Series 14: Customer and Employee Accounts

Series 14 Customer and Employee Accounts questions help you isolate one part of the FINRA outline before returning to a mixed practice test. The questions below are original Securities Prep practice items aligned to this topic and are not copied from any exam sponsor.

Topic snapshot

Sample questions

Question 1

A retail customer requests options trading approval and wants to place an options order immediately. The customer’s options agreement is incomplete, the Options Disclosure Document (ODD) has not yet been delivered, and no Registered Options Principal (ROP) has approved the account.

Which supervisory action is NOT appropriate under these facts?

• A. Block options orders until ROP approval is recorded
• B. Require ODD delivery before granting options approval
• C. Permit the order if the rep emails risk disclosures
• D. Run exception reports for any options in unapproved accounts

Best answer: C

Explanation: Options trading should not occur until required documentation, ODD delivery, and ROP approval are completed and evidenced.

Options account approval is a gated process: the firm must complete the options agreement, deliver the ODD, and obtain documented ROP approval before the first options trade. An email from the representative does not substitute for required firm approval steps. The best supervisory approach is to prevent trading and use monitoring to detect and remediate any breakdowns.

A key supervisory obligation for options is ensuring trading cannot begin until the account is properly established and approved through the firm’s controls. Under the stated facts, the options agreement is incomplete, the ODD has not been delivered, and the ROP has not approved the account—so the firm should treat any options order as prohibited until those prerequisites are satisfied and recorded.

High-level controls typically include:

• System blocks that prevent options orders in unapproved accounts
• Evidence of ODD delivery and customer documentation before approval
• Documented ROP approval prior to the first trade
• Ongoing surveillance/exception reporting to catch and escalate any options activity outside approvals

Informal disclosures by a representative do not replace required approvals and do not create a defensible supervisory record.

• Rep-created workaround fails because it bypasses required approval gates and documented supervision.
• Pre-trade blocking is an appropriate preventive control for unapproved options activity.
• ODD before approval is an appropriate prerequisite control tied to options risk disclosure.
• Exception reporting is an appropriate detective control to identify and escalate breaches.

Question 2

A compliance official reviews a complaint trend report and sees the following pattern:

Exhibit: Complaint log (last 60 days)

ID   Branch  Rep   Allegation
101  017     JH    Transfer-out request sat unprocessed; fees accrued
104  017     MS    Transfer-out request sat unprocessed; fees accrued
109  017     RP    Transfer-out request sat unprocessed; fees accrued
112  017     JH    Transfer-out request not acknowledged; customer frustrated
118  017     MS    Transfer-out request delayed; missed reinvestment deadline
121  017     RP    Transfer-out paperwork mishandled; repeated follow-ups

Operations reports show other branches have normal transfer-out cycle times, and there is no firmwide system outage.

Which root-cause category best matches this complaint theme?

• A. Branch failure
• B. Employee failure
• C. Firmwide process failure
• D. Product failure

Best answer: A

Explanation: The issue is concentrated in one branch across multiple reps, indicating a local supervisory/workflow breakdown.

Because the complaints cluster in a single branch and involve multiple registered reps, the most likely root cause is a branch-specific breakdown in how transfer-out requests are handled or supervised. The absence of similar issues elsewhere and no system outage points away from a firmwide process problem.

Root-cause triage often starts by asking whether a theme is concentrated by person, location, product, or workflow. Here, the same allegation repeats across several reps but only at Branch 017, while other branches show normal cycle times and there is no firmwide system disruption. That pattern supports a branch-level failure (for example, inadequate local supervision, inconsistent use of transfer processing steps, or branch operations staffing/training issues). By contrast, a single-employee issue typically clusters around one rep, a product issue follows a specific product regardless of who sold it, and a firmwide process failure would appear across multiple branches at the same time.

Key takeaway: concentration by branch across multiple reps generally indicates a branch control/supervision problem, not an isolated individual or firmwide defect.

• Single bad actor is less likely because multiple reps are involved.
• Product-driven complaints would cluster around a specific product, not a transfer-out workflow.
• Firmwide process breakdown would typically show up across multiple branches, especially in operations metrics.

Question 3

Which statement is most accurate regarding when penny-stock (heightened-disclosure) rules create additional account supervision requirements?

• A. Before effecting a non-exempt penny-stock transaction for a non-established customer, the firm must deliver a standardized risk disclosure, obtain the customer’s written agreement to the transaction, and have a registered principal approve the account for penny-stock trading.
• B. Penny-stock disclosures apply only to solicited transactions; unsolicited customer orders are not subject to penny-stock requirements.
• C. After a customer receives the penny-stock risk disclosure once, the firm has no further penny-stock disclosure obligations on later transactions.
• D. Any equity security trading below $5 per share is a penny stock, including NYSE- and Nasdaq-listed stocks.

Best answer: A

Explanation: Penny-stock rules can require principal account approval plus customer risk disclosure and written transaction agreement before the first covered trade for a non-established customer.

Penny-stock rules can add specific supervisory steps before a firm effects a covered penny-stock trade for a non-established customer. These steps commonly include delivering a standardized risk disclosure, obtaining the customer’s written agreement to the transaction, and registered principal approval tied to penny-stock trading in the account.

When a transaction involves a covered (non-exempt) penny stock, broker-dealers may have heightened-disclosure obligations that go beyond normal equity processing and require additional account-level supervision—especially for non-established customers. In practice, this means the firm must ensure the customer receives the standardized penny-stock risk disclosure and that supervision evidences the customer’s affirmative agreement before the first covered transaction is effected. Firms also must evidence principal involvement (e.g., approving the account for penny-stock transactions) as part of the control framework, rather than treating penny stocks like ordinary exchange-listed equities. A common trap is assuming the trigger is only a low share price; exemptions (such as exchange-listed securities) and transaction-specific disclosures make the analysis more than just price-based.

• Price-only trigger is incorrect because many low-priced exchange-listed securities are exempt from penny-stock treatment.
• Unsolicited order carve-out is incorrect; firms still may have penny-stock obligations even if the customer initiated the order.
• One-and-done disclosure is incorrect; penny-stock rules include transaction-related disclosures/controls beyond a single initial risk document.

Question 4

A broker-dealer’s written AML procedures require (1) documented disposition of surveillance alerts and (2) escalation to AML Compliance when activity appears suspicious. Over several months, the AML analyst closes multiple alerts on one new retail account that receives frequent third-party wires and quickly purchases and liquidates thinly traded securities. The analyst records only “false positive” with no supporting notes, and no escalation occurs.

During a FINRA exam, the firm cannot produce evidence of review beyond the “false positive” label. What is the most likely outcome for the firm?

• A. Only an OFAC issue; no AML/BSA supervisory exposure
• B. No material issue because procedures existed in writing
• C. AML program implementation finding; likely lookback and SAR consideration
• D. Requirement to notify the customer that suspicious activity was reported

Best answer: C

Explanation: Inability to evidence alert review and escalation is a failure to implement AML controls, prompting remediation and potential SAR lookbacks.

FINRA will focus on whether the firm’s AML program is effectively implemented, not merely written. Closing high-risk alerts without documented analysis or escalation creates a supervisory evidence gap and raises the risk that suspicious activity was not appropriately investigated or reported. The likely consequence is an AML deficiency requiring remediation and a lookback to determine whether SAR filings were warranted.

An AML program must be reasonably designed and actually followed, with defensible records showing how alerts were investigated, resolved, and escalated when warranted. Here, the activity pattern (third-party wires, rapid in-and-out trading, thinly traded securities) is inherently higher risk, and the firm cannot evidence any meaningful review beyond a conclusory label. In an exam, that typically results in a finding that the firm failed to implement its AML procedures, along with required corrective actions such as strengthening alert documentation standards, retraining/escalation controls, supervisory attestations, and a lookback of prior alerts and transactions to determine whether any SARs should have been filed. The key issue is control execution and documentation, not whether the alert ultimately proves suspicious.

• “Written procedures are enough” is incorrect because examiners test execution and evidence, not policy existence.
• Customer notification is problematic because it can constitute impermissible SAR tipping-off and does not cure missing investigation records.
• OFAC-only framing fails because the fact pattern is classic AML monitoring/escalation and SAR-governance exposure.

Question 5

A retail customer account opened three weeks ago is now requesting a same-day liquidation of several thinly traded micro-cap positions and an outgoing wire of the proceeds to an unrelated third party overseas. During the disbursement review, the customer’s name and date of birth generate a close match to an OFAC SDN list entry, and the customer is pressuring the firm to “send it now” due to an alleged emergency. The firm’s written procedures require escalation and documented resolution before processing any transaction when an OFAC potential match is identified.

As the compliance official, what is the single best immediate action to minimize regulatory risk while satisfying the stated constraints?

• A. Place an immediate hold on activity, escalate for OFAC match resolution, and block/report if confirmed
• B. Close the account and return the funds to the originating bank without further action
• C. Allow liquidation but hold the outgoing wire pending enhanced due diligence
• D. Process the wire only to a bank account in the customer’s name and review for SAR later

Best answer: A

Explanation: A potential SDN match requires stopping processing, escalating for documented resolution, and blocking/reporting promptly if the match is confirmed.

Because there is a potential OFAC SDN match, the highest-priority risk is sanctions compliance, which requires an immediate stop to processing until the match is resolved. The best action is to place a hold, escalate per written procedures, and ensure blocking and required reporting if the match is confirmed. This also preserves evidence of supervisory review and decisioning under time pressure.

When a potential OFAC SDN match is identified, the firm should not process trades or disbursements that could transfer value until the alert is resolved under the firm’s sanctions procedures. The immediate compliance focus is to (1) stop the requested activity, (2) escalate to the designated AML/OFAC decision-maker, and (3) document the comparison and disposition (true hit vs. false positive). If the match is confirmed, the firm generally must block the property and make the required OFAC reporting; the micro-cap liquidation and third-party wire pressure also elevate AML concerns and can be evaluated in parallel after the sanctions risk is controlled. The key is sequencing: resolve the sanctions “go/no-go” decision before moving any funds or executing transactions.

• Proceeding with liquidation still transfers value while an unresolved OFAC potential match exists.
• Wiring to same-name account does not address the sanctions risk and is the wrong stage for “review later.”
• Unilateral account closure/returning funds can conflict with blocking and reporting obligations if the match is a true hit.

Question 6

A compliance officer reviews a first-time order in a new retail account to buy 25,000 shares of ABCD, quoted at $1.20 and traded OTC (not exchange-listed).

Exhibit: Customer financial profile (USD)

• Primary residence value: $750,000 (mortgage $700,000)
• Other assets: $520,000
• Other liabilities (non-mortgage): $40,000

For this question, treat an accredited investor as a person with net worth over $1,000,000 excluding the primary residence. What additional account supervision step is required before the firm effects the trade?

• A. Apply the accredited-investor exemption based on total net worth
• B. Complete penny-stock disclosures and obtain signed agreement pre-trade
• C. Proceed under Reg BI; no penny-stock steps for cash accounts
• D. Only escalate if the position exceeds 50% of account assets

Best answer: B

Explanation: Excluding the primary residence, the customer’s net worth is $480,000, so the penny-stock heightened disclosures and written agreement apply before executing.

ABCD is a low-priced OTC security, creating penny-stock heightened-disclosure obligations unless an exemption applies. The customer is not an accredited investor because net worth excluding the primary residence is $520,000 minus $40,000, or $480,000. Therefore the firm must follow the penny-stock pre-trade disclosure and written-agreement process as an added supervision requirement.

Penny-stock transactions generally require additional supervisory steps (enhanced disclosures, documented customer agreement, and supervisory review) unless the customer or transaction qualifies for an exemption such as the accredited-investor exemption. Here, the key control is determining whether the customer is accredited using the provided definition and then applying (or not applying) the heightened-disclosure workflow.

Compute net worth excluding the primary residence:

Because $480,000 is not over $1,000,000, the accredited-investor exemption is not available, so the penny-stock disclosure and signed written agreement must be obtained before effecting the trade.

• Ignoring penny-stock workflow is incorrect because cash vs. margin does not remove penny-stock disclosure obligations.
• Counting the primary residence is incorrect because the question explicitly excludes it from net worth.
• Using a concentration threshold is incorrect because the requirement here is triggered by penny-stock status and lack of exemption, not a firm-set percentage test.

Question 7

Which action is generally required under SEC “penny stock” rules (creating heightened account-supervision steps) before a broker-dealer effects a non-exempt customer’s first penny stock transaction?

• A. Deliver the options disclosure document and obtain registered options principal approval
• B. Deliver Form CRS and obtain the customer’s best interest attestation
• C. Obtain a signed margin agreement and provide initial margin disclosure statements
• D. Provide the penny stock risk disclosure and obtain a signed written agreement after a special suitability determination

Best answer: D

Explanation: Penny stock rules add pre-transaction disclosure, a specific suitability finding, and a written customer agreement/acknowledgment before the first covered trade.

SEC penny stock rules impose additional steps beyond ordinary account opening and Reg BI processes. For covered transactions, the firm must provide standardized penny stock risk disclosures, make a specific suitability determination, and obtain the customer’s signed written agreement/acknowledgment before effecting the first transaction. These added steps create heightened supervisory and documentation requirements.

Penny stock rules are a heightened-disclosure regime intended to protect retail investors in higher-risk, thinly traded securities. When a transaction is covered (i.e., not exempt), the broker-dealer must follow special pre-transaction procedures that go beyond standard new-account documentation. Core supervision/evidence expectations include delivering the SEC-required penny stock risk disclosure document, making and documenting a specific suitability determination for the customer, and obtaining the customer’s signed written agreement/acknowledgment before the first covered penny stock transaction is effected. Firms typically supervise this through workflow controls (e.g., system holds, required documents, principal review) to ensure the trade cannot proceed until the required disclosures and signatures are captured and retained. By contrast, Reg BI/Form CRS, options documentation, and margin agreements are separate regimes and do not substitute for penny stock rule deliverables.

• Reg BI/Form CRS confusion Form CRS delivery may be required generally, but it does not replace penny stock risk disclosure and written agreement steps.
• Options rules mix-up Options principal approval and the ODD relate to options trading, not penny stock transactions.
• Margin documentation Margin agreements govern borrowing and collateral; they are not the penny stock disclosure/suitability package.

Question 8

A broker-dealer’s sanctions screening tool generates two alerts:

• Alert 1: An outgoing wire’s beneficiary is an exact match to an OFAC SDN entry (name, DOB, and country all match).
• Alert 2: A retail customer’s name is similar to an SDN, but the customer’s DOB, address, and passport number do not match the SDN record.

Which documentation approach best matches the correct compliance treatment for both alerts?

• A. Close both accounts; file SARs; no separate OFAC documentation
• B. Block Alert 1; document match and OFAC report; clear Alert 2
• C. Process Alert 1 after customer attestation; keep Alert 2 restricted
• D. Reject Alert 1 wire; no blocking; clear Alert 2 with affidavit

Best answer: B

Explanation: A true SDN match requires blocking/reporting with documented rationale, while a false positive requires documented resolution and lifting any restriction.

Alert 1 is a confirmed SDN match, so the firm should document the identifiers supporting the match, block the property, escalate internally, and evidence any required OFAC reporting. Alert 2 is a false positive, so the firm should document the comparison that disproves the match and record the rationale for lifting any restriction and resuming normal activity.

Supervisory documentation should show a defensible rationale for why an account or transaction was restricted, who approved the decision, what steps were taken, and what evidence supports closure.

For a confirmed OFAC SDN match, the compliant treatment is to block the property/transaction and create a record that ties the decision to the matching identifiers (not just the name), the escalation/approvals, and the firm’s OFAC reporting/record-retention steps. For a false positive, the firm should document the specific non-matching identifiers reviewed (e.g., DOB, address, passport), record the decision to clear the alert, and evidence removal of any temporary restriction so future reviewers can reconstruct why activity was allowed.

The key differentiator is whether the alert is a true match versus a documented false positive.

• Reject vs block rejecting a wire is not the same as blocking property when there is a confirmed SDN match.
• Customer attestation does not substitute for the firm’s independent match resolution and controls.
• Overbroad closure/SAR-only does not address OFAC’s separate blocking/reporting and documentation expectations for a true match.

Question 9

A retail customer emails the firm’s shared service inbox after reviewing her monthly statement:

“On February 6, I see an options trade in my account that I did not authorize. Your representative never discussed this with me. Please reverse the trade and reimburse my losses. I’m considering reporting this to regulators.”

The service team plans to open a routine “account service ticket” to explain the transaction and close it once the customer is called.

From a Series 14 compliance perspective, what is the primary compliance risk/red flag in this workflow?

• A. A best execution breach due to options order handling
• B. Misclassifying a written allegation as a service request instead of a complaint
• C. A customer identification/OFAC screening failure at account opening
• D. An advertising violation because the email mentions regulators

Best answer: B

Explanation: A written allegation of wrongdoing (unauthorized trade) must be captured, logged, and routed as a complaint for appropriate investigation and oversight.

The email is a written statement from a customer alleging wrongdoing (an unauthorized trade) and requesting remediation. That makes it a complaint, not a routine inquiry or service request. The key control concern is ensuring the firm’s intake process correctly classifies, logs, escalates, and tracks the matter through investigation and resolution.

Complaint controls start with correct intake and classification. A customer communication becomes a complaint when it alleges a problem with the firm or an associated person (for example, an unauthorized trade, misrepresentation, unsuitable activity, or improper handling) and seeks a remedy or expresses dissatisfaction in a way that requires review.

Here, the customer’s written email alleges the representative executed an options trade without authorization and asks for reversal/reimbursement. Treating it as a routine service ticket creates a supervisory gap because it can bypass required complaint logging, compliance review, investigation, trend analysis, and documented closure. The key takeaway is to design workflows so written allegations are reliably captured as complaints and routed to compliance, even when they arrive through general service channels.

• Best execution focus is a secondary analysis; the immediate red flag is intake/classification of a written allegation.
• AML/CIP/OFAC relates to account opening and suspicious activity, not a dispute over an unauthorized trade.
• Advertising/communications supervision is not implicated by a customer’s inbound complaint email.

Question 10

You are the broker-dealer’s Compliance Officer reviewing a recent spike in customer complaints.

Exhibit: Complaint log (last 30 days, sample)

Date        Branch   Rep   Product held     Allegation
Jan 10      12       R18   ETFs/equities    Transfer-out request “pending” for 12 days
Jan 13      05       R44   Mutual funds     Transfer-out request “pending” for 9 days
Jan 17      12       R31   Equities         Transfer-out request “pending” for 11 days
Jan 22      03       R07   Bonds            Transfer-out request “pending” for 10 days
Jan 28      09       R52   ETFs             Transfer-out request “pending” for 13 days
Feb 02      05       R44   Mutual funds     “I wasn’t told why my transfer was delayed”

All accounts are non-discretionary, and no single rep, branch, or product dominates the complaints. Which action best aligns with durable supervisory standards and sound root-cause analysis?

• A. Treat this as a product-specific disclosure issue
• B. Discipline the reps with repeat complaints
• C. Stop approving transfer-out requests until staffing improves
• D. Map the end-to-end transfer workflow and control points

Best answer: D

Explanation: The pattern is cross-branch and cross-product, indicating a likely process/control breakdown that should be analyzed through workflow mapping, evidence review, and targeted testing.

Because the complaints are consistent in allegation and spread across branches, reps, and products, the most likely root cause is a systemic process failure rather than isolated employee or product misconduct. A durable compliance response is to analyze the transfer process end-to-end, identify where delays and communications break down, and validate fixes with testing and documented closure.

Root-cause analysis starts by looking for clustering: by employee, by branch, by product, or by process step. Here, the theme (transfer-out delays and unclear status/communications) is consistent, but it does not cluster to one rep, branch, or product. That points to a process failure—such as intake/queue management, exception handling, holds/escalations, or customer notification controls.

A supervisory-standard approach is to:

• Map the transfer workflow from request receipt to completion and identify owners/control points
• Pull operational evidence (timestamps, queues, exception reasons, customer messages) to find where delays occur
• Remediate (capacity, procedures, training, system rules) and add monitoring to confirm sustained improvement

Targeting individuals or labeling it product-related misses the systemic pattern and weakens supervisory accountability.

• Rep discipline first is premature when the issue is not concentrated in one individual.
• Freeze transfers increases customer harm and does not identify the failure point.
• Product disclosure framing doesn’t fit a cross-product operational delay pattern.

Continue with full practice

Use the Series 14 Practice Test page for the full Securities Prep route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.

Related focused pages

• Regulatory Agencies
• Markets and Operations
• Broker-Dealer Operations
• Credit and Capital
• General Supervision
• Investment Banking
• Registration
• Sales Solicitations
• Free Series 14 Full-Length Practice Exam

Free review resource

Use the Series 14 Cheat Sheet on SecuritiesMastery.com when you want a compact review before returning to the FINRA Series 14 Practice Test page.