Skip to main content

Guidance

We offer guidance to firms in the form of podcasts, webinars, FAQs, reports, and more. Use the toggle below to find guidance by topic, type or date. 

5 A B C D E F G H I L M N O P Q R S T V
Media Center
These days, it's not a matter of if, but when, when it comes to cybersecurity incidents, which is why it's essential for all firms to ensure they're prepared for the inevitable. On this episode, we're catching up with two members of FINRA's Complex Investigations and Intelligence Team for an update on the cyber threat landscape and what firms should be thinking about and doing in response to the latest trends.
April 02, 2024
Arbitration and Mediation
The Neutral Corner – Volume 1—2024
March 29, 2024
Media Center
Recently, FINRA's Market Regulation and Transparency Services (MRTS) team realigned its structure around specific functions, rather than around specific rules or products. On this episode, we hear from three of the group's senior leaders to learn how the change allows MRTS to be more nimble in addressing and anticipating risks, to better leverage its data and more.
March 19, 2024
Media Center
While Generative AI and large language models present numerous opportunities to create business efficiencies and offer many potential benefits to firms, regulators and investors, they also introduce unique risks. On this episode, we hear from three experts at FINRA who are closely looking at these technologies and following developments in this space.
March 05, 2024
Guidance
As we approach the end of the first quarter of 2024, FINRA’s Cyber and Analytics Unit (CAU) proactively warns member firms of continuing social engineering campaigns involving fraudulent representations of individuals purporting to be FINRA representatives. As with many types of social engineering campaigns, threat actors may use website domain names (sites) that are similar to FINRA.org (e.g., Finra-latam.org, finra.world, finra.eu), fraudulently use FINRA’s logo or purport to be legitimate FINRA employees. These domains and individuals are not associated with FINRA.
March 01, 2024
Media Center
On this episode, we dig into a new report from the FINRA Investor Education Foundation, Investors of Color in the United States, that highlights interesting trends related to the pace at which Black/African American, Hispanic/Latino and Asian American/Pacific Islander investors are entering the market, their views on risk, where they're receiving information and more.
February 20, 2024
Guidance
Request for TRACE Reporting Exemption Under FINRA Rule 6732
February 08, 2024
Media Center
FINRA Enforcement works tirelessly on the front lines of investor protection, and this tremendous undertaking demands steadfast leadership. On this episode of FINRA Unscripted, we are reintroduced to Bill St. Louis, FINRA's new Executive Vice President and Head of Enforcement, to learn more about what's on the horizon for Enforcement in the new year.
February 06, 2024
Guidance
LockBit, one of the most deployed ransomware variants in recent years, continues to impact organizations across the globe, including FINRA member firms. Since November of 2023, FINRA has received reports from several member firms related to cyber incidents allegedly perpetrated by LockBit. The reported incidents varied in severity from no impact to significant disruptions in firms’ business operations. As a result, the Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision Program is notifying firms of the increased activity of this threat actor to heighten awareness and visibility of this risk. CAU is also providing a compilation of resources that outline effective practices firms may consider in response to this elevated risk.
January 25, 2024
Media Center
On this episode, we delve into the results of FINRA's targeted review of certain member firms and their communications to retail investors regarding crypto products and services.
January 23, 2024
Media Center
As a self-regulatory organization, information sharing is key to FINRA's pursuit of its mission of investor protection and market integrity, and no single resource is a better example of that than FINRA's Annual Regulatory Oversight Report. On this episode, we hear from four leaders within FINRA's Member Supervision department to discuss highlights from the 2024 report.
January 09, 2024
Report / Study
The 2024 FINRA Annual Regulatory Oversight Report provides member firms with insight into findings from FINRA’s Member Supervision, Market Regulation and Enforcement programs.
January 09, 2024
FAQ

Published January 5, 2024.
Updated July 10, 2024.*

January 05, 2024
Arbitration and Mediation
The Neutral Corner – Volume 4—2023
December 29, 2023
FAQ
Q1. Who can offer or sell securities under Regulation Crowdfunding? A1. Regulation Crowdfunding allows eligible issuers1 to offer and sell securities through the platform of a broker-dealer or funding portal that is both registered with the SEC and a FINRA member (an “intermediary”). This activity must be conducted exclusively through the platform of a single intermediary. A firm cannot act as an intermediary if it is not a registered broker-dealer or a registered funding portal, and is not a member of FINRA.
December 20, 2023
Guidance
With the holiday season upon us and 2023 coming to an end, FINRA’s Cyber and Analytics Unit (CAU) would like to remind member firms to prepare for cyber threats and attacks that may occur around the holidays. Member firms and their vendors should consider reviewing and validating their Written Supervisory Procedures (WSPs), continuing to educate their employees with respect to cybersecurity and effective practices, and testing incident response plans (IRPs) to prepare for, prevent, or recover from an incident.
December 12, 2023
Guidance
FINRA’s Cyber and Analytics Unit (CAU) is highlighting an Okta data breach spanning from September 28 to October 17, 2023 that impacts Okta customer support system users.  Okta reported that threat actors downloaded names and email addresses, along with other relevant metadata, of their customer support system users. The information could be leveraged in phishing or other social engineering attacks and potentially lead to the targeting of firm personnel in an Okta administrator or customer support role.
December 11, 2023
Guidance
The prevalence of cybersecurity incidents continues to increase at FINRA member firms. As a result of the continued proliferation of cybercrime, the Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision program is issuing this advisory to highlight effective practices and considerations for member firms when responding to cyber incidents, including the benefits of voluntarily reporting information related to the incident to various entities.
November 30, 2023
Guidance
Due to increased reports related to cyber incidents occurring at FINRA member firms which have been attributed to specific threat actors, the Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision Program is highlighting a recent joint Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) Cybersecurity Advisory published on November 16, 2023, which may be updated as new intelligence is uncovered.
November 17, 2023
Guidance
FINRA is highlighting recently reported vulnerabilities that impact Citrix NetScaler services including NetScaler ADC and NetScaler Gateway. Threat actors can exploit these vulnerabilities to exfiltrate sensitive information and to infect data and systems with ransomware. These Citrix services are typically used in support of internet-based application systems, to balance and manage incoming requests, and to enhance security and resiliency.
November 10, 2023
Report / Study
/**/

Quantum mechanics is a branch of physics that deals with the complex properties of atoms and sub-atomic particles.2 Quantum computing leverages the principles of quantum mechanics to solve problems too large or complex for traditional computers.

October 30, 2023
Guidance
This notification is to warn member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using the domain name “@rfs-finra.org”.
October 13, 2023
FAQ
The following questions and answers provide guidance regarding the operation of FINRA Rule 2080, which was formerly NASD Rule 2130.
October 12, 2023
FAQ

Effective October 16, 2023, FINRA revised Rules 12800 and 12805 of the Code of Arbitration Procedure for Customer Disputes (Customer Code) and Rule 13805 of the Code of Arbitration Procedure for Industry Disputes (Industry Code) relating to the expungement of customer dispute information from the Central Registration Depository (CRD®). These frequently asked questions provide guidance regarding these rules.

October 12, 2023