FINRA Signals Expanded Enforcement Priorities in Annual Report | BakerHostetler

Key Takeaways
  • The Financial Industry Regulatory Authority’s (FINRA) annual Examination and Risk Monitoring Program report (the Report) contains several new sections, including a section on financial crimes.
  • The Report also focuses on the growing risks to customers and firms posed by cybersecurity threats and discusses the establishment of FINRA’s Cyber and Analytics Unit.
  • Throughout the Report, firms are urged to assess and strengthen their internal compliance and reporting structures to combat growing threats from cybercrime, fraud and other bad actors.

The 2023 Report on FINRA’s Examination and Risk Monitoring Program was published on Jan. 10, 2023. In a statement accompanying the Report, Greg Ruppert, executive vice president of FINRA’s Member Supervision organization, noted that this year the agency had “increased the breadth of the report’s coverage by adding several new topics focused on insights originating in our market surveillance activities.” The Report, which provides insights into findings from the oversight activities of FINRA’s Member Supervision organization, including the Market Regulation and Enforcement programs, contains a new financial crimes section covering cybersecurity, anti-money laundering (AML) and manipulative trading.

Speaking on a FINRA published podcast released with the Report, Bill St. Louis, executive vice president of FINRA’s National Cause and Financial Crimes Detection Program, said they chose to highlight financial crimes “not only because of what we’re hearing and seeing from firms, but [because] we also wanted to just underscore our increased focus on protecting investors and safeguarding market integrity against these ongoing threats.”

Cybersecurity and Technology

The Report warns that cybersecurity risks, ranging from ransomware attacks to network intrusions, continue to be among the most serious threats facing the financial industry. St. Louis also noted that FINRA identified instances in which firms lacked reasonably designed procedures to investigate cyber events and determine whether a suspicious activity report needed to be made. St. Louis emphasized the importance of prompt reporting, stating that “member firms should ensure that they have established written escalation procedures and recurring cross-department communication between AML, compliance and any other relevant business being in a position to detect and escalate red flags.”

Among a number of suggested effective practices, the Report urges firms to regularly assess their cybersecurity risk profile and ensure that they have clear procedures for identifying and responding to potential cyberattacks.

Manipulative Trading

According to the Report, FINRA encountered inadequate written supervisory procedures that did not identify specific individuals responsible for monitoring for manipulative conduct or that failed to outline the processes for escalating and reporting manipulative conduct. To combat manipulative trading practices, which may include front running, trading ahead, wash trades, layering or spoofing, the Report encourages firms to strengthen their surveillance systems and monitor for these types of suspicious activities. Surveillance systems must be nimble to detect manipulative trading activity, which can occur in many different forms.

AML, Fraud and Sanctions

Reflecting FINRA’s broadened focus on financial crimes, the AML section of the Report covers a wide range of issues, including automated customer account transfer services fraud, sanctions evasion and manipulative trading in initial public offerings for small-cap, exchange-listed issuers.

Across these issues, FINRA cited a need for firms to evaluate their internal compliance and risk management programs in order to confirm they are monitoring for and adequately reporting on these increasingly complex forms of fraud.

St. Louis urged firms to take a holistic approach to compliance in this area, noting that “the ways in which money laundering, fraud and cybersecurity threats are merging often means that firm AML programs must work more closely with business units that are in perhaps a better position to detect and escalate red flags to the AML program.”


St. Louis warned that firms must be prepared to adapt to rapidly shifting threats and risks, saying, “It’s clear that as the fraudulent activities evolve, the firms need to evolve their approach in this space.” As FINRA signals an increased focus on financial crimes, firms would be well advised to reassess their internal reporting and compliance policies, particularly with respect to the detection of and response to cybersecurity, fraud and suspicious trading activity.  

[View source.]