FINRA Compliance Services

In the United States the foundation of our entire economic system can be summed up with a single word: trust. This is especially true when it comes to investing. Every investor in America relies, above all, on a level playing field and fair financial markets. That is where FINRA comes in.

They enable individual investors and investment firms to participate in the market with confidence by safeguarding its trustworthiness. FINRA provides investment firms with recommended cybersecurity guidance and best practices to minimize risk and exposure of investors’ data. That in turn helps to ensure the integrity of today’s complex and dynamic markets.

Yet our investment and securities firm clients that follow these recommendations are burdened with the daunting responsibility of following countless complex regulations and protecting their clients’ data from relentless attack. Unfortunately, few of these firms would be considered IT experts; and most of them do not have the time or resources to dedicate to monitoring FINRA compliance.

And that is where FullScope IT comes in.

What IS FINRA?

FINRA stands for Financial Industry Regulatory Authority, Inc., a non-governmental organization (NGO) tasked with overseeing the regulatory, enforcement, and arbitration activities of the New York Stock Exchange. Working under the aegis of the Securities and Exchange Commission, this private corporation ensures that brokerage firms and exchange markets deal in a fair and ethical manner with their customers. At present there are over 4,250 brokerage firms and approximately 630,000 registered securities representatives overseen by FINRA.

The types of financial instruments that FINRA regulates include equities, corporate bonds, securities futures, and options. In addition to this oversight function, FINRA also:

• licenses and admits individuals and firms to the investment and securities industry;
• writes the rules and regulations to govern their behavior;
• examines member firms and individuals for regulatory compliance; and
• disciplines registered representatives and member firms that fail to comply with federal securities laws and FINRA's rules and regulations.

It is also charged with periodically conducting regulatory exams of its member institutions in various areas, including variable annuities and sales practices.

FINRA Services Provided by FullScope IT

Let FullScope IT serve as your FINRA expert. We will meticulously assess and strategically guide your regulatory compliance, freeing you to focus your business on assisting clients with well-earned confidence in your systems.

As a first step toward complying with FINRA security guidelines, we recommend undertaking a comprehensive Center for Internet Security Critical Security Controls (CIS-20) assessment. With this assessment we will identify security gaps and prioritize remediation recommendations.

Alternatively we can provide a Security Program Assessment, which will focus on the organization’s overall security program from a governance perspective, evaluating critical security controls while factoring in regulatory, business, and technology considerations to identify gaps in security and present a roadmap of prioritized remediation actions. This assessment reviews written and unwritten policies and determines how they are adhered to in order to develop an understanding of areas for improvement.

We can also conduct a Security Architecture Assessment, in which we review enterprise security architecture, identify gaps and associated risk, and provide strategic and tactical roadmaps to manage risk and support objectives. This assessment will verify the layout of the network and determine whether controls are located in the appropriate locations. We also validate operational processes and details around technical controls and provide roadmap for improvement.

The FullScope IT FINRA Services Advantage

• Assessment and analysis scaled to your business
• State-of-the-art network security evaluation
• Hard copy delivery of assessments and analyses
• Best practices recommendations specific to investment and securities firms

FINRA Q & A's

• What is FINRA?

  FINRA is a private company that is a self-regulatory organization (SRO). It regulates brokerage firms and exchange markets. FINRA is the result of combing the NYSE and the NASD regulatory divisions.

• What does FINRA stand for?

  FINRA stands for Financial Industry Regulatory Authority, Inc.

• What is FINRA license?

  FINRA licenses individuals to work in the financial industry, requiring individuals to follow certain rules and evaluate their compliance to regulations in the industry.

• What does FINRA do?

  FINRA regulates trading in a variety of different markets, like equities and futures. It also acts as an arbiter in disputes between customers and firms.

• How long does FINRA continuing education take?

  FINRA continuing education varies depending on the position. For example, a certified financial planner® practitioner needs to do 30 hours of CE every two years. Each different professional designation has a different requirement.

• From a FINRA perspective, what do we need to do in the event of a cyberattack or a data breach?

  While you still need to follow standard incident response best practices, such as contacting your information security team and your legal team, FINRA adds additional requirements. According to FINRA guidance, your first steps should be to report the incident to your local FBI field office, and then your FINRA Regulatory Coordinator.