How to Use the Report
FINRA’s Risk Monitoring and Examination Programs evaluate member firms for compliance with relevant obligations and consider specific risks relating to each firm, including those relating to a firm’s business model, supervisory control system and prior exam findings, among other considerations. While the topics addressed in this Report are selected for their interest to the largest number of member firms, they may include areas that are not relevant to an individual member firm and omit other areas that are applicable.
FINRA advises each member firm to review the Report and consider incorporating relevant practices into its compliance program in a manner tailored to its activities. The Report is intended to be just one of the tools a member firm can use to help inform the development and operation of its compliance program; it does not represent a complete inventory of regulatory obligations, compliance considerations, examination findings, effective practices or topics that FINRA will examine.
FINRA also reminds member firms to stay apprised of new or amended laws, rules and regulations, and to update their WSPs and compliance programs on an ongoing basis, as new regulatory obligations may be part of future examinations. FINRA encourages member firms to reach out to their designated Risk Monitoring Analyst if they have any questions about the considerations, findings and effective practices described in this Report.
Each area of regulatory obligations is set forth as follows:
Regulatory Obligations and Related Considerations – A brief description of:
- relevant federal securities laws, regulations and FINRA rules; and
- questions FINRA may ask or consider when examining your firm for compliance with such obligations.
Exam Findings and Effective Practices
- Noteworthy findings that FINRA has noted at some—but not all—member firms, including:
- new findings from recent examinations;
- findings we highlighted in prior Reports and that we continue to note in recent examinations;
- in certain sections, topics noted as “Emerging Risks” representing potentially concerning practices that FINRA has observed and which may receive increased scrutiny going forward; and
- for certain topics—such as Cybersecurity, Liquidity Management and Credit Risk—observations that suggested improvements to a firm’s control environment to address potential weaknesses that elevate risk, but for which there are not specific rule violations.
- Select effective practices FINRA observed in recent exams, as well as those we noted in prior Exam Findings Reports and which we continue to see, that may help member firms, depending on their business model, evaluate their own programs.
Additional Resources – A list of relevant FINRA Notices, other reports, tools and online resources.
The Report also includes an Appendix that outlines how member firms have used similar FINRA reports (e.g., Exam Findings Reports, Priorities Letters) in their compliance programs.
As a reminder, the Report—like our previous Exam Findings Reports and Priorities Letters—does not create any new legal or regulatory requirements or new interpretations of existing requirements. You should not infer that FINRA requires member firms to implement any specific practices described in this report that extend beyond the requirements of existing federal securities provisions or FINRA rules.