The constantly evolving landscape of third-party risks that are seen by Finra staff have been highlighted in its 2025 Regulatory Oversight Report.
The report differs from the regulator’s priorities letters that it published for many years and covers a broader range of topics that may help member firms to bolster their own compliance programs as part of Finra’s aim to support a healthy securities industry.
Among the topics highlighted in the report are several key risks to firms and investors including cybersecurity, AI, and investment fraud.
Some of the cybersecurity risks come from firms in the industry utilizing third-party technology providers for key systems and covered activities which could be vulnerable to a cyberattack or outage affecting a large number of firms.
The use of artificial intelligence by industry firms is increasing and Finra notes that while these tools have been used in financial services for several years and have multiple benefits for firms and investors, the report stresses the need to manage potential risks. Finra says it has observed that firms are proceeding “cautiously” with their use of Generative AI.
However, in a podcast published by Finra, Gregg Ruppert, executive vice president and head of member supervision, says there is increased risk within Automated Clearing House fraud that is “happening both by first party and third party actors, and then the adversarial use of the generative AI in order to amplify the threats to investors and firms.”
He added that Finra is engaging with firms to better understand how they are using GenAI and their compliance challenges.
Investment fraud by bad actors that directly targets investors is another area addressed in the report. This typically includes enticing victims to withdraw funds from their securities accounts and send the funds to the bad actors as part of a fraudulent scheme, the report finds.
Overall, the report covers 24 topics including extended hours trading, sales practice and Reg BI compliance, and rules concerning the Remote Inspections Pilot Program and Residential Supervisory Location designation.
“Monitoring the markets, anticipating and addressing risks, identifying and investigating trading violations, and leveraging data are all part of the important work that FINRA does to safeguard the integrity of our vibrant capital markets to ensure that everyone can invest with confidence,” said Stephanie Dumont, Executive Vice President and Head of Market Regulation and Transparency Services at FINRA. “Part of this work is reflected in our observations about manipulative trading, customer order handling and extended hours trading, among others, in this year’s Regulatory Oversight Report.”
Medicare scam, pandemic benefit theft, offshore tax evasion — federal prosecutors are casting a wide net.
Report finds that pension income acts as a financial lifeline for retirees facing late-life shocks and raises urgent questions about the DC-only future.
Nine-month electronic trading freeze and share lending program at the center of dismissed claim.
Meanwhile, Rossby Financial's leadership buildout rolls on with a new COO appointment as Balefire Wealth welcomes a distinguished retirement specialist to its national network.
With a smaller group of companies driving stock market performance, advisors must work more intentionally to manage concentration risks within client portfolios.
As technical expertise becomes increasingly commoditized, advisors who can integrate strategy, relationships, and specialized expertise into a cohesive client experience will define the next era of wealth management
Growth may get the headlines, but in my experience, longevity is earned through structure, culture, and discipline
