leg.wa.gov/rcw/default.aspx?cite=49.44.200, restrict some employer access of employees’ personal social networking accounts here are some potential reasons why an investment advisor may choose to monitor and archive their employees' personal LinkedIn accounts. Firstly, investment firms have a duty to comply with various legal and regulatory requirements. Depending on the jurisdiction, certain securities laws may require firms to monitor the activities of their employees to ensure that they are not engaging in any fraudulent or illegal activities, such as insider trading. In addition, regulators may require firms to monitor employee communications, including social media accounts, to ensure compliance with rules related to advertising, record-keeping, and communications with clients. Secondly, investment advisors may want to monitor their employees' LinkedIn accounts to protect the firm's reputation and brand. Employees who post inappropriate or controversial content on their personal social media accounts can damage the reputation of the firm they work for. Monitoring employees' LinkedIn accounts can help the firm detect and address any potential reputational risks before they escalate. Flagging profanity is one such example. Finally, monitoring employees' LinkedIn accounts can also help investment firms identify potential business opportunities or risks. Employees who are actively engaged on LinkedIn may have access to valuable market information, industry trends, or potential business leads. By monitoring their employees' LinkedIn activity, investment advisors can gain insights that could be beneficial to the firm's business, for instance, a contact at an organization that could help with a business development effort. However, it is important to note that monitoring employees' personal social media accounts can raise concerns about privacy and data protection. Investment firms should ensure that they have appropriate policies and procedures in place to protect employees' privacy while still fulfilling their regulatory obligations and business needs. Investment advisors are usually aware of the regulatory requirements and understand the need for archiving of their accounts.

Just this topic

Zoom Installation and Authorization for MessageWatcher

By authorizing your Zoom account with MessageWatcher the following permissions will be granted.
  1. View all users' phone information/phone:read:admin This permission is used to retrieve a list of all users associated with your Zoom account to initialize the user into our system for archiving.
  2. View all users' call log information/phone_call_log:read:admin This permission is used to archive a user’s Zoom phone call logs.
  3. View all users' Zoom Phone SMS information/phone_sms:read:admin This permission is used to retrieve the Zoom phone SMS session information for archiving.
  4. View all users' call voicemail information/phone_voicemail:read:admin This permission is used to archive voicemails.
  5. View all user information/user:read:admin This permission is used to manage the accounts that require Zoom phone data archiving.
The above permissions allow us to read your Zoom account phone information which will be archived in your MessageWatcher account. We only use "read" permissions and never create or update any Zoom account information. Please note that the authorization of your Zoom account to utilize the MessageWatcher archiving service only needs to be completed one-time for your entire company if the phones are managed in a single Zoom account. To authorize your Zoom account for archiving, logon to your MessageWatcher compliance portal to complete the following steps.
  1. Select the "Users" menu item
  2. Select the "Zoom Account" that is shown,
  3. Select the Zoom User Account
  4. Select the "Zoom" top menu link as shown below.
  5. To complete the authorization, select the "Zoom Authorization" link shown on the Zoom Account user.
The next step in the authorization process will prompt you for your Zoom logon credentials (if you are not already logged on to Zoom in your web browser). To complete the authorization, please select the "Authorize" button

Just this topic

Zoom Phone Integration Usage

By authorizing your Zoom account with MessageWatcher the following permissions will be granted.
  1. View all users' phone information/phone:read:admin This permission is used to retrieve a list of all users associated with your Zoom account to initialize the user into our system for archiving.
  2. View all users' call log information/phone_call_log:read:admin This permission is used to archive a user’s Zoom phone call logs.
  3. View all users' Zoom Phone SMS information/phone_sms:read:admin This permission is used to retrieve the Zoom phone SMS session information for archiving.
  4. View all users' call voicemail information/phone_voicemail:read:admin This permission is used to archive voicemails.
  5. View all user information/user:read:admin This permission is used to manage the accounts that require Zoom phone data archiving.
The above permissions allow us to read your Zoom account phone information which will be archived in your MessageWatcher account. We only use “read” permissions and never create or update any Zoom account information. After authorizing your Zoom account with MessageWatcher you may utilize our compliance portal to view Zoom phone content which includes SMS messages, call logs, and voicemails for each archived Zoom phone number. Within the Flagged Review menu you will be able to review any Zoom messages that have been flagged for review by selecting the “Message Type” of Zoom for a selected date range.
You may also access the “Search” menu to find all Zoom messages that have been archived in your MessageWatcher account by selecting the “Message Type” of Zoom for a selected date range.

Just this topic

Zoom Uninstall/De-Authorization for MessageWatcher

To de-authorize your Zoom account and remove the permissions granted to MessageWatcher, logon to your MessageWatcher compliance portal to complete the following steps.
  1. Select the “Users” menu item
  2. Select the “Zoom Account” that is shown.
  3. Select the Zoom User Account.
  4. Select the “Zoom” top menu link as shown below.
  5. To complete the de-authorization, select the “De-Authorization” link shown on the Zoom Account user.
After de-authorizing your Zoom account you should see the following message:

Just this topic