FINRA 101: Governance For Broker-Dealer Marketing

In the third post of our series on how regulatory bodies address marketing compliance, we look at the Financial Industry Regulatory Authority (FINRA), a self-regulatory organization (SRO) operating under the Securities Exchange Commission (SEC)—the focus of our most recent post. The SEC sets the overarching legal framework for securities markets; FINRA is the front-line regulator most broker-dealers interact with daily.

Compliant Communications Require Accurate ClaimsAnd Context

FINRA plays a key role in preserving the integrity of financial markets. One way it accomplishes this is by setting compliance standards for broker-dealer communications. 

Take, for example, a brokerage firm’s online ad that makes a simple assertion: If you invest with us, your money will “grow exponentially.” The firm neither substantiates this claim nor bothers to disclose the inherent risks, including the possibility that you could lose your entire investment. 

Enter FINRA. Under the agency’s rules, the firm is required to make sure the ad is fair, balanced, and not misleading. This means including risk disclosures, avoiding cherry-picked performance data, and presenting any projected gains alongside the realistic possibility of losing money. 

By requiring that investment information be accurate and appropriately contextualized, FINRA is one of the bedrocks for maintaining trust in financial markets.

What Is FINRA And Why Does It Matter to Marketing?

FINRA is authorized by the U.S. Congress to oversee broker-dealers and their registered representatives. It was established in 2007 through the consolidation of the National Association of Securities Dealers (NASD) and the regulatory arm of the New York Stock Exchange.

The authority’s core mission is to protect investors and to promote market integrity through oversight of the broker-dealer community. One of its areas of focus is how firms communicate with the public, which includes virtually all marketing materials.

What’s Considered “Communications With The Public”?

Under FINRA Rule 2210, the cornerstone rule governing broker-dealer marketing, communications are grouped into three categories:

• Retail communications: Any written or electronic content distributed or made available to more than 25 retail investors within 30 days. This includes website content, display ads, email campaigns, social media posts, and paid promotions.
• Correspondence: Written or electronic communications, such as personalized emails or direct messages, sent to 25 or fewer retail investors in a 30-day period.
• Institutional communications: Content distributed exclusively to institutional investors.

FINRA’s coverage is extensive. Complementing these three categories, Regulatory Notice 17-18 of the agency’s Social Media Guidance Hub underscores that firms must treat digital communications the same way as traditional marketing materials. This includes not only websites, emails, and paid social ads, but also influencer and affiliate content, pitch decks, fact sheets, performance presentations, webinars, and scripted public remarks.

What Does FINRA Regulate: The “Big Four” Risk Zones

Here are the four areas that FINRA cares most about:

1. Fair, balanced, non-misleading content

At the heart of FINRA’s advertising rules is a simple principle: Communications must present information in a fair and balanced manner. Rule 2210 requires that all communications be based on principles of fair dealing and good faith, present benefits and risks in a balanced way, and contain no false or misleading statements. FINRA also evaluates the net impression of a piece—meaning technically accurate statements can still violate the rules if the overall message misleads.

A common issue involves promoting strong recent performance without adequate disclosures, including equally prominent discussion of volatility, fees, or the risk of loss. This often surfaces in performance marketing, landing pages, and social media promotions. 

2. Supervision and principal review

FINRA doesn’t just care about what you publish; it cares about the supervisory process used to get there. Most retail communications require review and approval by a registered principal before use, while firms must have written supervisory procedures (WSPs) that document:

• How the review process works
• Who is authorized to approve communications
• How exceptions are documented and handled

3. Recordkeeping and retention

Broker-dealers must retain records of all communications with the public, consistent with FINRA requirements and the SEC’s recordkeeping rules. This means storing not only final approved pieces, but also drafts, approval chains, and material changes made during review. To ensure this in practice, marketing teams require workflow tools with built-in, auditable retention capabilities.

4. Digital and social media oversight

FINRA has explicitly extended its communications rules to social media and digital platforms, making this one of its fastest-evolving areas of examination. Firms are responsible not just for their own corporate accounts, but also for social media activity of registered reps. FINRA also evaluates whether firms have “adopted”or become “entangled” with third party posts, which can bring that content under the firm’s compliance obligations.The stickiest issues here are exaggerated claims, omitted risk disclosures, and inadequate oversight of influencer or affiliate promotions. 

FINRA In Action: M1 Finance 

To demonstrate how these rules apply in practice, here is a snapshot of FINRA’s first social media influencer-related disciplinary action—against M1 Finance.

What was marketed: Between January 2020 and April 2023, M1 Finance, an online brokerage and investment platform, recruited and paid 1,700 social media influencers more than $2.75 million to promote the firm. Influencers were compensated with a flat fee for every new account opened and funded using a unique referral link. The program generated more than 39,000 new funded accounts.

What the influencers said: Some of the posts were not fair or balanced, or included exaggerated promissory or misleading statements with no discussion of investment risk. Other content promoted M1’s margin lending program by highlighting low interest rates while omitting disclosure of maintenance margin requirements and rate fluctuations. Still other posts described the platform’s services as free without disclosing applicable fees.

What FINRA found: These posts qualified as retail communications under Rule 2210, meaning a registered principal was required to review and approve each one before publication, which M1 didn’t do. The firm also failed to retain records of influencer posts as required, and had no written supervisory procedures or system for overseeing content published on its behalf.

The result: In March 2024, M1 was fined $850,000 in FINRA’s first formal disciplinary action against a broker-dealer for failing to supervise a social media influencer program. As part of the settlement, the firm was required to implement a registered principal review of influencer content and to build a system for retaining those communications going forward.

The compliance lesson: Paying a third party to promote your firm doesn’t transfer your regulatory responsibility; it extends it. Any content created on your behalf, by anyone, is subject to the same review, approval, and recordkeeping requirements as content produced internally.

What FINRA Focuses On Now

FINRA’s Annual Regulatory Oversight Report indicates current examination priorities. In the 2026 edition and other recent editions, the agency’s Communications with the Public section has highlighted several areas where compliance gaps are increasingly prevalent.

• Influencer and affiliate marketing: As more firms partner with third-party content creators, FINRA has focused on whether such arrangements are being supervised as communications with the public and whether records are being retained.
• Mobile app information: With mobile apps already an integral part of the marketer’s toolbox, FINRA is closely scrutinizing false, misleading, or unbalanced information presented on this platform. In particular, this includes failing to clearly and prominently disclose risks for complex products such as options trading, the use of margin, and crypto assets.
• Electronic communications reviews: FINRA is closely monitoring firms that oversee electronic communications without selecting adequate samples or using targeted key word searches, as well as those that don’t review such communications when business is conducted in languages other than English.
• Off-channel digital communications: The agency has raised concerns about firms using texting apps, encrypted messaging, and collaboration tools for business communications without adequate archiving or supervision protocols.

A common thread across all of these is supervision. FINRA is less interested in policing individual mistakes than in determining whether firms have built systems that support more consistent and scalable compliance outcomes.

The Bottom Line: It’s All About Workflows

As we’ve just shown, FINRA doesn’t expect perfection, but does expect process. Accordingly, the authority’s exams typically focus not only on isolated content issues, but also on whether firms have reasonably designed supervisory systems. For marketers, therefore, compliance isn’t primarily about restricting creativity; it’s about building workflows that protect both your audience and your firm. Clear approval chains, documented supervisory procedures, and consistent recordkeeping practices not only satisfy FINRA, but also make marketing operations more professional and defensible.

Want to pressure-test your current review workflow?

Request a free Marketing Compliance Workflow Review to identify gaps before your next FINRA exam.

Note: This overview is intended for educational purposes, and does not constitute legal advice.