Table of Contents
SERIES 24 | SERIES 27 | FINANCIAL REGULATION COURSES
FINRA Rule 4360 requires every FINRA member that is a SIPC member to maintain blanket fidelity bond coverage protecting against specified categories of loss, at minimum coverage levels scaled to the firm's net capital requirement, with per-loss coverage and no aggregate liability cap, subject to annual adequacy review and immediate notification to FINRA upon any cancellation, termination, or substantial modification. The fidelity bond requirement is one of the oldest and most consistently maintained protective mechanisms in the broker-dealer regulatory framework — its lineage in NASD rules traces to 1974, with amendments in 1979, 1982, 1994, 1998, and 2012. The current consolidated version was adopted by SR-FINRA-2010-059, effective January 1, 2012, as announced in Regulatory Notice 11-21.
Rule 4360 sits within the 4300 Operations section of the 4000 Financial and Operational Rules series. It applies to every SIPC member — which in practice means every broker-dealer registered under the Exchange Act that is not specifically exempt from SIPC membership — with narrow exemptions for members whose fidelity bond obligations are governed by a national securities exchange with equal or greater requirements, and members whose entire business consists of acting as a Designated Market Maker, Floor broker, or registered Floor trader without conducting any public business. Capital Acquisition Brokers are expressly made subject to the rule by SR-FINRA-2015-054, effective April 14, 2017.
A fidelity bond is an insurance product that protects the firm against financial losses caused by the dishonest or fraudulent acts of its own employees and associated persons, as well as against specified categories of property loss arising from premises coverage, transit coverage, securities loss, forgery, and counterfeit currency. Unlike net capital requirements — which protect against losses from market risk and operational failures — fidelity bond coverage specifically addresses the internal fraud risk that exists whenever a firm's personnel have access to securities, cash, and customer assets. The securities industry's particular exposure to this risk is acute: broker-dealers routinely handle enormous volumes of customer assets, execute millions of transactions, and employ thousands of registered and non-registered personnel across diverse locations and functions, creating ample opportunity for employee dishonesty to cause material harm before it is detected.
The mandatory nature of fidelity bond coverage under Rule 4360 reflects the regulatory judgment that this insurance cannot be left to individual firm discretion. A firm that chose to self-insure against employee dishonesty risk — or that maintained inadequate coverage to reduce insurance costs — would be making a decision that affects not only its own shareholders but also its customers, whose assets are at risk from the very employee misconduct the bond is designed to cover. SIPC protection provides a backstop for customer claims when a broker-dealer fails, but SIPC coverage is limited in amount and applies only in specific insolvency scenarios. The fidelity bond provides a separate, preventive layer of protection that operates continuously and does not require insolvency.
Rule 4360(a)(1) specifies that the blanket fidelity bond must include Insuring Agreements covering six specific categories of loss. Each addresses a distinct risk vector in the broker-dealer operating environment.
The Fidelity coverage protects against losses resulting from dishonest or fraudulent acts committed by employees — the core employee theft and embezzlement risk that motivated fidelity bonding from the outset. This coverage applies to registered representatives who misappropriate customer funds, back-office employees who divert firm assets, and any other employee whose dishonest conduct causes a covered loss. The breadth of the Fidelity insuring agreement is what makes blanket bonding distinct from more targeted coverage — it applies to all employees, not merely designated individuals.
The On Premises coverage protects against loss of money, securities, or other property through robbery, burglary, theft, or mysterious disappearance occurring within the firm's offices or other premises. Physical custody of securities and cash, while substantially reduced in the modern era of electronic records and DTC book-entry settlement, remains operationally significant for certain firm types and creates genuine physical theft exposure that the On Premises agreement addresses.
The In Transit coverage extends the physical protection to securities and cash in transit between locations — being transported by employees, messengers, or authorized carriers. While most securities movement now occurs through electronic settlement and DTC transfer, physical delivery of certificates, negotiable instruments, and cash remains common in certain business lines.
The Forgery and Alteration coverage protects against losses resulting from forged or altered checks, drafts, promissory notes, securities, or other instruments. Forgery risk in the broker-dealer context includes forged customer signatures on account transfer documents, altered wire transfer instructions, and fabricated trade confirmations — all vectors through which fraudulent parties have historically caused losses to broker-dealers.
The Securities coverage protects against losses involving securities specifically, including counterfeit securities, securities that are lost, that prove to be forged or altered, or that are obtained by someone misrepresenting their ownership. This coverage addresses the specific risks of securities custody that are not fully captured by the general Forgery and Alteration agreement.
The Counterfeit Currency coverage protects against losses from accepting counterfeit currency — a specific coverage that completes the blanket bond's protection across the full range of physical asset risks a broker-dealer faces. Rule 4360(a)(2) requires that the fidelity bond include a cancellation rider under which the insurance carrier will use its best efforts to promptly notify FINRA if the bond is cancelled, terminated, or substantially modified. This rider creates a direct notification channel that ensures FINRA learns of coverage changes even if the member fails to provide the immediate written notice required by Rule 4360(e). The two notification mechanisms operate in parallel — the rider addresses insurer-initiated notification, while Rule 4360(e) addresses member-initiated notification.
Rule 4360(a)(3) — the per loss coverage requirement — is operationally significant. The bond must provide per loss coverage without an aggregate limit of liability. This means that if a member suffers multiple separate covered losses in a policy period, the full coverage amount is available for each loss rather than being shared across all losses up to an annual aggregate cap. A member that suffered a two-million-dollar employee fraud event followed by a separate one-million-dollar in-transit loss would be entitled to full coverage for each loss under a compliant per-loss bond, rather than being limited to a single combined cap that might be exhausted by the first event.
Rule 4360(b) establishes minimum coverage amounts through a tiered table that scales the required coverage to the firm's net capital requirement under Exchange Act Rule 15c3-1. For members with a net capital requirement below two hundred and fifty thousand dollars, the minimum coverage is the greater of one hundred and twenty percent of the required net capital or one hundred thousand dollars. For members with net capital requirements of two hundred and fifty thousand dollars or more, the rule provides a coverage table with nine tiers.
Members with net capital requirements between two hundred and fifty thousand and three hundred thousand dollars must maintain minimum coverage of six hundred thousand dollars. The requirement rises progressively through the tiers: three hundred thousand one to five hundred thousand requires seven hundred thousand; five hundred thousand one to one million requires eight hundred thousand; one million one to two million requires one million; two million one to three million requires one point five million; three million one to four million requires two million; four million one to six million requires three million; six million one to twelve million requires four million; and twelve million one and above requires five million dollars in coverage.
The table's structure reflects the relationship between firm size — as measured by net capital requirements — and the scale of potential losses from employee dishonesty. A firm with a twelve-million-dollar net capital requirement conducts a substantially larger and more complex business than a firm with a two-hundred-and-fifty-thousand-dollar requirement, handles far larger volumes of customer assets and transactions, employs more personnel across more locations, and therefore faces a materially higher aggregate exposure from employee misconduct. The stepped coverage table ensures that larger firms maintain coverage commensurate with their expanded risk profile.
Rule 4360(b)(2) clarifies the personnel scope of required coverage: the bond must cover all associated persons of the member, with the single exception of directors or trustees who are not performing acts within the scope of the usual duties of an officer or employee. This exception is narrow and meaningful — a director who sits on a board and exercises oversight functions but does not handle securities, cash, or customer accounts need not be individually bonded. A director who also serves as an officer or employee performing substantive business functions must be covered. Rule 4360(b)(3) requires that any defense costs for covered losses must be provided in addition to the minimum coverage amounts in the table — defense costs may not reduce the coverage available for the underlying loss.
Rule 4360(c) governs fidelity bond deductibles — the amount of any covered loss that the member retains before the insurer's obligation begins. A member may include a deductible of up to twenty-five percent of the coverage purchased. A ten percent deductible on a one-million-dollar policy would be one hundred thousand dollars; a twenty-five percent deductible on the same policy would be two hundred and fifty thousand dollars.
The critical net capital implication of Rule 4360(c) is triggered when the elected deductible exceeds ten percent of the coverage purchased. Any deductible above ten percent must be deducted from the member's net worth when computing net capital under Exchange Act Rule 15c3-1. This requirement reflects the regulatory logic that a large deductible functions economically like a self-insurance retention — the member is effectively absorbing a portion of the covered risk from its own capital, and that contingent liability must be reflected in the net capital computation rather than ignored. A firm that elects a twenty-five percent deductible has accepted the obligation to fund up to a quarter of any covered loss from its own resources, and its net capital position should reflect that exposure.
The parent guarantee exception in Rule 4360(c) accommodates subsidiary broker-dealers within corporate groups. If the member is a subsidiary of another FINRA member, the deductible excess — the amount by which the deductible exceeds ten percent of coverage — may be deducted from the parent's rather than the subsidiary's net worth, but only if the parent has guaranteed the subsidiary's net capital in writing. This provision enables efficient capital management across affiliated entities while ensuring the net capital reduction occurs somewhere in the consolidated group.
Rule 4360(d) establishes an annual review obligation that applies even to members who have signed multi-year insurance policies. On each yearly anniversary date of the fidelity bond's issuance, the member must review the adequacy of its coverage and make any required adjustments. The review must be based on the member's highest net capital requirement during the preceding twelve-month period — specifically the twelve months ending sixty days before the anniversary date — and that highest requirement determines the minimum coverage for the succeeding twelve-month period.
The use of the highest rather than average or current net capital requirement ensures that the bond covers the member's peak exposure during the measurement period rather than its typical or current level. A member whose net capital requirement fluctuates with business volume would otherwise be able to time its coverage review to a low-volume period, purchasing inadequate coverage for periods when its business — and therefore its fidelity risk — is at its peak. The sixty-day lookback lag before the anniversary date gives the member time to obtain updated coverage before it is required for the new period.
Rule 4360(d)(3) addresses a specific transition issue for new members in their second year of business who elected the aggregate indebtedness ratio for net capital calculation. Such members may use the fifteen-to-one aggregate indebtedness ratio rather than the eight-to-one ratio applicable in their first year when calculating the net capital requirement for the purposes of determining second-year bond coverage — but may not carry less coverage in their second year than they carried in their first. This provision prevents an artificial reduction in coverage during the transition from first-year to second-year operations.
Rule 4360(e) requires immediate written notification to FINRA whenever a member's fidelity bond is cancelled, terminated, or substantially modified. The immediacy requirement reflects the urgency of fidelity bond status from a regulatory perspective — a member operating without compliant coverage is in violation of Rule 4360(a) from the moment its coverage lapses, and FINRA needs to know promptly so it can assess the member's compliance status and take any necessary supervisory action.
Supplementary Material .01 defines substantial modification — the term that triggers the notification obligation alongside cancellation and termination — as any change in the type or amount of fidelity bonding coverage, any change in the exclusions to which the bond is subject, or any other change in the bond such that it no longer complies with the requirements of Rule 4360. The definition is broad enough to capture coverage reductions, the addition of new exclusions, insurer substitutions that change coverage terms, and any other modification that affects the bond's compliance status. A member that negotiates a renewal with different exclusion language must evaluate whether the change constitutes a substantial modification and, if it does, notify FINRA immediately.
Supplementary Material .02 addresses the rare scenario where a member cannot obtain the blanket fidelity bond coverage required by Rule 4360(a)(3) from any insurer — typically because of the member's claims history, financial condition, or business profile. Such a member may maintain substantially similar fidelity bond coverage in compliance with all other provisions of Rule 4360, provided it has and retains written correspondence from two insurance providers stating that it does not qualify for the standard blanket bond coverage. The two-insurer written declination requirement ensures that the alternative coverage pathway is not used as a convenience mechanism — it requires documented evidence that standard coverage was genuinely unavailable before the alternative is permitted.
Rule 4360 connects to the financial responsibility framework of Rules 4110 and 4120 through the deductible provision's net capital implication and through the annual review requirement's use of net capital requirement as the coverage benchmark. A member that fails to maintain the required fidelity bond coverage may also find itself in technical non-compliance with its net capital requirements if the bond was being relied upon in the net capital computation — a connection that FINRA examiners will assess when reviewing both financial condition and insurance compliance during integrated examinations.
The fidelity bond coverage also interacts with the supervisory framework of FINRA Rule 3110. A member's written supervisory procedures should address the annual review obligation, the notification procedures for cancellation and substantial modification, the net capital deduction calculation for deductibles exceeding ten percent, and the documentation requirements for alternative coverage under Supplementary Material .02. FINRA Rule 3120's annual supervisory control testing should include confirmation that the fidelity bond review has been conducted, that coverage remains compliant, and that any material changes have been timely reported to FINRA.
FINRA Rule 4360 is tested on the Series 24 General Securities Principal examination in the context of financial responsibility requirements and the supervisory obligations for maintaining adequate firm-level protections. The Series 27 Financial and Operations Principal examination tests the rule in greater depth including the coverage table calculations, the deductible net capital implication, and the annual review mechanics. The rule appears in examination questions about the minimum coverage required for a firm at a specified net capital requirement level, the consequences of a deductible exceeding ten percent of coverage, and the notification obligations upon bond cancellation.
The key points to retain are these: every FINRA member required to join SIPC must maintain blanket fidelity bond coverage with six mandatory insuring agreements covering Fidelity, On Premises, In Transit, Forgery and Alteration, Securities, and Counterfeit Currency; the bond must include a cancellation rider requiring the insurer to use best efforts to notify FINRA of cancellation, termination, or substantial modification; coverage must be on a per-loss basis with no aggregate liability cap; minimum coverage for members with net capital requirements below two hundred and fifty thousand dollars is the greater of one hundred and twenty percent of required net capital or one hundred thousand dollars; members with net capital requirements at or above two hundred and fifty thousand dollars must follow the coverage table ranging from six hundred thousand dollars at the two-hundred-fifty-thousand-dollar threshold to five million dollars for requirements above twelve million dollars; defense costs must be provided in addition to the minimum coverage amounts; a deductible of up to twenty-five percent of coverage purchased is permitted, but any deductible exceeding ten percent of coverage purchased must be deducted from the member's net worth in the net capital computation under Rule 15c3-1, or from the parent's net worth if the parent guarantees the subsidiary's net capital in writing; members must conduct an annual adequacy review on the bond anniversary date using the highest net capital requirement from the preceding twelve months ending sixty days before the anniversary; members must immediately notify FINRA in writing if the bond is cancelled, terminated, or substantially modified — with substantial modification defined as any change in type, amount, exclusions, or other terms rendering the bond non-compliant; members that cannot obtain standard blanket coverage may use substantially similar alternative coverage supported by written declinations from two insurers; and Designated Market Makers, Floor brokers, and registered Floor traders conducting no public business are exempt, as are members with compliant coverage under a national securities exchange with equal or greater requirements.
