Finance, analytics and technology concept

FINRA: what the agency’s priorities are for 2025

Authors

  • Walid Raad

    US Forensics Financial Services Leader

  • Bob Boyle

    Senior Manager, Forensic & Integrity Services, Ernst & Young LLP

3 minute read 01 May 2025
Related topics
Forensic & Integrity Services

Explore FINRA’s 2025 priorities, which emphasize Reg BI enforcement, cybersecurity, market surveillance and emerging risks.

In brief
  • The agency emphasizes protecting seniors from investment scams and enhancing market surveillance to combat manipulation and ensure compliance.
  • FINRA has identified key emerging risks that it is focusing on, including third-party risk, artificial intelligence and its use, and cyber-enabled fraud.

In 2025, the Financial Industry Regulatory Authority (FINRA) will continue to enforce priority issues in addition to addressing emerging risks. Recently, EY Forensics heard from FINRA representatives directly who spoke as part of a forum hosted in New York titled FINRA's 2025 Regulatory Operations Programs to further understand the agency’s priorities for the year ahead.

Download the full article

PDF (2 MB)

How EY can help

FINRA’s areas of focus for this year include:

  • Enforcement of regulations for Best Interest (Reg Bl), best execution, Consolidated Audit Trail (CAT), market manipulation and cybersecurity
  • Increased volumes of best execution cases as well as a focus on the handling of Regulation Crowd Funding (Reg CF) offerings by broker-dealers and funding portals
  • Commitment to protecting seniors from investment scams, as FINRA is expected to see more cases addressing elder abuse

Issues in focus

 

Regulation Best Interest

 

FINRA discussion points and focus:

  • Advisors providing recommendations without developing a sufficient understanding of the associated features and risks
  • Inadequate disclosures, conflicts of interest, and insufficient training of associated persons and supervisors
  • Firm cooperation — thoughtful cooperation and remediation can result in reduced penalties.

Emerging trends:

  • Advisor recommendations involving Registered Index-Linked Annuities (RILAs), which essentially force liquidation at a specified date, even if market conditions are unfavorable.
  • There are liquidity concerns given the tie to indexes.
  • Firms should evaluate what the customer is losing in this exchange given the terms that can be applied to RILAs (e.g ., cap rate, surrender charges, participation rate) as well as how firms surveil advisor and RILA activity for Reg Bl implications.
  • Double-dipping on fees: opening accounts and then changing/moving the account (e.g., from variable annuity to RILA)

Market surveillance

FINRA discussion points and focus:

  • Emphasis on market surveillance protecting against market manipulation
  • Reasonable supervision of CAT, timely corrections, design of surveillance systems, and accurate recordkeeping

Emerging trends:

  • Market access and the focus on CAT continues to be a staple. Customer and Account Information System (CAIS) reporting obligations were made effective as of May 2024.
  • Firms that participate in extended hours trading must comply with trade reporting, CAT reporting, and provide a risk disclosure statement for customers.
  • The customer should understand what happens when trading during that time.
  • There is growth with extended hours trading as Alternative Trading Systems (ATS) and exchanges increasingly announcing them.
  • From an enforcement perspective, FINRA observed that firms are not conducting testing on surveillance systems, and external tips are not responded to.
  • Firms must follow up on red flags (e.g., layering, spoofing , close sales, wash sales, small cap IPO manipulation).

Emerging risks

Key considerations

Third-party risk
  • In recent years, FINRA has observed an increase in cyber attacks and outages at third-party vendors used by member firms.
  • Firms are encouraged to have ongoing discussions with their Risk Monitoring Analysts (RMAs) on potential bad actors and changes to third-party artificial intelligence (AI) systems.
  • FINRA advises firms to be proactive in establishing adequate third-party risk management policies, such as assessments and contingency plans. Firms are obligated to maintain supervisory procedures and conduct ongoing due diligence on third-party vendors.

Artificial intelligence
  • FINRA is concerned with the “speed to market” of AI, which may cause firms to overlook concerns such as accuracy or bias, exploitation by bad actors and compliance with regulatory requirements.
  • Firms should consider risks associated with third-party vendors’ use of Generative AI (GenAI) (e.g., leakage of personally identifiable information (PII) and proprietary information).
  • FINRA views AI from a technologically neutral stance. Firms should test before deploying, incorporate controls and include all relevant stakeholders in discussions.

Cyber-enabled fraud
  • New account fraud: malicious use of GenAI to create synthetic IDs and falsified customer information (e.g. false identification documents, deepfake media).
  • Continued focus on managing customer information through Customer Identification Program (CIP)/Customer Due Diligence (CDD) efforts. Automated tools and software are often utilized to address customer onboarding and maintenance, which should be calibrated and tested accordingly.
  • Increase in digital “boiler room” schemes where chat rooms and social media lure investors into opening accounts via online investment clubs.

Summary 

In 2025, FINRA will focus on enforcing regulations for Reg BI, CAT, market manipulation and cybersecurity. The agency expects increased volumes of best execution cases and more cases addressing elder abuse.

About this article

Authors

  • Walid Raad
    US Forensics Financial Services Leader
  • Bob Boyle
    Senior Manager, Forensic & Integrity Services, Ernst & Young LLP
Related topics
Forensic & Integrity Services

Related articles

How contractors can avoid delays in federal disaster grant payments

Timely payments under federal grants for disasters require planning, coordination and execution by grantees, subgrantees and contractors. Learn more.

Bradley (BJ) Nichols + 1

Increasing litigation and regulatory focus on cash sweep accounts

Institutions facing class action lawsuits and regulatory scrutiny over cash sweep accounts. Forensics can provide litigation and investigation support.

Walid Raad + 1

Transforming compliance with advanced strategies and technologies

Learn how multinationals are approaching compliance challenges and driving advancements. Read the 2024 Global Integrity Report – US edition.

Liban Jama + 1

    EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.