Guidance

FINRA member firms should be aware of a critical vulnerability that affects certain versions of Oracle E-Business Suite, a business management software platform. This Cybersecurity Alert includes a link to an Oracle Advisory that includes a detailed description of the vulnerability as well as recommendations to mitigate it.

As we kick off World Investor Week, we thought it was the perfect time to revisit some invaluable tips for investors looking to start the year off right with their financial goals. On this episode, which originally aired in January, FINRA’s Head of Investor Education Gerri Walsh shares insights on leveraging market trends and tools to achieve your money goals in 2025.

FINRA is making available updates to the Interpretations of Financial and Operational Rules (Interpretations). The updates include several new interpretations to Securities Exchange Act (SEA) Rules 15c3-1 and 15c3-3 that have been communicated to FINRA by the staff of the SEC’s Division of Trading and Markets.

FINRA member firms should be aware Cisco recently published numerous Security Advisories associated with different Common Vulnerability and Exposures (CVEs), several of them listed as critical.

FINRA has developed a secure electronic portal to replace email as the primary method for the filing and service of documents in Office of Hearing Officers (OHO) proceedings. These amendments modernize service and filing processes in a manner that will protect investors and the public interest by promoting efficiency while preserving fair process in OHO proceedings. The amendments become effective on October 7, 2025.

As member firm activity increases in blockchain and crypto assets, FINRA is launching a Crypto and Blockchain Education Program designed to empower member firm compliance and combat crypto fraud by broadening the knowledge base of member firms and associated persons.

FINRA member firms should be aware of a supply chain attack leveraging data exfiltrated from Salesloft Drift—a third-party platform that connects the Drift AI chat agent with a Salesforce or Google Workspace instance, among others. The breach described below exposed data that could increase the risk of credential stuffing, spear phishing and social engineering attacks against member firms and their vendors. To date, we are aware of multiple impacted third-party vendors used by FINRA firms. FINRA has notified the member firms who use the affected vendors or Salesloft.

FINRA member firms that use Cisco Secure Firewall Management Center (FMC) Software should be aware of a critical vulnerability that could allow a remote attacker to run malicious code on firm systems with full administrative privileges. This Cybersecurity Alert includes a link to a Cisco Security Advisory describing the vulnerability that includes additional guidance. FINRA recommends that member firms review this information with appropriate information technology and information security personnel.

FINRA rules require members to provide associated persons with specified information relating to the uniform registration forms and predispute arbitration. FINRA has observed that members currently satisfy some of these requirements through manual processes, such as delivery of the information via U.S. mail. As part of the FINRA Forward initiatives, FINRA has made enhancements to its systems to give members the option of satisfying these requirements electronically via FINRA’s Financial Professional Gateway (FinPro GatewayTM) beginning November 3, 2025.

In 2009, the FINRA Investor Education Foundation launched the first national study of financial capability of adults in the United States. Since its start, the National Financial Capability Study has provided data on multiple indicators of capability, including financial behaviors, attitudes, and knowledge. National Financial Capability Study survey data is collected every three years. The 2024 survey, which was published in July, represents the sixth wave of data. This episodes dives into the report that serves as an important barometer of Americans financial health, and continues to be an essential resource for policymakers, researchers, financial firms, educators, and other stakeholders seeking to better understand and address the financial capability needs of Americans.

FINRA member firms that use Microsoft SharePoint should be aware of a critical vulnerability that affects certain versions of the web-based platform. This Cybersecurity Alert includes a link to a Microsoft Advisory describing the vulnerability as well as a recommendation to protect your firm. In addition, FINRA recommends that firms review this information with appropriate information technology and information security personnel to alert them to an ongoing threat.

At the 2025 FINRA Annual Conference on May 14, FINRA Chair Scott Curtis discusses topics of interest to FINRA member firms and other stakeholders, in conversation with President and CEO Robert Cook.

In an effort to increase public awareness and understanding about the broad range of FINRA-registered firms and individuals, FINRA shares an annual snapshot of some of the data collected in the course of our work.

At FINRA’s annual conference on May 13, 2025, President and CEO Robert Cook discusses the FINRA Forward initiative and other topics of interest to FINRA member firms and other stakeholders, in conversation with Kayte Toczylowski, VP, Member Relations and Education.

FINRA member firms should be aware of an ongoing phishing campaign involving threat actors targeting executive employees at broker-dealers and investment advisors with fraudulent emails purporting to be from FINRA executives. The campaign began on or around May 21, 2025. These emails are not from FINRA, and firms should delete them and consider blocking the indicators of compromise contained at the end of this alert.

FINRA member firms that use SentinelOne Endpoint Detection and Response (EDR) protections—and potentially other EDR service providers—should be aware of a vulnerability which could allow threat actors to gain local administrative access to publicly accessible servers. This Cybersecurity Advisory describes the vulnerability as well as recommendations to protect your firm.

The staffs of the Division of Trading and Markets and the Office of General Counsel of the Financial Industry Regulatory Authority, Inc. have withdrawn the July 8, 2019 Joint Staff Statement on Broker-Dealer Custody of Digital Asset Securities.

Third-party risk is the most clicked-on topic in FINRA's 2025 Regulatory Oversight Report. But what is third-party risk and why are people so interested in it? What can FINRA member firms do to mitigate that risk? And how can FINRA help? These questions will be answered on the latest episode of FINRA Unscripted, featuring a returning guest, FINRA's Executive Vice President of Member Supervision Greg Ruppert.

FINRA member firms should be aware of a technique threat actors use to avoid network defenders detecting the required communications of malware. On April 3, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS) and New Zealand National Cyber Security Centre (NCSC-NZ) issued a joint cybersecurity advisory (CSA) to warn organizations of the ongoing threat of one such technique: fast flux.

FINRA created a quick reference guide to help firm users review and understand RSL indicators and dates in various scenarios in the FINRA Gateway Profiles application and FINRA Gateway Reports.

Member firms should be aware of an alleged large-scale data breach possibly affecting Oracle Cloud services at firms and third-party providers. FINRA recommends that firms review this information to assess any potential impact to their operations, as well as with third-party providers who provide services to the firm. FINRA previously delivered an email to firms whose domain names appeared in the threat actor post, as well as any firms that previously informed FINRA of their use of Oracle products and services.