I worked for an investment bank for many years. We had to sign a declaration that we would not make trades of any kind without permission from compliance (the withholding of this permission in 2012 is why I am not a BitCoin millionaire). However, there was no requirement to hand over login details to brokerage accounts etc. I would be surprised if there was elsewhere.
The person you replied to said 'statements' not 'login details'. Are you treating these things as synonymous? I suppose if I was only required to hand over statements I could edit them.
I was indeed treating as synonymous. There was no requirement to provide statements or any evidence of compliance with the policy. I assume it was assumed that the remedies available for breach of contract would be sufficient.
Those days pretty much all brokerages will provide a feed of your trading activity and open positions to a 3rd party compliance aggregator like ComplySci. No login details needed, the feed is read-only, and only has need-to-know information. It requires double opt in - you provide information to your employer, and then the brokerage will confirm with you that you authorized the feed. But if you have a weird account that doesn't support this system, then you always have the option of entering them manually and certifying that you haven't missed any.
