Main Menu

FINRA Highlights Compliance, Supervisory and Risk Management Focus Areas for Financial Services Firms


Every year, the Financial Industry Regulatory Authority (FINRA) publishes a Regulatory and Examination Priorities Letter. The document describes areas that financial services firms should consider when identifying opportunities to improve their compliance, supervisory and risk management programs. The areas of focus for the 2018 letter include fraud, high-risk firms and brokers, operational and financial risks, sales practice risks and market integrity. The letter also addresses new rules FINRA plans to apply in 2018.


Fraud continues to be a major focus area for FINRA. In 2017, FINRA reported hundreds of potential insider trading and fraudulent activities to the U.S. Securities and Exchange Commission (SEC) that involved individuals or entities outside of FINRA’s jurisdiction.

In addition to continuing to pursue these investigations, FINRA will focus on microcap fraud schemes, including those targeting senior investors. With the addition of FINRA’s new Rule 2165 and amendments to Rule 4512, firms have several tools to protect senior investors from exploitation. Both of the following rules are effective February 5, 2018:

  • Adoption of FINRA Rule 2165 (Financial Exploitation of Specified Adults): FINRA Rule 2165 permits members to place temporary holds on disbursements of funds or securities from the accounts of specified customers where there is a reasonable belief of financial exploitation of these customers.
  • Amendments to FINRA Rule 4512 (Customer Account Information): FINRA Rule 4512 requires members to make reasonable efforts to obtain the contact information for a trusted contact person for a non-institutional customer’s account.

Firms are advised to review internal policies and training regarding acceptable communications and interactions with microcap stock promoters to help prevent brokers from participating in any fraudulent scheme. When brokers show a new or sudden interest in buying microcap stocks for their accounts or those of their customers, firms should take note. FINRA will investigate brokers who coordinate trading in microcap stocks using their own or their customers’ accounts.

High-risk firms and brokers

FINRA will continue to identify high-risk firms and individual brokers and reduce the potential risk they can pose to investors, including unsophisticated or senior investors. Firms are reminded of their existing obligation to adopt and implement tailored heightened supervisory procedures under FINRA Rule 3110 (Supervision) for high-risk individuals.

FINRA will focus on:

  • Evaluating rollovers of qualified plans into non-qualified accounts for senior investors
  • Recommendations for speculative or complex products by high-risk brokers to investors who may not have the necessary sophistication, experience or investment objectives
  • Reviewing situations where registered representatives have control of investors’ finances as power-of-attorney or trustee on customer accounts
  • Evaluating rollovers of qualified plans into non-qualified accounts for senior investors
Operational and financial risks

Among other operational and financial risks, some of those FINRA is focusing on include:

  • Business continuity planning: Recent events and natural disasters, including Hurricanes Harvey and Maria, highlight the importance for firms to maintain written Business Continuity Plans (BCPs) that address continual access to important systems. FINRA Rule 4370 (Business Continuity Plans and Emergency Contact Information) requires firms to maintain BCPs that help them meet existing obligations to customers in an emergency or business disruption. Click here to learn more about developing a BCP.
  • Customer protection and verification of assets and liabilities: FINRA continuously monitors the protection of customer information and the accuracy of firms’ financial data. Under Securities Exchange Act (SEA) Rules 15c3-1 and 15c3-3, FINRA will exam firms’ records and review their processes for verifying customer assets and proprietary assets and liabilities. In examining firms’ compliance, FINRA will evaluate if firms have implemented proper controls and supervision to protect customer assets. Learn more about the importance of regulatory compliance.
  • Technology governance: It is important for firms to keep strong controls over changes to their information technology in order to prevent inaccurate, incomplete, untested or unauthorized changes to their production environments. Sometimes implementation of new systems, or enhancements and modifications to existing systems, can cause operational breakdowns. Therefore, FINRA will review the firms’ information and technology change management policies and procedures. Learn more about how to keep controls over your technology.
  • Cybersecurity: FINRA continues to see cybersecurity as a significant threat and a priority. They will evaluate firms’ cybersecurity programs – including technical defenses and resiliency measures – and their effectiveness in protecting sensitive information from internal and external threats. Firms are also reminded that they must have policies and procedures for assessing whether to file a SAR when they uncover a cybersecurity event. Learn more about cyberattack prevention and insurance.
  • Anti-money laundering: As FINRA continues to assess firms’ anti-money laundering (AML) programs, they will review the adequacy of firms’ AML monitoring resources, policies and procedures for detecting and reporting suspicious transactions, and independent testing required under FINRA Rule 3310(c) (Anti-Money Laundering Compliance Program). Learn the top reasons AML programs fail and how to ensure yours does not.
Sales practice risks, market integrity and new rules

The sales practice risks FINRA addresses in its letter are suitability, initial coin offerings, cryptocurrencies, use of margin and securities backed lines of credit. The marketing integrity areas of focus in the letter are manipulation, best execution, regulation SHO, fixed income data integrity and options. To read more about these focus areas as well as FINRA’s new rules, click here to read the full Regulatory and Examination Priorities Letter.

FINRA advises firms to use the areas of focus in their letter as a point of reference for their compliance, supervisory and risk management programs, as well as to prepare for FINRA exams. To discuss these areas of focus and how to ensure your programs are effective, please contact us.


Schedule a Meeting

Back to Page