The Archive Can Outlive the Relationship

Former advisers, providers and platforms may retain the most complete version of a private institution long after the relationship ends.

The answer

A relationship ends. The archive remains. Lawyers, accountants, banks, consultants, platforms and household providers may hold years of correspondence and identity material. Some retention is required.

A relationship ends. The archive remains.

Lawyers, accountants, banks, consultants, platforms and household providers may hold years of correspondence and identity material. Some retention is required. Some is habit. The old archive can become more complete than the institution’s current record.

Retention creates a continuing boundary

Ending live access does not end exposure. The former provider still has systems, staff, backups and incident risk. The institution should know what remains, why and under whose control.

Value object — The Post-Relationship Archive Schedule

- Record classes retained.

- Legal, regulatory or contractual basis.

- Operational access remaining.

- Storage, encryption and administrator model.

- Return, deletion and destruction dates.

- Evidence and contact for future incidents.

Separate archive from service

A provider may need to preserve records without keeping live portal access or current contact data. Narrow the environment to the retained purpose. Remove forwarding, delegated roles and recovery participation.

Maintain the institutional copy

Do not allow the outgoing adviser’s archive to become the only reliable history. Obtain indexed records and provenance in usable form before leverage disappears.

The archive is part of the relationship’s tail. Close it with the same precision used to open the engagement.

Where this breaks

The institution negotiates live confidentiality but rarely the archive’s operating state. Former providers retain broad staff access, live portals and current contacts for records they merely need to preserve.

The operating move

Convert the archive into a narrow retained state. Separate legal preservation from active service, export the institutional copy and remove live authority.

Document the retention basis.

Restrict archive administrators.

Remove forwarding and recovery roles.

Schedule return or destruction.

The test

Ask a former provider to identify who can still access the archive and why. An uncertain answer means the relationship never actually closed.

Sources

  1. Swiss FDPIC: Data securitySwiss FDPIC: Data security

    Primary authority

  2. Swiss NCSC: Social engineeringSwiss NCSC: Social engineering

    Primary authority

  3. NIST: Cybersecurity Framework 2.0NIST: Cybersecurity Framework 2.0

    Primary authority

Adam J. De CollibusFounding Partner, Svperior / Systems Engineering

Ross Belhomme

Ross leads Legal within Svperior GmbH. His work draws on more than two decades across international fiduciary, wealth-structuring, and private-client environments, combining legal, financial, and technical judgment around governance, privacy, assets, authority, and cross-border operating conditions.

Legal strategy / Governance / Private-client structuring / Digital assets

Need to apply this to a specific situation?

Send us the initial context. If the matter fits, we will respond directly.

Send private inquiry