Skip to main content

How to Use the Report

We selected the topics in this Report for their interest to the largest number of member firms; consequently, they may include areas that are not relevant to an individual member firm and omit other areas that are applicable.

FINRA advises each member firm to review the Report and consider incorporating relevant elements into its compliance program in a manner tailored to its activities. The Report is intended to be just one of the tools a member firm can use to help inform the development and operation of its compliance program; the Report does not represent a complete inventory of regulatory obligations, compliance considerations, findings, effective practices or topics that FINRA will examine.

FINRA also reminds member firms to stay apprised of new or amended laws, rules and regulations, and update their written supervisory procedures (WSPs) and compliance programs on an ongoing basis. FINRA encourages member firms to reach out to their designated Risk Monitoring Analyst if they have any questions about the considerations, findings and effective practices described in this Report.

Each area of regulatory obligations is set forth as follows:

Regulatory Obligations and Related Considerations


A brief description of:

  • relevant federal securities laws, regulations and FINRA rules; and
  • questions firms may consider in designing or strengthening their compliance programs.

Findings and Effective Practices


  • Noteworthy findings that FINRA has noted at some—but not all—member firms, including:
    • new findings from recent examinations, market surveillance, investigations or enforcement activities;
    • findings we highlighted in prior Reports and that we continue to note in recent oversight activities;
    • in certain sections, some topics are noted as “Emerging Risks” representing potential concerns due to an evolving regulatory landscape and may pose new or additional risk (e.g., New Account Fraud); and
    • for certain topics—such as Cybersecurity, Liquidity Management and Credit Risk—observations that suggested improvements to a firm’s control environment to address potential weaknesses that elevate risk, but for which there were not specific rule violations.
  • Select effective practices FINRA observed through our oversight activities, as well as those we noted in prior Reports and which we continue to see, that may help member firms, depending on their business model, evaluate their own programs.

Additional Resources


A list of relevant FINRA Notices, other reports, tools and online resources.

The Report also includes an Appendix that outlines how member firms have used similar FINRA reports (e.g., Findings Reports, Priorities Letters) in their compliance programs.

As a reminder, the Report—like our previous Exam and Risk Monitoring Reports, Findings Reports and Priorities Letters—does not create any new legal or regulatory requirements or new interpretations of existing requirements, or relieve member firms of any existing obligations under federal securities laws and regulations. You should not infer that FINRA requires member firms to implement any specific practices described in this Report that extend beyond the requirements of existing federal securities provisions or FINRA rules. Rather, member firms may consider the information in this Report in developing new, or modifying existing, practices that are reasonably designed to achieve compliance with relevant regulatory obligations based on the member firm’s size and business model. Moreover, some questions may not be relevant due to certain member firms’ business models, size or practices.

Updates on FINRA’s Ongoing Targeted Exams