Table of Contents
SERIES 7 | SERIES 65 | FINANCIAL REGULATION COURSES
FINRA Rule 3110 — Supervision — requires every FINRA member firm to establish and maintain a system for supervising the activities of each associated person that is reasonably designed to achieve compliance with applicable securities laws, regulations, and FINRA rules — the foundational supervisory obligation that underlies the entire FINRA regulatory framework and without which every other conduct rule in the FINRA rulebook would be unenforceable in practice.
Rule 3110 is the rule that makes all other rules operational — the suitability obligations of FINRA Rule 2111, the communications standards of FINRA Rule 2210, the options account approval requirements of FINRA Rule 2360, the anti-money laundering obligations of FINRA Rule 3310, and every other specific conduct requirement in the FINRA rulebook depend on member firms having supervisory systems capable of detecting and preventing violations before they harm investors.
A firm that has excellent written policies but no system for ensuring those policies are followed has not satisfied its supervisory obligations — Rule 3110 requires implementation, enforcement, and documentation of actual supervision, not merely the creation of policies.
Failure to supervise — the violation of Rule 3110's requirements — is one of the most frequently charged and most heavily sanctioned violations in FINRA's disciplinary programme. FINRA treats supervision failures as evidence of systemic weakness rather than isolated incidents — recognising that the harm done by individual registered representative misconduct is compounded enormously when that misconduct occurs in an environment where adequate supervision would have detected and prevented it.
The foundational requirement of Rule 3110(b) is the obligation for every member firm to establish, maintain, and enforce written supervisory procedures — WSPs — to supervise the types of business in which it engages and the activities of its associated persons that are reasonably designed to achieve compliance with applicable securities laws, regulations, and FINRA rules.
Written supervisory procedures are the documented operational framework through which a member firm's supervisory obligations are translated into specific, executable daily compliance activities.
They are not high-level policy statements or general commitments to compliance — they are detailed operational procedures that specify exactly what will be reviewed, who will conduct each review, how frequently each review will occur, what documentation will be generated to evidence the review, and what escalation process will be followed when a review identifies a potential problem.
The WSP must describe the specific individual or individuals responsible for each type of review — by name or by position title — ensuring clear accountability for each supervisory function.
The WSP must describe the specific supervisory activities those individuals will perform — the mechanics of how each review is conducted rather than merely stating that the review will be conducted.
The WSP must specify the frequency of each review — daily, weekly, monthly, quarterly, or annually as appropriate to the risk level of the activity being supervised.
The WSP must describe how each review will be documented — the records that will be created to evidence that the supervision actually occurred.
The WSP must address a comprehensive range of business activities — not merely the activities that present the most obvious compliance risks but all of the securities and investment banking activities the firm conducts. WSPs that are narrowly focused on high-risk activities while leaving lower-risk activities unaddressed are not reasonably designed — they create gaps in the supervisory framework that can be exploited by misconduct in the unaddressed areas.
The WSP must be current — reflecting the firm's actual current business activities and current applicable regulatory requirements. A WSP that accurately described the firm's supervisory system five years ago but has not been updated to reflect subsequent business changes, new product offerings, new regulatory requirements, or new technology capabilities is not current and therefore not compliant with Rule 3110. Member firms must review and update their WSPs regularly — and must document the review and updating process to demonstrate ongoing maintenance of the supervisory framework.
Rule 3110(a) requires every member firm to designate appropriately registered principals with the authority and responsibility to carry out the firm's supervisory obligations for each type of business the firm conducts.
The designated supervisors must be registered principals — not merely registered representatives — because the supervisory function requires a higher level of regulatory qualification than the activities being supervised. A General Securities Principal registered through the Series 24 examination is the primary supervisory qualification for firms engaged in general securities business — authorising the holder to supervise the full range of securities activities conducted by General Securities Representatives.
The designation of supervisors must be specific — each registered person must have an identified supervisor responsible for overseeing their activities, and the WSP must document who supervises whom. The absence of clear supervisory accountability — where it is unclear who is responsible for supervising a specific registered person — is itself a Rule 3110 violation because it creates gaps in the supervisory framework that allow misconduct to go undetected and unaddressed.
Member firms must designate branch offices and Offices of Supervisory Jurisdiction — OSJs — that serve as the supervisory focal points for the firm's geographically dispersed operations. An OSJ is any branch office where supervisory activities are conducted — including offices where registered principals supervise the activities of registered persons at other locations. The OSJ designation triggers specific inspection and supervision requirements that ensure adequate oversight of the firm's distributed operations.
Rule 3110 requires member firms to establish supervisory systems covering the full range of their business activities — with different levels of supervisory intensity appropriate to the different risk levels of different activities.
The supervision of investment banking and securities business must address the suitability of recommendations made to customers — ensuring that registered representatives are recommending securities appropriate for each customer's investment profile as required by FINRA Rule 2111. The transaction review component of the supervisory system must identify potentially unsuitable recommendations, excessive trading, unauthorised transactions, and other trading-related misconduct on an ongoing basis — not retrospectively after customer complaints have been filed.
Specifically, Rule 3110(b)(2) requires member firms to have reasonable procedures for the review of transactions for the purpose of detecting and preventing insider trading, front running, and other trading-related misconduct. The transaction surveillance function — whether conducted manually by supervisory personnel reviewing transaction reports or through automated surveillance systems that flag unusual trading patterns — must be capable of identifying the patterns of activity that indicate potential violations before they cause significant investor harm.
The supervision of customer accounts must include monitoring for activity inconsistent with the customer's investment profile — excessive trading, concentration in unsuitable securities, unauthorised transactions, and other patterns that suggest the account is being managed in the registered representative's interest rather than the customer's. The supervisory system must be capable of identifying these patterns across the firm's entire customer account population — not merely responding to individual customer complaints after the harm has occurred.
Rule 3110(b)(4) requires member firms to establish supervisory procedures for the review of incoming and outgoing written correspondence and internal communications — ensuring that all forms of customer communication are supervised for compliance with applicable rules and standards.
The correspondence review requirement encompasses all forms of written communication — traditional paper correspondence, email, text messages, social media communications, and any other written or electronic communications between registered persons and customers or potential customers. Member firms must have supervisory procedures appropriate for reviewing the full range of communications channels their registered persons use — and must prohibit the use of communication channels that cannot be adequately supervised.
The correspondence review must be conducted by a registered principal — not by a non-supervisory compliance staff member — and must be evidenced in writing. The principal reviewing correspondence must be able to identify communications that require regulatory action — including communications containing potential misrepresentations, unsuitable recommendations, complaints that require formal handling, or other content that raises compliance concerns.
The supervisory review of correspondence does not require that every communication be reviewed before it is sent — such pre-clearance review is required only for retail communications under FINRA Rule 2210. Rule 3110's correspondence review may be conducted on a risk-based sampling basis — reviewing a statistically meaningful sample of communications from each registered person periodically — supplemented by enhanced review of communications from high-risk individuals or in connection with high-risk product areas.
Rule 3110(c) requires member firms to conduct periodic inspections of every office and location at which the firm conducts business — testing the adequacy and actual operation of the firm's supervisory system at each location.
OSJs must be inspected at least once per year — on a calendar-year basis — with the inspection conducted by a principal other than the principal responsible for the day-to-day supervision of the OSJ being inspected. The annual OSJ inspection ensures that the supervision being conducted at each supervisory focal point is actually occurring as described in the WSP and is effectively identifying and addressing compliance concerns.
Non-OSJ branch offices — registered locations that conduct securities activities but are not designated as OSJs — must be inspected on a regular periodic schedule appropriate to the firm's size, business activities, and risk profile. The inspection frequency for non-OSJ branches must be established in the WSP and must reflect a genuine assessment of the supervisory risks at each location — not merely a minimum frequency dictated by regulatory convenience.
Inspection reports must document the scope of each inspection, the findings made, and the corrective actions taken to address any deficiencies identified. The documentation of inspection findings and corrective actions serves two purposes — demonstrating to regulators that the supervisory system is functioning as designed, and providing management with the information needed to identify systemic issues that require remediation beyond the specific findings at any individual location.
Rule 3110 requires member firms to establish and maintain supervisory procedures for the handling of customer complaints — ensuring that complaints are received, reviewed, escalated, and resolved in a manner that protects customer interests and satisfies applicable regulatory requirements.
Customer complaints must be reviewed by a qualified principal — not merely filed away — to determine whether the complaint reveals a compliance issue that requires immediate supervisory attention, whether the complaint triggers reporting obligations to FINRA or other regulators, and whether the firm's response to the complaint is appropriate and timely. The principal reviewing complaints must have the authority and the information access necessary to take appropriate supervisory action in response to the concerns raised.
Patterns of customer complaints — multiple complaints involving the same registered person, the same product type, or the same sales practice — are among the most important early warning signals that a supervisory system must be capable of detecting. A firm whose complaint handling procedures treat each complaint as an isolated incident without aggregating and analysing patterns across the firm's entire complaint inventory is not meeting the risk detection purpose of the supervisory requirement.
Rule 3110's supplementary material addresses the specific supervisory obligations applicable to associated persons with a history of past misconduct — recognising that prior regulatory violations, customer complaints, and disciplinary history are meaningful predictors of future misconduct risk that require enhanced supervisory attention beyond the standard supervisory framework.
Member firms that employ or seek to employ persons with a significant history of past misconduct must implement heightened supervisory procedures specifically designed to address the risks associated with that history — procedures that go beyond the standard WSP to provide more intensive oversight of the individual's activities. FINRA has issued specific guidance on implementing effective heightened supervisory procedures, including the types of enhanced monitoring, communication review, and principal oversight that are appropriate for individuals whose history suggests elevated misconduct risk.
The failure to implement required heightened supervision — or the failure to maintain heightened supervision once implemented — is a violation of Rule 3110 that FINRA has consistently pursued through enforcement action. Firms that place high-risk individuals in branch offices or remote locations where the practical ability to provide heightened supervision is limited have not satisfied the requirement — the supervisory intensity must match the risk profile of the individual being supervised regardless of geographic convenience.
Rule 3110(a)(7) requires member firms to conduct an annual compliance meeting — or in lieu of a group meeting, annual compliance interviews — with each registered person.
The annual compliance meeting is an opportunity for the firm to remind registered persons of applicable regulatory requirements, update them on regulatory developments that affect their activities, address the firm's compliance priorities for the coming year, and confirm that each registered person understands their obligations.
The annual compliance meeting does not need to be conducted in person — FINRA's supplementary material clarifies that the meeting requirement can be satisfied through telephone conferences, webinars, or other remote communication methods — acknowledging the practical challenge of conducting in-person meetings with geographically dispersed registered person populations.
Rule 3110's written supervisory procedures requirement operates in close coordination with two companion rules — Rule 3120 and Rule 3130 — that together form the complete supervisory framework for FINRA member firms.
Rule 3110 requires firms to establish and maintain written supervisory procedures — the documentation of what the supervisory system is designed to do. Rule 3120 — described in the FINRA Rule 3120 entry of this dictionary — requires firms to establish supervisory control policies and procedures that test and verify whether the Rule 3110 supervisory system is actually working as designed — the testing function that demonstrates the system is operating effectively in practice rather than merely existing on paper.
Rule 3130 — described in the FINRA Rule 3130 entry — requires the firm's chief executive officer to certify annually that the processes required by Rules 3110 and 3120 are in place and functioning — providing senior management accountability for the firm's supervisory infrastructure.
Together the three rules create a complete supervisory governance framework — establish the system through Rule 3110, test it through Rule 3120, and certify its adequacy through Rule 3130.
FINRA Rule 3110 is tested on the Series 7 and Series 65 examinations as the foundational supervisory requirement that makes all other FINRA conduct rules operational — the rule that requires member firms to establish, maintain, and enforce systems that ensure compliance with applicable securities laws, regulations, and FINRA rules.
The key points to retain are these.
FINRA Rule 3110 — Supervision — requires every member firm to establish and maintain a system for supervising each associated person's activities that is reasonably designed to achieve compliance with applicable securities laws, regulations, and FINRA rules. The foundational requirement is written supervisory procedures — WSPs — that document specifically who supervises what, how supervision is conducted, how frequently reviews occur, and how reviews are documented. WSPs must be current, specific, and actually implemented — not merely nominal documents created for regulatory appearances.
Designated supervisors must be registered principals with authority and responsibility for each supervisory function — clear accountability for each registered person and each business activity is required. OSJs must be inspected at least annually by a principal other than the one responsible for day-to-day OSJ supervision. Non-OSJ branch offices must be inspected on a regular periodic schedule.
Correspondence and communications must be reviewed by a registered principal with documentation of the review. Transaction review must be capable of detecting insider trading, excessive trading, unsuitable recommendations, and other trading-related misconduct. Customer complaints must be reviewed by a qualified principal and patterns of complaints must be aggregated and analysed for systemic compliance concerns.
Rule 3110 works in coordination with Rule 3120 — which tests and verifies that the supervisory system is working — and Rule 3130 — which requires annual CEO certification of supervisory system adequacy. Failure to supervise is one of the most frequently charged and most heavily sanctioned violations in FINRA's disciplinary programme — FINRA treats supervision failures as evidence of systemic weakness that enabled individual misconduct to harm investors without detection or prevention.
