Skip to content
Crypto Employee Conflicts of Interest Insider Trading NA Regulations

FINRA Regulatory Obligations and Related Considerations 2024

FINRA released their 2024 FINRA Annual Regulatory Oversight Report on January 9th. There are a number of sections that are important for Star clients that we discuss and highlight below.  

Manipulative Trading
Crypto Assets
Outside Business Activities and Private Securities Transactions


As FINRA reminds member firms, Rule 3110 (Supervision) requires firms to have written supervisory procedures for the review of securities transactions that are reasonably designed to identify trades that may violate the provisions of the Exchange Act or FINRA rules prohibiting insider trading and manipulative and deceptive devices. Firms must conduct prompt internal investigation into any such trade to determine whether a violation of those laws or rules has occurred. 

When it comes to surveillance, FINRA suggests firms consider whether their employee compliance surveillance systems monitor for (amongst other things):  

  • Patterns of suspicious order entries and trading activity across multiple customers, multiple days or both; 
  • Activity of proprietary traders; 
  • Patterns of suspicious activity during the distribution of securities; 
  • Red flags of potential coordination among customers; and 
  • Patterns of suspicious order entries and trading activity. 

Learn more about Star’s Insider Trading detection solutions here. 

Regarding Surveillance programs, procedures and calibrations, FINRA asks: 

  • How are thresholds determined to detect potentially manipulative trading?  
  • Are thresholds periodically assessed?  
  • Are businesses, client base and structure considered when establishing surveillance thresholds? 
  • Do supervisory procedures adequately address steps to analyze, document and escalate surveillance alerts?  
  • Are regular reviews in place to assess whether changes in its business model or the addition of new customers require changes in supervisory controls to detect possible manipulation?  
  • Are changes in customers’ trading behavior monitored that may prompt a reassessment of the firms’ pre-trade or post-trade supervisory controls?  
  • Are sandbox testing sites in place prior to surveillance controls placed into production and monitored for unanticipated impacts?  
  • Are changes to surveillance controls documented and the rationale for such changes? 

FINRA highlights findings and effective practices to consider, for example: 

  • Inadequate WSPs, including:
    • Procedures not reasonably designed to identify patterns of manipulative conduct;
    • Escalation processes not outlined; and
    • Procedures not tailored. 

  • Non-Specific Surveillance Thresholds 
  • Surveillance Deficiencies, including NOT:
    • Adequately monitoring patterns of potential manipulation; 
    • Reviewing or documenting surveillance exception reports; and 
    • Considering non-surveillance sources for red flags. 

FINRA also shared effective practices for designing surveillance to monitor Manipulative Schemes, Algorithmic, Momentum Ignition and Exchange Traded Product Trading, including: 

  • Maintaining and reviewing customer and proprietary data to detect manipulative trading schemes (e.g., front running, trading ahead, et al); 
  • Tailoring supervisory systems and processes to differing types of manipulative order entry and trading activity based on product class; and 
  • Monitoring activity occurring across multiple platforms.  

Star offers solutions for clients to manage, track and surveil employee, firm and customer trading for potential misuse of material, nonpublic information and market manipulation. Learn more here. 


A new focus identified for FINRA in 2024 is crypto assets. FINRA states that firms seeking to engage in crypto asset-related activity should identify and address the relevant regulatory and compliance challenges and risks. FINRA suggests reviewing and evaluating supervisory programs and controls, and compliance policies and procedures. 

FINRA highlights findings and effective practices to consider, for example: 

Has your firm established written policies, procedures and controls related to crypto asset activities being conducted by the firm and its associated persons that are reasonably designed to achieve compliance with applicable securities laws and regulations, as well as with applicable FINRA rules?  

Crypto Asset-Related Market Abuse 

  • Bad actors are taking advantage of investor interest in crypto assets and blockchain technology by engaging in manipulative schemes similar to those that exist in the equities market. 
  • Additional forms of market abuse involving crypto assets may result from differences in their market structure (e.g., centralized and decentralized exchanges, the ability to trade every day and at any time). 

 Surveillance Themes and Effective Practices 

While not exhaustive, themes identified with respect to potential violations by FINRA members and associated persons involving crypto assets include FINRA Rules 2210 (Communications with the Public), 3110 (Supervision) and 3310 (Anti-Money Laundering Compliance Program). 

Through Star’s partnership with Aer Compliance (formerly Argus), clients can monitor employee trading of digital crypto assets while leveraging the Star Platform to manage pre-clearance. Learn more here 


FINRA requires firms to monitor and supervise Outside Business Activities (“OBA”) (Rule 3270) and Private Securities Transactions (“PST”) (Rule 3280) in order to determine whether to prohibit, limit or allow those activities.  

FINRA reminds firms to reconsider:  

  • Methods used to identify individuals involved in undisclosed OBAs and PSTs; 
  • Reviewing WSP’s and whether they explicitly state when and how registered persons must notify compliance of a proposed OBA or PST; 
  • Whether associated persons or registered persons are required to complete and update attestations and certifications regarding OBAs and PSTs and if yes, the frequency; 
  • Upon receipt of a written notice of proposed OBAs, is there a consideration of whether the activity will interfere with or otherwise compromise the registered person’s responsibilities or be viewed by customers/public as part of the member’s business; 
  • Also is there a determination of whether such OBA activities should be treated as a PST; 
  • Processes in place to update a registered person’s Form U4 with activities that meet the disclosure requirements of that form; 
  • Regulatory considerations and characteristics of crypto assets when reviewing crypto asset-related OBAs and PSTs; and 
  • Training and guidance during onboarding and periodically thereafter, with regard to their potential engagement in OBAs and PSTs.  

FINRA also shared findings and effective practices to consider, for example: 

  • Inadequate Approval Process for Potential PSTs; 
  • No Documentation; 
  • No or Insufficient Employee / Compliance Written Notices or Reviews; 
  • Inadequate Controls; and 
  • No Review and/or Recordkeeping of Crypto Asset-Related Activities. 

 FINRA also shared effective OBA and PST practices: 

  • Questionnaires: Require registered persons and other associated persons to complete upon hire, and periodically thereafter, detailed questionnaires with regular attestations regarding their involvement in new or previously disclosed OBAs and PSTs. 
  • Due Diligence: Conduct due diligence to learn about all OBAs and PSTs at the time of a registered person’s initial disclosure to the firm and periodically thereafter. 
  • Monitoring: Monitor significant changes in, or other red flags relating to, registered persons’ or associated persons’ performance, production levels or lifestyle that may indicate involvement in undisclosed or prohibited OBAs and PSTs. 
  • WSPs: Clearly identifying types of activities or investments that would constitute an OBA or PST. 
  • Training: Conducting training on OBAs and PSTs. 
  • Controls for Outside Crypto Asset-Related Activities: Establishing policies, procedures and controls related to crypto asset-related OBAs of registered persons. 
  • Crypto Asset Checklists: Creating checklists to confirm whether crypto asset-related activities would be considered OBAs or PSTs. 

 Star offers solutions for clients to manage, track and surveil OBA and PST activities. Clients are able to configure rules that coincide with policies and procedures, document approvals or denials, and easily include OBA and PST activities as part of their certification and/or attestation processes with ease. Click to learn more about Star’s Outside Business Activity and Private Investments Monitoring solutions.  

If you’re looking to improve or implement processes to better answer the obligations and best practices set forth by FINRA’s 2024 Regulatory Oversight Report, Star can help! By implementing one, centralized compliance solution, your firm can automate, streamline, and more effectively mitigate risk with confidence. To learn more, schedule time with us here.