How Long Should You Keep Company Records?

Maintaining organized and accessible company records is a fundamental aspect of responsible business operation. Businesses of all sizes generate a vast array of documents, from financial statements to employee records, and knowing how long to retain these is a practical necessity. Proper record retention involves managing information throughout its lifecycle. This process helps ensure financial accuracy, supports operational efficiency, and prepares a business for various future needs. Adhering to established retention guidelines safeguards a company’s interests.

Understanding Record Retention

The necessity of retaining company records stems from several important drivers. One primary reason is legal compliance, as businesses must adhere to federal, state, and local laws that often dictate specific retention periods. This includes considering statutes of limitations for potential litigation, which define the timeframe for legal action.

Another significant driver is tax audits. Tax authorities require businesses to maintain detailed records to substantiate income, deductions, and credits reported on tax returns. These records serve as evidence in case of an audit, demonstrating accuracy and legitimacy.

Beyond legal and tax mandates, records are also crucial for operational needs. They support day-to-day business activities, inform strategic decision-making, and provide historical reference for performance analysis and growth. Records also serve as evidence in potential disputes or litigation, offering a verifiable account of transactions and actions.

Common Record Retention Periods

Determining precise retention periods involves navigating various regulations and best practices. These guidelines aim to balance compliance needs with practical storage considerations. Specific industries or unique contractual obligations may necessitate different retention durations.

Tax records are important documents a business maintains. Income tax returns and their supporting documentation, such as invoices, receipts, and depreciation schedules, should generally be kept for at least three years from the date the return was filed. If a business underreports income by more than 25% of the gross income, the Internal Revenue Service (IRS) can extend the audit period to six years. For claims related to worthless securities or bad debt deductions, a seven-year retention period is advisable. Employment tax records, including payroll tax filings, employee wage documentation, and proof of tax payments, typically require retention for at least four years after the tax is due or paid, whichever is later. Some financial statements and general ledgers are often recommended to be kept permanently.

Employment and payroll records:
Payroll records, collective bargaining agreements, and sales and purchase records generally need to be preserved for at least three years.
Records used for wage computations, such as time cards, work schedules, and wage rate tables, should be retained for two years.
Employee files, including applications, performance reviews, and disciplinary actions, typically have retention periods ranging from one to three years after employment ends. Some documents related to exposure to harmful agents may need to be kept for 30 years after employment ceases.
Form I-9s must be retained for three years after the date of hire or one year after employment termination, whichever is later.
Records related to employee benefit plans, such as 401(k) plans, should be kept for at least six years after filing Form 5500.

Financial records beyond tax documents also have specific retention guidelines. Accounts payable and accounts receivable records are commonly retained for seven years. Bank statements, cancelled checks, and electronic payment records are typically kept for seven years. Purchase orders and sales records are often advised to be retained for seven years.

Corporate governance records often require permanent retention. This category includes:
Articles of incorporation
Bylaws
Meeting minutes of board and shareholder meetings
Stock certificates
Stock registers
Partnership agreements
Maintaining these documents indefinitely ensures a complete legal history of the entity.

Legal records, such as contracts and leases, have varying retention periods. Major contracts and leases are often recommended for permanent retention. Minor contracts may be kept for the life of the contract plus an additional four years.

Generally, contracts should be retained for at least six years, or longer depending on the statute of limitations for potential legal disputes. Documents related to intellectual property, such as patents and trademarks, should be kept permanently. Litigation files should be retained for a period reflecting the conclusion of the case and any appeal periods, often extending several years beyond final resolution.

Managing Electronic Records

A substantial portion of company records now exist in electronic format. Electronic records carry the same legal weight as their paper counterparts, provided their authenticity and integrity can be maintained. This underscores the importance of robust electronic records management systems.

Effective management of electronic records involves practices that ensure long-term accessibility and security. Data backups are crucial for disaster recovery, preventing loss from system failures or cyberattacks. Regular, secure backups help preserve data integrity and availability.

Ensuring accessibility and readability over extended periods requires considering file formats, software compatibility, and hardware obsolescence. Records must remain usable as technology evolves, which may necessitate periodic migration.

Secure storage methods are important for digital data. This includes using encrypted storage, secure cloud services, and access controls to protect sensitive information. Organizing and indexing electronic files systematically allows for efficient retrieval for audits, legal discovery, or operational reference. A well-structured digital filing system, with metadata and search capabilities, enhances the utility of electronic records.

Disposing of Company Records

Once records have fulfilled their legal, regulatory, and business purposes, their secure disposal becomes necessary. This process requires a formal approach to protect sensitive information and avoid potential liabilities. A documented record destruction policy is a best practice for any organization. This policy should outline which types of records are to be destroyed, when they become eligible, and the approved methods.

For physical records, secure destruction methods prevent unauthorized access. Shredding is a common and effective method for paper documents, and should be done to a professional standard using micro-cut or cross-cut techniques. Incineration offers a complete and reliable method for destroying sensitive paper documents. Physical destruction can also involve pulverizing or disintegration of media.

Electronic records require specialized disposal techniques to ensure data is irretrievably erased. Simply deleting files or reformatting a drive is often insufficient, as data can still be recovered. Secure electronic disposal methods include data wiping, where specialized software overwrites existing data multiple times.

Degaussing uses powerful magnetic fields to destroy data on magnetic storage devices, though this method typically renders the device unusable. Physical destruction of electronic media, such as shredding or crushing hard drives, is another effective way to ensure data cannot be accessed.

Documenting the destruction process, including the date, method, and the records destroyed, provides an audit trail and demonstrates compliance. This documentation often takes the form of a certificate of destruction, especially when using third-party disposal services. Compliance with privacy regulations is important during the disposal of sensitive information.