The Financial Industry Regulatory Authority (FINRA) published its Annual Regulatory Oversight Report this week, which provides member firms with a recap of recent regulatory activities they can use to strengthen their compliance programs.
Formerly known as the Report on FINRA’s Examination and Risk Monitoring Program, the report looks at 26 compliance-related topics and highlights the key considerations for firms’ compliance programs. It also summarizes noteworthy findings or observations from recent oversight activities, outlines effective practices that FINRA observed, and provides additional resources to help firms in reviewing their supervisory procedures and controls.
“The report’s findings from across FINRA’s Member Supervision, Market Regulation and Enforcement programs can serve as a valuable resource for member firms,” Greg Ruppert, executive vice president, member supervision at FINRA, said. “As our industry evolves, so do the compliance challenges faced by firms, which is why the report is so critical. Some of the topics covered will be familiar from past reports, updated for 2024, while others are new and represent emerging risks and evolving trends that are of growing importance as we look ahead.”
One of the new topics covered in the report is Crypto Asset Developments. The report provides some considerations for firms that may want to account for crypto asset-related risks, as well as guidance for firms contemplating engaging in crypto asset-related activities.
Another key topic is Cybersecurity. FINRA noted that it has observed an increase in the variety, frequency, and sophistication of certain cybersecurity incidents, including the establishment of imposter websites, insider threats, ransomware and cybersecurity events at critical vendors. FINRA has provided guidance related to identifying, preventing and mitigating incidents through its Cybersecurity Topic Page and its new Industry Risks and Threats Resource page.
It also examined Anti-Money Laundering (AML), Fraud and Sanctions. FINRA member firms are required to develop a written AML program that is designed to monitor the firm’s compliance with the Bank Secrecy Act. Related considerations in the report include the scope of an AML program, suspicious activity reporting, and customer onboarding. Other key topics addressed include Reg BI and Form CRS and the Consolidated Audit Trail (CAT).