Is Your Messaging Compliant With FINRA?


By Zach Richardson February 21, 2018

Brokers of all levels of experience often find themselves trying to maintain FINRA compliance. Brokers who have worked in the field for several years may have had to adjust to using email messaging and other digital forms of communication, while brokers entering the profession may be comfortable using social media and text communication.

The rise of digital communication has raised questions within the investment industry, prompting FINRA to release guidelines for compliant messaging practices. Explore why brokers and their clients need to know about FINRA guidelines to maintain secure business messaging.


FINRA (Financial Industry Regulatory Authority) is a nongovernmental agency overseen by the U.S. Securities and Exchange Commission (SEC). The goal of FINRA is to create regulations and set best practices for investors and their agencies in the United States. FINRA guidelines cover more than 4,200 brokerage firms and 63,000 brokers.

According to eFileCabinet, FINRA serves five primary functions for investors:

  • Examine firms for compliance of SEC rules and FINRA regulations
  • Increase transparency in the marketplace
  • Educate investors on issues of security and transparency
  • Enforce ethical standards
  • Implement safeguards within the industry

Knowing these guidelines, you can clearly see why FINRA would be involved in secure messagingsystems. By creating guidelines for secure communication between brokers and customers, FINRA can keep all parties safe and foster a secure and transparent market for everyone’s benefit.


In April 2017, FINRA released a new set of guidelines for communication best practices through text messaging and social media. More brokers and investment firms are turning to modern forms of communication to reach customers and, in some cases, share personal information. In the wrong hands, this information can put investors at risk and expose the financial standing of some clients.

The latest guidelines cover many subjects meant to preserve the ethical integrity of customer-broker relationships along with the security and privacy of transactions.


One of the top highlights of the 2017 guidelines update is the importance of saving text-message communications. Any broker or firm that intends to communicate with customers through text messaging for business purposes must save the conversations and document what was discussed.

While this guideline may seem fairly straightforward, Yasmin Zarabi at Hearsay Systems believes that room for interpretation exists. Firms must determine what qualifies as “business communication” to determine what should be saved. A brokerage firm may be able to argue against saving certain documents under the claim that the conversations weren’t directly related to investing.

However, FINRA could fine a broker $5,000 and suspend the broker from operating in any FINRA capacity for a month for failing to preserve relevant digital communication. The penalty of this fine could create an incentive for brokers to save as many conversations as possible.


FINRA has strict guidelines for customers who endorse brokers and investment firms to preserve the integrity of the customer brand and prevent agencies from misleading potential investors. However, the new guidelines approve unsolicited customer comments and posts on social media reviewing the brokers with whom they work. FINRA believes these posts are created of their own accord and shared with honest intentions.

While these guidelines create some flexibility for brokers who are active on social media, the guidelines do come with certain provisions. The agency or broker isn’t allowed to like or share any positive comments, testimonials, or endorsements. In doing so, they are adopting the content as their own and promoting it as a testimonial for others to read.


The final FINRA guideline isn’t new, but it is a key aspect of digital communication that FINRA is taking seriously. Brokerage firms are required to save and document their client emails and conduct random reviews to determine if any problems or issues occurred. According to ThinkAdvisor, no specific number exists for how many emails brokers should review, but they should be able to defend it as a reasonable number (that is, reviewing five emails out of 1,000 wouldn’t be a strong sample size).

Investors and their employees should look for several items during these email reviews. A few elements include the following:

  • Undisclosed customer complaints or problems
  • Instances of insider trading
  • Promissory claims that guarantee results or performance
  • Suspicious emails from clients who could have had their accounts hacked.
  • Breaches of personal information
  • Instances of failing to put client interests before investor interests

Based on this list, the average investor can understand that reviewing emails allows companies to make sure they conform to existing FINRA and SEC regulations. Digital messaging from brokerage firms needs to be transparent, secure, and ethical — and the cost of failing to perform these checks adds up. In early 2017, one firm was fined $125,000 for failing to conduct digital messaging reviews while another paid $120,000 in fines for failing to review and document online communication properly.

The potential cost to a company for ignoring these reviews well exceeds the time and effort needed to review and document emails for FINRA compliance.


Some brokerage firms may consider staying with traditional email communication until they have created internal practices for saving digital messaging and reviewing it for compliance. However, brokers and agencies that want to move forward with secure business messaging in 2017 should look for the right tools for the job.

Brokers should look for tools that offer end-to-end encryption and automatically save and store messages in a secure server location. This effort will protect communication with customers and allow financial professionals to conduct ethical reviews as needed. For example, Forsta offers these capabilities and is easy to use for brokers of all digital competencies.

Not knowing that communication violated FINRA laws or isn’t secure is no longer an excuse. FINRA isn’t afraid to fine your company for violations of safe communication and compliance standards. Take steps to be compliant today so that you don’t have to worry about facing penalties tomorrow.