On February 9, 2022, the Financial Industry Regulatory Authority (FINRA) released its 2022 Report on FINRA’s Risk Review and Oversight Program (Report), in which it identifies its review areas for FINRA member firms (companies) in 2022. This is the second year of FINRA’s new reporting system, which replaced the previous format for focus on review – the Risk Monitoring Program Priority Letter and review. the Report builds on last year’s report by adding new areas (see February 2021 GT Alert) of interest and new material related to established areas of interest.

The report addresses several key topics in four distinct categories: business operations, communications and sales, market integrity, and financial management. The areas highlighted in these four categories were:

  • Best Interest Regulation (Reg BI) and CRS form

  • Consolidated Audit Trail (CAT)

  • Order processing, best execution and conflicts of interest

  • Mobile app

  • Special Purpose Acquisition Companies (SAVS)

  • cyber security

  • Complex products

Further discussion of these highlighted topics follows below. The report also contains an appendix that describes how companies can use the report in their compliance programs.

Reg BI and CRS form

In the first full year of implementation of Reg BI and Form CRS, FINRA has expanded the scope of its reviews of business practices, processes and conduct in relation to both. This included establishing and applying adequate written monitoring procedures (WSP); filing, delivering and tracking accurate CRS forms; make recommendations consistent with Reg BI’s duty of care; identify and mitigate conflicts of interest; and providing effective staff training. In the report, FINRA further notes initial findings from its Reg BI and Form CRS reviews over the past year and promises to share additional findings at a later date.


FINRA continued to assess firms that receive or issue orders for National Market System (NMS) stocks, over-the-counter (OTC) equity securities and listed options to comply with Rule 613 of the the Securities Exchange Act of 1934 (Exchange Act) and the CAT NMS Plan FINRA Rule 6800 Series (Consolidated Audit Trail Compliance Rule) (collectively, the CAT Rules). The report discusses compliance with certain CAT-related obligations, including reporting CAT information to the trade repository and maintaining an effective oversight process (including clock synchronization performed by third-party vendors).

Order processing, best execution and conflicts of interest

FINRA also continued to assess firms’ compliance with their best execution obligations under FINRA Rule 5310 (best execution and interposition). FINRA says such oversight is a “cornerstone” of their oversight programs and acknowledges that it has evolved with changes in corporate business models, including but not limited to the “zero committee”.

As noted in last year’s report, FINRA launched a targeted review it conducted to “assess the impact that not charging commissions has or will have on routing practices and decisions.” company orders, and on other aspects of company activity”. he expects to share his findings at a later date.

In addition, FINRA is focused on the firm’s compliance with Rule 606 of the NMS Regulations, which requires brokers to disclose information regarding the processing of their clients’ orders for NMS stocks and listed options. FINRA believes that the information provides transparency to customers and can help them in a number of ways, including: understanding their company’s order routing and processing; assess the quality of order fulfillment services provided by their company; and determine whether their company is effectively managing potential conflicts of interest that may impact their company’s routing decisions.

Mobile app

FINRA recognizes the impact of mobile apps on businesses that attract and engage with customers. FINRA believes that these innovations can benefit investors in several ways, including increasing market participation; increase product availability; and strengthen education in the financial concept. However, FINRA also notes that these apps raise new questions and potential concerns, such as encouraging retail investors to engage in trading activities and strategies that are inconsistent with their investment goals or risk tolerance. , and questions about app interface design and how it might influence investors. behviour.

FINRA says it has identified significant issues with certain mobile apps’ communications with customers and the monitoring of activity on those apps (particularly controls around account sign-ups). FINRA has also observed the social media use of mobile apps to acquire customers and recently launched a targeted review to assess companies’ practices in this area. These targeted reviews include the firms’ management of their obligations related to information collected from these clients and other persons who may provide data to the firms. Like many of the other topics highlighted, FINRA will share the results of its mobile app review at a later date.


FINRA has also focused on SPACs due to the increased use of these vehicles – which more than doubled from 2019 to 2021 – to take companies public. Although FINRA recognizes how SPACs can provide companies with access to various funding mechanisms and enable investors to access new investment opportunities, it has nevertheless placed greater emphasis on broker compliance with regulatory obligations. in the execution of SPAC transactions based on their increased use. FINRA launched a targeted review in October 2021 to explore a range of issues regarding SPACs, including how firms manage potential conflicts of interest in SPACs, whether firms perform adequate due diligence on targets of merger and whether companies provide adequate information to customers. As with the rest of the highlighted areas of interest currently under review, FINRA will share its review findings with companies at a later date.

cyber security

Cybersecurity threats are one of the top risks to businesses and customers, and FINRA has observed an increase in the frequency and sophistication of these threats. Two notable recent cybersecurity threats included phishing emails fraudulently claiming to be from FINRA and new customers abusing Automated Clearing House “instant funds”. Additional Cybersecurity Threats FINRA has issued guidance regarding the increased use of malicious actors using email accounts of registered representatives or compromised employees to execute transactions or transfer money; using customer information to gain unauthorized entry into customer email accounts, online brokerage accounts, or both (i.e. customer account takeover (ATO) incidents); and the use of synthetic identities to fraudulently open new accounts. FINRA will continue to assess the company’s cybersecurity programs to protect sensitive customer and company information. They will also share information on effective practices that businesses can employ for themselves and their customers and will share threat intelligence where appropriate.

Complex products

FINRA will continue to review the firm’s communications and disclosures made to clients regarding complex products. In addition, it will review customer account activity to assess whether the firm’s product recommendations are in the best interest of the retail customer, taking into account their investment profile and the associated potential risks, benefits and costs. product recommendations. In August 2021, FINRA launched a targeted review to examine firms’ practices and controls related to opening options accounts that may be used to engage in complex strategies involving multiple options (such as spreads). As with the rest of the FINRA exam objectives, he will share his targeted exam results at a later date.


FINRA continues to ensure that companies perform their duties and comply with FINRA, SEC and other rules. Stakeholders should be aware that this list of priorities, while comprehensive, is not exhaustive, and that priorities and focus are subject to change due to current events and/or changes in law.

©2022 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume XII, Number 55