The Regulator has in place internal procedures to monitor and manage access to and the use of Confidential Information and documents obtained during the course of its regulatory activities. These procedures include the use of manual and electronic document storage and retrieval systems.

For example, the Regulator limits access to confidential documents obtained to those members of the Regulator's staff engaged with the relevant matter to which the documents are related by use of secure filing of physical documents and restricted computer drives containing confidential documents in electronic form.