March 28, 2023

Volume XIII, Number 87


March 27, 2023

Subscribe to Latest Legal News and Analysis

2023 Report on FINRA’s Examination and Risk Monitoring Program

On Jan. 10, 2023, the Financial Regulatory Authority (FINRA) released its 2023 Report on FINRA’s Examination and Risk Monitoring Program (“Report”) in which it identifies the year’s areas of examination focus for FINRA Member Firms (“Firms”). This is the third year for FINRA’s new reporting system, which replaced the prior format for examination focus, the Risk Monitoring and Examination Program Priorities Letter. The Report builds on last year’s (see GT Alert) by adding a new focus area–Financial Crimes–and adding new materials related to established areas of focus.

The Report addresses several key topics from five distinct categories: Financial Crimes, Firm Operations, Communications and Sales, Market Integrity, and Financial Management. Highlighted areas from these categories are:

  • Regulation Best Interest (“Reg BI”) and Form CRS (customer relationship summary)

  • Consolidated Audit Trail (CAT)

  • Order Handling, Best Execution, and Conflicts of Interest

  • Mobile Apps

  • Cybersecurity

  • Complex Products and Options

A more thorough discussion of these highlighted topics follows below. The Report also contains an Appendix that describes how Firms can use the Report in their compliance programs.

Reg BI and Form CRS

Reg BI and Form CRS continue to be FINRA’s focal points. Firms are expected to ensure: (1) recommendations adhere to Reg BI’s Care Obligation; (2) conflicts of interest are identified and addressed; (3) all material facts related to conflicts of interest are disclosed to retail customers; (4) adequate written supervisory procedures are established and enforced; and (5) accurate Forms CRS are filed, delivered, and tracked. Firms should regularly consider new interpretative guidance from the SEC when reviewing and updating their compliance approaches.


Continuing from last year, FINRA will evaluate Firms that receive/originate orders in National Market System (NMS) stocks, over-the-counter (OTC) equity securities, and listed options to ensure compliance with the Securities Exchange Act of 1934 (“Exchange Act”), Rule 613, and the CAT NMS Plan FINRA Rule 6800 Series (“Consolidated Audit Trail Compliance Rule”) (collectively, CAT Rules). When determining whether Firms complied with CAT Rules, FINRA checks that Firms are doing timely reportable event and correction submissions, reporting complete/accurate CAT records, and effectively supervising third-party vendors.

Order Handling, Best Execution, and Conflicts of Interest

FINRA also continues to evaluate whether Firms comply with their best execution obligations, pursuant to FINRA Rule 5310 and Rule 606 of Regulation NMS. FINRA assesses whether Firms fully and promptly execute marketable customer orders, adequately conduct “regular and rigorous reviews,” and conspicuously disclose specific terms related to all profit-sharing relationships with venues used to route orders. Additionally, the Report includes findings and observations from the targeted exam started in 2020, targeted efforts noted in last year’s Report, and targeted reviews of wholesale market makers and their order handling practices for customer orders received from other broker-dealers.

Mobile Apps

While FINRA pointed out in last year’s Report that there are many benefits to investors regarding mobile apps, they also noted that such apps raise novel questions and potential concerns. Such concerns include the potential to encourage retail investors to engage in trading activities and strategies that may not be consistent with their investment goals or risk tolerance, as well as concerns about the apps’ interface designs and functionality and their influence on investor behavior. Potential issues that FINRA has observed with some mobile apps include not adequately distinguishing between products and services of the broker-dealer and those of affiliates or other third parties (such as transactions involving crypto assets). FINRA also continues to monitor how mobile apps disclose and explain risks of higher-risk products or services.


FINRA believes cybersecurity threats continue to be one of the most significant risks many customers and Firms face. They note that the frequency, sophistication and variety of attacks continue to increase; including such attacks as customer account intrusions, ransomware attacks and cyber-enabled fraud. In August 2022, FINRA established the Cyber and Analytics Unit (CAU) to enhance their ability to deal with cyber threats as well as the growth of the crypto-asset market. FINRA’s CAU utilizes teams that examine Firms’ cybersecurity risk management through reviews of their control; conduct investigations of cyber-related fraud; and investigate and examine crypto-asset activity.

FINRA has also increased cybersecurity threat outreach to member Firms. These efforts include email alerts to Firms’ Chief Information Security Officers (CISOs) and Chief Compliance Officers (CCOs), and notifying Firms when they have identified website(s) or social media profiles that may be attempting to impersonate that Firm, one or more of the Firm’s current or previous registered representatives, or individuals purporting to be associated with the Firm. In December 2022, FINRA issued Regulatory Notice 22-29 (FINRA Alerts Firms to Increased Ransomware Risks) to provide Firms with questions they can use to evaluate their cybersecurity programs, including information about possible additional ransomware controls and relevant resources.

Complex Products and Options

FINRA will continue to review Firms’ communications and disclosures to customers in relation to complex products. FINRA will also review customer account activity to assess whether Firm recommendations regarding complex products are in the best interest of the retail customer given their investment profile and the potential risks, rewards, and costs. In March 2022, FINRA issued Regulatory Notice 22-08 (FINRA Reminds Members of Their Sales Practice Obligations for Complex Products and Options and Solicits Comment on Effective Practices and Rule Enhancements) to reiterate Firms’ current regulatory obligations and solicit comments on Firms’ effective practices and the regulatory framework regarding complex products and options.

In November 2022, FINRA announced a targeted exam of Firms’ retail communications regarding crypto assets. FINRA will be evaluating whether these communications contain false or misleading statements or claims, misrepresent the extent to which the federal securities laws or FINRA rules apply to a crypto asset product or service, or fail to balance the benefits of crypto asset products with their associated investment risks. FINRA will share its findings from these reviews at a future date.

In December 2022, FINRA provided an update on its targeted exam of Firms’ practices and controls related to the opening of options accounts and related areas, including account supervision, communications and diligence. The update includes a list of questions for Firms to consider—based on FINRA’s observations to date—when evaluating whether their supervisory systems are reasonably designed to address risks related to supervising the approval of options accounts (both self-directed and full-service brokerage accounts) and monitoring the trading activity in options accounts.


FINRA continues to ensure Firms perform their duties and comply with FINRA, SEC, and other rules required of them. This list of priorities, while thorough, is not exhaustive, and priorities and focus are subject to change due to current events and/or changes in the law.

Special thanks to Law Clerk/JD Leisel O. Greig˘ for her valuable contributions to this GT Alert.

˘ Not admitted to the practice of law.

©2023 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume XIII, Number 38

About this Author

Richard Cutshall, Greenberg Traurig Law Firm, Chicago, Corporate, Finance and Real Estate Law Attorney

Richard M. Cutshall has experience representing clients in a variety of investment management, corporate, and general securities matters, including the representation of mutual funds and other funds registered under the Investment Company Act of 1940, fund independent directors, unregistered investment companies, federally registered and state registered investment advisers, broker-dealers, and an array of public and private companies. 

Rich represents clients in all aspects of investment company practice, including organizing and forming new...

Arthur Don, Greenberg Traurig Law Firm, Chicago, Corporate and Finance Law Attorney

Arthur Don is the Co-Chair of the Investment Regulation Group. He has more than 30 years of experience representing mutual funds, public investment companies, fund independent directors, investment advisers, private investment funds, private equity funds, real estate funds, broker-dealers and public companies in a variety of sophisticated securities transactions. His experience includes various aspects of investment company practice, from organizing new funds through acquisitions and mergers of funds. Arthur has represented issuers and underwriters in numerous public...

William B. Mack, Greenberg Traurig Law Firm, New York, Finance Law Attorney

William B. Mack is part of the firm’s government affairs and financial regulatory and compliance groups. He is experienced in advising companies on regulatory and compliance matters relating to the Securities and Exchange Commission regulations, the Exchange Act, Anti-Money Laundering laws and Financial Industry Regulatory Authority (FINRA) rules.

William’s practice involves all aspects of broker-dealer regulation, including Self-Regulatory Organization (SRO) membership, supervision, employment, research, soft dollar arrangements, chaperoning of...


Douglas W. Hathaway is a member of the Corporate Practice in Greenberg Traurig’s Chicago office.