In the last year or so, many of the firms I work with or come into contact with have finally begun to talk around the subject of managing their electronic records. That's not to say that there has been a rush to implementation. Far from it, most have gone no further than acknowledging that they have a huge amount of electronic documents, as well as being completely overwhelmed by e-mails. Some have opted for the deep storage approach, buy an electronic archive vault and pump everything into it. This certainly helps to free up near-line systems, but seems to me to be the electronic equivalent of paper records management from twenty years ago. It doesn't matter what it is, get it offsite and we'll worry about it later. This policy is now biting a good number of firms, especially with the rising cost of storage and the difficulties associated with implementing a destruction policy when you don't have an accurate picture of what you hold. Lots of records, not too much management.

So why is electronic records management such a problem? On the face of it, it would seem simple. Any firm with a reasonable document management system will have all its documents profiled with matter details, document descriptions, authors, create dates, access records; all the information needed to build a comprehensive records management policy.
The first issue is that electronic documents are squarely in the domain of the IT department. They are responsible for the systems, and may see the issue as one of disc space, network speed and access to current documents. Hence the vault solutions. Records management is far more than just archiving off documents that have reached a certain stage in their lifecycle. Consideration has to be given to what actually constitutes a record. What should happen to a document that meets the record criteria? What will make it a record in the established sense of the word? What are the risks associated with retaining that document, as opposed to erasing it? Are there reasons why access to the document should be restricted, perhaps in a different way to when it was an active work in progress? Will the audit trail be sufficient to meet the requirements of conflict of interest rules, or market abuse regulation? I'm not suggesting that the IT team will not pay due regard to these considerations, or even build an expertise, but they must recognise and involve the Records Manager, or recruit records expertise, as well as taking  risk mitigation advice.