Cybersecurity

Given the evolving nature, increasing frequency, and mounting sophistication of cybersecurity attacks – as well as the potential for harm to investors, firms, and the markets – cybersecurity practices are a key focus for firms and FINRA.

FINRA evaluates firms’ approaches to cybersecurity risk management through reviews of their controls in areas including: technology governance, risk assessment, technical controls, access management, incident response, vendor management, data loss prevention, system change management, branch controls and staff training. Through these reviews, FINRA also assesses a firm’s ability to protect the confidentiality, integrity, and availability of sensitive customer information.

These pages are designed to assist a firm in building out its cybersecurity program by addressing the individual risks and discussing related controls needed to protect customer and firm confidential data. FINRA has updated this Cybersecurity page to include the following resources:

In Case Of A Disruptive Attack or Breach
Common Cybersecurity Threats
Events
Reports
Compliance Tools
Media
FINRA Cybersecurity Contact

In Case of a Disruptive Attack or Breach

Firms should get to know their local Federal Bureau of Investigation (FBI) and proactively plan for a cybersecurity attack or breach.

In case your firm is the victim of a disruptive attack or breach, for instance your data has been accessed or your customers cannot do business, you should immediately report the incident to your:

Common Cybersecurity Threats

This section highlights some of the common cybersecurity threats faced by broker-dealers. In a number of cases, FINRA has observed that different types of attacks were coordinated and overlapped.

Phishing
Imposter Websites
Malware
Account Compromise or Takeover

Fraudulent Wires
Ransomware
Distributed Denial-of-Service (“DDoS”) Attacks
Vendor Breaches

Learn more about common cybersecurity threats

Events

2020 Cybersecurity Conference

January 14, 2020 • New York, NY
FINRA’s Cybersecurity Conference helps you stay current on today’s cybersecurity challenges and the ways in which organizations can understand vulnerabilities and threats, and create resilience against cyber attacks.

2019 Small Firm Conference

October 23 – 24, 2019 • Santa Monica, CA
The Small Firm Conference focuses on small firms’ practices and tips for complying with FINRA rules. Don't miss Thursday morning's panel entitled, "Cybersecurity Guidance for Small Firms."

Related FINRA Reports

Compliance Tools

Small Firm Cybersecurity Checklist
FINRA has created a Checklist for a Small Firm's Cybersecurity Program to assist small firms in establishing a cybersecurity program.

Compliance Vendor Directory (CVD)
In an effort to provide enhanced compliance tools and resources, FINRA has developed the Compliance Vendor Directory (CVD). The FINRA CVD is designed to give firms more options in locating vendors that provide compliance-related offerings, including cybersecurity vendors and services.

Core Cybersecurity Controls for Small Firms
Core Cybersecurity Controls for Small Firms is a list of core controls that are likely to be relevant to many small firms’ cybersecurity programs. This list was designed to help small firms in establishing an effective cybersecurity program.

Non-FINRA Resources
FINRA has assembled a list of non-FINRA cybersecurity resources that firms may use to manage their cybersecurity risk.

FINRA Rules Related to Cybersecurity

SEC Rules Related to Cybersecurity

248.201-202. Regulation S-ID: Identity Theft Red Flags
248.1-100. Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Personal Information
240.17a-4(f). The Securities Exchange Act of 1933 (17 CFR §240.17a-4(f)) requires firms to preserve electronically stored records in a non-rewriteable, non-erasable format.

Regulatory Notice 21-14
FINRA Alerts Firms to Recent Increase in ACH “Instant Funds” Abuse
Thu, 03/25/2021 - 12:00
Regulatory Notice 21-08
FINRA Alerts Firms to Phishing Email Using “finra-online.com” Domain Name
Thu, 03/04/2021 - 12:00
Regulatory Notice 20-40
FINRA Alerts Firms to Phishing Email Using Invest-FINRA.org Domain Name
Mon, 11/30/2020 - 12:00
Information Notice - 10/15/20
Cybersecurity Background: Authentication Methods
Thu, 10/15/2020 - 12:00
Regulatory Notice 20-35
FINRA Alerts Firms to Phishing Email Requesting Them to Respond to Fraudulent FINRA Survey
Tue, 10/06/2020 - 12:00
Regulatory Notice 20-32
FINRA Reminds Firms to Be Aware of Fraudulent Options Trading in Connection With Potential Account Takeovers and New Account Fraud
Thu, 09/17/2020 - 12:00
Regulatory Notice 20-30
Fraudsters Using Registered Representatives Names to Establish Imposter Websites
Thu, 08/20/2020 - 12:00
Regulatory Notice 20-27
FINRA Alerts Firms to Use of Fake FINRA Domain Name
Wed, 08/12/2020 - 12:00
Regulatory Notice 20-13
FINRA Reminds Firms to Beware of Fraud During the Coronavirus (COVID-19) Pandemic
Tue, 05/05/2020 - 12:00
Regulatory Notice 20-12
FINRA Warns of Fraudulent Phishing Emails Purporting to be from FINRA
Mon, 05/04/2020 - 12:00
Information Notice – 3/26/20
Cybersecurity Alert: Measures to Consider as Firms Respond to the Coronavirus Pandemic (COVID-19)
Thu, 03/26/2020 - 12:00
Information Notice – 10/2/19
Cybersecurity Alert: Cloud-Based Email Account Takeovers
Wed, 10/02/2019 - 12:00
Information Notice – 4/29/19
Imposter Websites Impacting Member Firms
Mon, 04/29/2019 - 12:00
Information Notice – 2/13/19
FINRA Warns of Fraudulent Phishing Emails Targeting Member Firms
Wed, 02/13/2019 - 12:00
Information Notice – 6/19/15
Distributed Denial of Service (DDoS) Attacks on Member Firms
Fri, 06/19/2015 - 12:00
Information Notice 2/9/12
FINRA Warns Firms of Hoax Emails That Purport to Be From Regulators
Wed, 02/29/2012 - 12:00
Regulatory Notice 12-05
Verification of Emailed Instructions to Transmit or Withdraw Assets From Customer Accounts
Thu, 01/26/2012 - 12:00
Notice to Members 05-48
Members' Responsibilities When Outsourcing Activities to Third-Party Service Providers
Fri, 07/22/2005 - 12:00

Report / Study
2021 Report on FINRA’s Examination and Risk Monitoring Program
This Report on FINRA’s Risk Monitoring and Examination Activities (the Report) is designed to inform member firms’ compliance programs by providing annual insights from FINRA’s ongoing regulatory operations. For selected regulatory obligations, the Report: (1) identifies the applicable rule and key related considerations for member firm compliance programs, (2) summarizes noteworthy findings from recent examinations and outlines effective practices that FINRA observed during its oversight, and (3) provides additional resources that may be helpful to member firms.
February 01, 2021
Podcast
Overlapping Risks, Part 1: Anti-Money Laundering and Cybersecurity
Firm regulatory risks and priorities don't exist in a vacuum. And that is perhaps nowhere clearer than when it comes to a firm's anti-money laundering responsibilities. A firm's AML risks can overlap with any number of other priorities. On this episode, the first of a two-part series, we look at the overlapping risks of AML and cybersecurity.
October 27, 2020
Podcast
Introducing Greg Ruppert and the National Cause and Financial Crimes Detection Programs
Between the level of interconnectedness on the web and the sheer about of data available, we’re living in an era ripe for the perpetration of financial fraud. That makes it more important than ever for FINRA to have a holistic view of emerging trends and risks—and the ability to coordinate closely with other regulators and law enforcement. FINRA’s new National Cause and Financial Crimes Detection Programs (NCFC) will be the nerve center to do just that.
May 26, 2020
Virtual Conference Panel
How to Protect Yourself and Your Firm From Cyberattacks When Working From Home During COVID-19
Join FINRA staff and industry panelists as they provide examples of effective controls and tools their firms have put into place to monitor and address cybersecurity risks.
May 19, 2020
Guidance
Observations on Cybersecurity
While many firms have made significant improvements in their cybersecurity programs, cybersecurity attacks continue to increase in both number and level of sophistication. FINRA notes that such attacks often take advantage of and highlight weaknesses in a firm’s cybersecurity program.
October 16, 2019
Guidance
Common Cybersecurity Threats
This article highlights some of the common cybersecurity threats faced by broker-dealers. In a number of cases, FINRA has observed that different types of attacks were coordinated and overlapped.
July 09, 2019
Podcast
Bits & Bytes: A Look at Effective Cybersecurity Practices
Cybersecurity is a major challenge for everyone – but it can be a particularly big challenge for those in the financial industry. That’s why FINRA released a new report highlighting effective cybersecurity practices for FINRA member firms. Learn more in this episode of FINRA Unscripted.
December 20, 2018
A Few Minutes With FINRA
A Few Minutes With FINRA: Report on Selected Cybersecurity Practices – 2018
FINRA’s Senior Vice President of Member Relations and Education Chip Jones, leads a discussion with Chief Information Security Officer John Brady, Senior Director Steve Polansky and Kansas City Surveillance Director Dave Kelley, on FINRA’s 2018 report on selected cybersecurity practices. The discussion includes an overview of the report, which highlights effective practices in five challenging areas that firms should consider to strengthen and further develop their cybersecurity programs—as well as core cybersecurity controls for small firms. (30 min. 17 sec.)
December 20, 2018
Report / Study
2018 Report on Selected Cybersecurity Practices
This report continues FINRA’s efforts to share information that can help brokerdealer firms further develop their cybersecurity programs. Firms routinely identify cybersecurity as one of their primary operational risks. Similarly, FINRA continues to see problematic cybersecurity practices in its examination and risk monitoring program. This report presents FINRA’s observations regarding effective practices that firms have implemented to address selected cybersecurity risks while recognizing that there is no one-size-fits-all approach to cybersecurity.
December 01, 2018
Podcast
Cybersecurity Awareness Month: Stay Connected and Protected
In an era when much of our lives happen online, cybersecurity is more important than ever. But what do you do to protect your personal information? We all have a role to play in keeping ourselves secure. This National Cybersecurity Awareness Month, tune in to learn more about how you can keep yourself, your family and your clients safe online.
October 23, 2018
Compliance Tools
Cybersecurity Checklist
Protecting investors means protecting their data, too. Our Small Firm Cybersecurity Checklist supports small firms in establishing a cybersecurity program to:
July 12, 2018
Podcast
Combatting Cybersecurity Threats
From banking and investing to social media and shopping, the internet is an essential part of our daily lives. That means cybersecurity is more important than ever. That is particularly true for FINRA, which can process up to 99 billion records in a single day. Here, John Brady explains how FINRA stays cyber secure.
February 27, 2018
Video
Cybersecurity Experts Gather for FINRA Conference
Cybersecurity experts and regulators gathered in New York City on February 22, 2018 to focus on key ways the financial services industry can maintain cybersecurity.
February 26, 2018
2017 Exam Findings Report
Cybersecurity
Cybersecurity is one of the principal operational risks facing broker-dealers. Recent revelations regarding successful attacks at a number of different entities underscore the need for firms to be vigilant in addressing cybersecurity threats.
December 01, 2017
Compliance Tools
Non-FINRA Cybersecurity Resources
FINRA has assembled a list of resources that firms may use to manage their cybersecurity risk. These resources include: news and analysis; effective practices and guidance; and free diagnostic tools...
October 25, 2016
Compliance Tools
Small Firm Cybersecurity Checklist
FINRA has created a checklist to assist small firms in establishing a cybersecurity program.
May 23, 2016
Targeted Examination Letter
Targeted Examination Letter on Cybersecurity
FINRA is conducting an assessment of firms’ approaches to managing cyber-security threats. FINRA is conducting this assessment in light of the critical role information technology (IT) plays in the securities industry, the increasing threat to firms’ IT systems from a variety of sources, and the potential harm to investors, firms, and the financial system as a whole that these threats pose.
January 01, 2014

FINRA Publishes Report on Selected Cybersecurity Practices – 2018
December 20, 2018
FINRA Fines 12 Firms a Total of $14.4 Million for Failing to Protect Records From Alteration
December 21, 2016
FINRA Fines Scottrade $2.6 Million for Significant Failures in Required Electronic Records and Email Retention
November 16, 2015
FINRA Issues Report on Cybersecurity Practices, Cybersecurity Investor Alert
February 03, 2015
FINRA Warns Investors of Email Hack Attacks
January 26, 2012
FINRA Warns Public of Scam Using Fake FINRA Emails in "Phishing" Scheme
October 05, 2009
FINRA Fines Centaurus Financial $175,000 for Failure to Protect Confidential Customer Information
April 28, 2009
FINRA Warns Job Seekers About Online Classifieds Scams Aimed at Identity Theft, Financial Fraud
May 12, 2008

Investor Education
5 Tips to Stay Safe Online This National Cybersecurity Awareness Month
These days, so much of our lives happen online. That makes cybersecurity more important than ever before. This National Cybersecurity Awareness Month, we’ve got five tips to help to stay safer and more secure online.
Investor Alert
Keeping Your Account Secure: Tips for Protecting Your Financial Information
Your brokerage firm has an obligation to safeguard your personal financial information. And every investor should take time to understand their firm’s cybersecurity procedures. But even the best procedures cannot prevent all instances of identity theft—especially if the vulnerability lies with you, the customer. Here are critical steps you can take to safeguard your financial accounts and help prevent identity theft.
Investor Alert
Cybersecurity and Your Brokerage Firm
Information technology (IT) plays a critical role in the securities industry. Unfortunately, cyber threats to the information and computer systems of brokerage firms are increasing, and with these threats comes the risk of potential harm to investors.
Investor Alert
"Phishing" and Other Online Identity Theft Scams: Don't Take the Bait
FINRA is updating this Alert to tell you about some of the latest online identify theft scams targeting financial sector customers and to provide tips for spotting and avoiding these scams.
Investor Education
Safeguarding Your Financial Information: An Identity Theft Prevention Checklist
Use this checklist to safeguard your sensitive information and help keep identity thieves at bay.