We are not aware of any document retention requirements that apply to securities transactions made within a bank’s own investment portfolio. There are recordkeeping and confirmation requirements for securities transactions “effected for a customer by a bank” (12 CFR Part 344), but those requirements would not apply if the trades are not made “for a customer.”

The FDIC’s Risk Management Manual of Examination Policies section on Securities and Derivatives does not specify any particular retention periods for a bank’s portfolio trades. However, it does have some general recommendations for a record retention policy, and it recommends that internal audits of your investment activities include a review of your documentation practices. For example, it states your institution’s “[p]olicies and procedures should identify the extent of credit analysis and documentation required to satisfy sound credit risk management standards.”