Skip to main content

Guidance

We offer guidance to firms in the form of podcasts, webinars, FAQs, reports, and more. Use the toggle below to find guidance by topic, type or date. 

5 A B C D E F G H I L M N O P Q R S T V
Guidance
FINRA member firms should be aware of a critical vulnerability that affects certain versions of Oracle E-Business Suite, a business management software platform. This Cybersecurity Alert includes a link to an Oracle Advisory that includes a detailed description of the vulnerability as well as recommendations to mitigate it.
October 08, 2025
Media Center
As we kick off World Investor Week, we thought it was the perfect time to revisit some invaluable tips for investors looking to start the year off right with their financial goals. On this episode, which originally aired in January, FINRA’s Head of Investor Education Gerri Walsh shares insights on leveraging market trends and tools to achieve your money goals in 2025.
October 07, 2025
Guidance
FINRA is making available updates to the Interpretations of Financial and Operational Rules (Interpretations). The updates include several new interpretations to Securities Exchange Act (SEA) Rules 15c3-1 and 15c3-3 that have been communicated to FINRA by the staff of the SEC’s Division of Trading and Markets.
October 07, 2025
Guidance
FINRA member firms should be aware Cisco recently published numerous Security Advisories associated with different Common Vulnerability and Exposures (CVEs), several of them listed as critical.
September 26, 2025
Guidance

Summary

FINRA is issuing this Notice to remind members and associated persons that, no matter where they are located, they are required to provide information and testimony in response to a request from FINRA staff pursuant to FINRA Rule 8210.

Questions concerning this Notice should be directed to:

September 25, 2025
Arbitration and Mediation

The Neutral Corner – Volume 3—2025

Mission Statement

A Refresher on Virtual Hearings

FINRA Dispute Resolution Services (DRS) and FINRA News

September 24, 2025
Guidance
FINRA has developed a secure electronic portal to replace email as the primary method for the filing and service of documents in Office of Hearing Officers (OHO) proceedings. These amendments modernize service and filing processes in a manner that will protect investors and the public interest by promoting efficiency while preserving fair process in OHO proceedings. The amendments become effective on October 7, 2025.
September 17, 2025
Media Center
As member firm activity increases in blockchain and crypto assets, FINRA is launching a Crypto and Blockchain Education Program designed to empower member firm compliance and combat crypto fraud by broadening the knowledge base of member firms and associated persons.
September 16, 2025
Guidance
FINRA member firms should be aware of a supply chain attack leveraging data exfiltrated from Salesloft Drift—a third-party platform that connects the Drift AI chat agent with a Salesforce or Google Workspace instance, among others. The breach described below exposed data that could increase the risk of credential stuffing, spear phishing and social engineering attacks against member firms and their vendors. To date, we are aware of multiple impacted third-party vendors used by FINRA firms. FINRA has notified the member firms who use the affected vendors or Salesloft.
September 10, 2025
Guidance
FINRA member firms that use Cisco Secure Firewall Management Center (FMC) Software should be aware of a critical vulnerability that could allow a remote attacker to run malicious code on firm systems with full administrative privileges. This Cybersecurity Alert includes a link to a Cisco Security Advisory describing the vulnerability that includes additional guidance. FINRA recommends that member firms review this information with appropriate information technology and information security personnel.
August 20, 2025
Guidance
FINRA rules require members to provide associated persons with specified information relating to the uniform registration forms and predispute arbitration. FINRA has observed that members currently satisfy some of these requirements through manual processes, such as delivery of the information via U.S. mail. As part of the FINRA Forward initiatives, FINRA has made enhancements to its systems to give members the option of satisfying these requirements electronically via FINRA’s Financial Professional Gateway (FinPro GatewayTM) beginning November 3, 2025.
August 15, 2025
Podcast
In 2009, the FINRA Investor Education Foundation launched the first national study of financial capability of adults in the United States. Since its start, the National Financial Capability Study has provided data on multiple indicators of capability, including financial behaviors, attitudes, and knowledge. National Financial Capability Study survey data is collected every three years. The 2024 survey, which was published in July, represents the sixth wave of data. This episodes dives into the report that serves as an important barometer of Americans financial health, and continues to be an essential resource for policymakers, researchers, financial firms, educators, and other stakeholders seeking to better understand and address the financial capability needs of Americans.
August 05, 2025
Guidance
FINRA member firms that use Microsoft SharePoint should be aware of a critical vulnerability that affects certain versions of the web-based platform. This Cybersecurity Alert includes a link to a Microsoft Advisory describing the vulnerability as well as a recommendation to protect your firm. In addition, FINRA recommends that firms review this information with appropriate information technology and information security personnel to alert them to an ongoing threat.
July 21, 2025
Media Center
At the 2025 FINRA Annual Conference on May 14, FINRA Chair Scott Curtis discusses topics of interest to FINRA member firms and other stakeholders, in conversation with President and CEO Robert Cook.
July 15, 2025
Report / Study
In an effort to increase public awareness and understanding about the broad range of FINRA-registered firms and individuals, FINRA shares an annual snapshot of some of the data collected in the course of our work.
July 09, 2025
Guidance

Update (Aug. 20, 2025): Per the Aug. 19, 2025, U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) announcement, covered financial institutions will now have until Oct. 20, 2025, to implement the orders originally issued on June 25, 2025.

June 27, 2025
Media Center
At FINRA’s annual conference on May 13, 2025, President and CEO Robert Cook discusses the FINRA Forward initiative and other topics of interest to FINRA member firms and other stakeholders, in conversation with Kayte Toczylowski, VP, Member Relations and Education.
June 17, 2025
Guidance
FINRA member firms should be aware of an ongoing phishing campaign involving threat actors targeting executive employees at broker-dealers and investment advisors with fraudulent emails purporting to be from FINRA executives. The campaign began on or around May 21, 2025. These emails are not from FINRA, and firms should delete them and consider blocking the indicators of compromise contained at the end of this alert.
May 23, 2025
Guidance
FINRA member firms that use SentinelOne Endpoint Detection and Response (EDR) protections—and potentially other EDR service providers—should be aware of a vulnerability which could allow threat actors to gain local administrative access to publicly accessible servers. This Cybersecurity Advisory describes the vulnerability as well as recommendations to protect your firm.
May 22, 2025
Guidance
The staffs of the Division of Trading and Markets and the Office of General Counsel of the Financial Industry Regulatory Authority, Inc. have withdrawn the July 8, 2019 Joint Staff Statement on Broker-Dealer Custody of Digital Asset Securities.
May 15, 2025
Media Center
Third-party risk is the most clicked-on topic in FINRA's 2025 Regulatory Oversight Report. But what is third-party risk and why are people so interested in it? What can FINRA member firms do to mitigate that risk? And how can FINRA help? These questions will be answered on the latest episode of FINRA Unscripted, featuring a returning guest, FINRA's Executive Vice President of Member Supervision Greg Ruppert.
May 06, 2025
Guidance
FINRA member firms should be aware of a technique threat actors use to avoid network defenders detecting the required communications of malware. On April 3, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS) and New Zealand National Cyber Security Centre (NCSC-NZ) issued a joint cybersecurity advisory (CSA) to warn organizations of the ongoing threat of one such technique: fast flux.
April 18, 2025
Guidance
FINRA created a quick reference guide to help firm users review and understand RSL indicators and dates in various scenarios in the FINRA Gateway Profiles application and FINRA Gateway Reports.
April 07, 2025
Guidance
Member firms should be aware of an alleged large-scale data breach possibly affecting Oracle Cloud services at firms and third-party providers. FINRA recommends that firms review this information to assess any potential impact to their operations, as well as with third-party providers who provide services to the firm. FINRA previously delivered an email to firms whose domain names appeared in the threat actor post, as well as any firms that previously informed FINRA of their use of Oracle products and services.
April 01, 2025