A financial services company has an organization in AWS organizations with several member accounts. Amazon S3 buckets are used to store sensitive data backups from common applications within each AWS account. The company needs to restrict users from deleting any S3 buckets or objects across the organization. What is the MOST scalable solution that meets these requirements?