Three FINRA rules form a regulatory scheme addressing the supervision of firms and their associated persons.
FINRA Rule 3110 (Supervision)
FINRA Rule 3110 requires a firm to establish and maintain a system to supervise the activities of its associated persons that is reasonably designed to achieve compliance with the applicable securities laws and regulations and FINRA rules.
The rule details requirements for a firm to have reasonably designed written supervisory procedures (WSPs) to supervise the activities of its associated persons and the types of businesses in which it engages. Among other things, a firm's WSPs must address supervision of supervisory personnel and provide for the review of a firm's investment banking and securities business, correspondence and internal communications, and customer complaints. WSPs should describe:
- the specific individual(s) responsible for each review,
- the supervisory activities such persons will perform,
- the frequency of the review, and
- the manner of documentation.
The rule further sets forth requirements to designate and register branch offices and offices of supervisory jurisdiction (OSJs), conduct internal inspections and review transactions for insider trading.
Firms must also adopt procedures that include a means of customer confirmation for certain transactions such as transmittal of customer funds, changes in address, and changes in investment objectives.
FINRA Rule 3120 (Supervisory Control System)
FINRA Rule 3120 requires a firm to have a system of supervisory control policies and procedures (SCPs) that tests and verifies a firm's supervisory procedures. It is essential for a firm to recognize that FINRA Rule 3120's requirement to have specific SCPs differs from the requirement for WSPs. A firm not only needs to maintain WSPs, but the firm also must have SCPs to test and verify, at least annually, that its WSPs are reasonably designed with respect to the firm's and its associated persons' activities to achieve compliance with applicable securities laws and regulations and FINRA rules, and to create additional or amend WSPs as identified by such testing and verification. Risk-based methodologies and sampling may be used to determine the scope of testing. The testing ensures that a firm's supervisory procedures are reviewed and amended regularly in light of changing business and regulatory environments.
Pursuant to Rule 3120, a firm must designate principal(s) to be responsible for establishing, maintaining and enforcing a firm's SCPs. The designated principal(s) also must prepare, at least annually, a report detailing the firm's supervisory control system and submit it to senior management (Rule 3120 Report). The Rule 3120 Report must include a summary of the test results and significant identified exceptions, and any additional or amended supervisory procedures created in response to the test results.
If a firm has reported $200 million or more in gross revenue on its FOCUS report in the prior calendar year, FINRA Rule 3120 requires that the firm's annual report include specified additional content, to the extent applicable to the firm's business.
FINRA Rule 3130 (Annual Certification of Compliance and Supervisory Processes)
FINRA Rule 3130 requires a firm to designate and identify to FINRA on Schedule A of Form BD one or more principals to serve as a chief compliance officer (CCO). The rule also requires the firm's chief executive officer(s) (CEO(s)) to certify annually that the firm has in place processes to establish, maintain, review, test and modify policies and procedures reasonably designed to achieve compliance with applicable securities laws and regulations and FINRA rules. A firm's processes must be evidenced in a report that must be submitted to the firm's board of directors and audit committee (or equivalent bodies). The CEO(s) must further certify to having met with the CCO(s) in the preceding 12 months to discuss the firm's processes and other specified matters.
The intent of Rule 3130 is to increase attention to firms' compliance programs by requiring substantial and purposeful interaction between business managers and compliance officers throughout the firm.
Please visit our e-learning courses page to register for one or more of the following courses.
- AML – Supervisors: Understanding Your Role
- AML – Supervisors: Understanding Your Role – Vol. 2
- Annual Compliance Reminders for Supervisors – Vol. 1
- Customer Information Protection for Supervisors
- Cybersecurity – Supervisors: Understanding Your Role
- Electronic Communications: What Supervisors Need to Know
- Ethical Considerations for Supervisors
- Gifts: Understanding Supervisory Responsibilities
- Retail Branch Office Supervision: Compliance with Regulations
- Retail Branch Office Supervision: Understanding Supervisory Responsibilities
- Retail Supervision: Sales to Senior Investors
- Supervision: FINRA Rules 3110, 3120, 3150 and 3170
- Supervision: Obligations for Firms With Institutional Clients
- Supervision: Obligations When Monitoring Sales and Trading