FINRA’s Cybersecurity and Fraud Prevention Initiatives

The growing size and sophistication of today’s cybersecurity and fraud threats are posing a historic challenge to investors, markets, and member firms. Financial crimes are no longer just one-off events masterminded by individuals. Businesses are facing a whole ecosystem of bad actors who leverage social media and innovations like generative AI to paralyze organizations and steal vast amounts of investor assets. 

FINRA recognizes that we can and should help our member firms defend against these threats and protect their customers. This call to action relates directly to our mission of protecting investors and safeguarding the integrity of the financial markets—and it is why we have made cybersecurity and fraud prevention a key initiative of FINRA Forward. 

As a self-regulatory organization, we have unique insight across the securities industry. We are well-positioned to spot threats across the landscape and facilitate cooperation and information sharing among our member firms, law enforcement, and regulatory agencies. We also have the technology and teams to gather and vet intelligence and quickly disseminate it to our members. 

With FINRA Forward, we are leveraging our special perspective and capabilities to deliver new tools, resources, and actionable intelligence that will help our member firms combat cybersecurity and fraud threats. So far, we are focused on three efforts:

Financial Intelligence Fusion Center

While FINRA has a broad view of threats across the landscape, firms possess real-time information on the attack vectors and techniques the adversary is using. Combining those two insights provides an opportunity for comprehensive threat mitigation. With that in mind, FINRA is launching a platform to share threat intelligence and coordinate responses in real time. 

The Financial Intelligence Fusion Center will collect, analyze, and disseminate cybersecurity and fraud threat intelligence to member firms through a secure portal. The goal: to share information quicker with member firms and disrupt frauds and cyberattacks before they grow. 

The benefits of the Fusion Center for member firms include curated, actionable intelligence that is specific to the broker-dealer industry, as well as flexibility for the member firm to determine and control who at their firm has access to the portal and intelligence—all at no additional cost.

We began piloting the Fusion Center with a diverse group of member firms. They are helping us build the platform and ensure its functionality and communications will resonate with our membership and meet their needs. We expect to launch the Fusion Center in early 2026. Stay tuned for updates. 

Cyber and Operations Resilience Program

Financial services is among the sectors most reliant on third-party vendors. This can be a distinct vulnerability for individual member firms—and the markets more broadly—since cybercriminals often carry out attacks through software providers, authentication platforms, and other shared infrastructure. 

To address this issue, FINRA launched the Cyber and Operations Resilience program to detect vendor-related threats, systemic technology failures, and emerging cyberattack patterns—and to quickly deliver actionable insights to member firms. Our thinking is two-fold: First, our view across the industry enables us to quickly alert individual firms to an issue potentially affecting them. Second, if many firms rely on one vendor, then one vulnerability at the vendor could have an outsized impact on the markets.

FINRA surveyed member firms to identify the vendors and third parties they rely on to conduct business. Over the past year, FINRA cyber experts have proactively scanned for vulnerabilities affecting those vendors mentioned in internet traffic, security research, or reported by law enforcement or other regulators. These efforts leverage our incident-response and cyber expertise to notify firms, provide mitigation guidance, and share information across member firms.

Through the third quarter of 2025, more than 6,000 notifications of cyber vulnerabilities impacting their vendors have been sent to member firms. FINRA will continue to partner with firms to mitigate cyber threats and build cybersecurity resilience through this program.

Cyber Workshops and Tabletop Exercises

Preparing for a disruption or breach through realistic, structured exercises helps firms strengthen coordination, clarify roles, and identify gaps—before a real-world incident occurs. With that in mind, FINRA has introduced cyber workshops and tabletop exercises to help our member firms improve their cyber readiness, reinforce internal controls, and better understand how to safeguard customer data and maintain operational resilience. 

Led by our staff, firms can elevate their preparedness through these hands-on workshops, where they discuss essential topics, develop robust plans alongside industry peers, and receive insights from FINRA staff and other participants. They will participate in dynamic tabletop exercises to test their strategies using realistic scenarios with expert guidance. These sessions prepare firms for a variety of scenarios, including those they may not have seen yet. 

Our member firms have welcomed the effort, and we have determined to make these events a more regular and robust offering with eight to ten tailored sessions around the country.