Try 10 focused Series 14 questions on Markets and Operations, with explanations, then continue with the full Securities Prep practice test.
Series 14 Markets and Operations questions help you isolate one part of the FINRA outline before returning to a mixed practice test. The questions below are original Securities Prep practice items aligned to this topic and are not copied from any exam sponsor.
| Item | Detail |
|---|---|
| Exam | FINRA Series 14 |
| Official topic | Function 2 — Markets and Operations |
| Blueprint weighting | 18% |
| Questions on this page | 10 |
Which statement best describes an Intermarket Sweep Order (ISO) in U.S. equity markets?
Best answer: C
Explanation: An ISO permits immediate execution at a venue while the sender takes responsibility to sweep all protected quotes at better prices.
An ISO is an order handling instruction used for fast execution across venues. It allows a market center to execute the marked order right away, while the broker routes additional orders to execute against any protected quotations at better prices. The broker, not the receiving venue, is effectively managing the sweep to avoid protected-quote trade-throughs.
An Intermarket Sweep Order (ISO) is a routing/handling modifier used when a firm wants immediate execution at a particular venue but also needs to address better-priced protected quotations displayed elsewhere. When an order is marked ISO, the receiving market center may execute it immediately without first checking all other markets, because the sender represents it has simultaneously routed additional orders to “sweep” any protected quotes at superior prices. From a compliance perspective, the key concept is responsibility: the firm sending the ISO must have procedures to ensure the simultaneous sweep occurs and that the strategy is consistent with best execution and trade-through protections.
The main takeaway is that an ISO is not “ignore better prices”; it is “execute now while I sweep better protected prices elsewhere.”
A broker-dealer’s surveillance team uses FINRA OTC Reporting Facility (ORF) feeds for off-exchange equity trade reports and combines them with SIP quote data and CAT data for investigations.
Which statement about how ORF data supports the firm’s trade-and-quote surveillance program is INCORRECT?
Best answer: A
Explanation: ORF is a trade reporting feed, so quote-update reconstruction for spoofing requires quote/order data sources, not ORF.
ORF data is primarily an off-exchange trade reporting source, which makes it useful for trade reporting compliance checks and trade-based surveillance. Firms can also benchmark ORF execution prices to contemporaneous SIP quotes (NBBO) to identify outliers. ORF does not provide the quote-update message stream needed to reconstruct quoting behavior for quote-manipulation reviews.
ORF trade reports help a surveillance program by providing a regulatory-quality view of off-exchange prints and their reporting attributes (e.g., timestamps and reporting modifiers). Compliance can use ORF to (1) monitor reporting timeliness and corrections (late/as-of patterns), (2) focus investigations on sensitive windows such as the open/close where marking-the-open/close concerns arise, and (3) test whether execution prices are reasonable by comparing reported trades to contemporaneous SIP NBBO (a separate quote source).
Quote-manipulation reviews (e.g., spoofing/layering) typically require quote and order-event data (exchange quote feeds, order-level systems, and CAT), not a trade reporting feed.
Which statement is most accurate/correct regarding a broker-dealer’s compliance monitoring for participation in U.S. Treasury auctions?
Best answer: A
Explanation: Effective monitoring focuses on aggregation and certification controls so the firm does not improperly exceed Treasury auction limits across related submissions.
A firm’s key compliance risk in Treasury auctions is failing to properly control and evidence how bids are submitted and certified, particularly when multiple desks, affiliates, or customer submissions could be aggregated for Treasury limit purposes. High-level monitoring should therefore emphasize aggregation, accuracy of auction certifications, and exception escalation when limits or submission controls could be breached.
Treasury auctions impose market-structure constraints (for example, limits on how much a single bidder can be awarded and required bidder certifications). From a compliance monitoring perspective, the practical challenge is that exposure can be created through multiple channels—proprietary bids, bids submitted on behalf of customers, and activity across affiliates or controlled accounts—so controls should aggregate submissions and awards to detect potential limit breaches before bids are placed and to validate post-auction accuracy.
A defensible program typically includes:
An approach that treats auctions as “self-policing” or outside the firm’s scope will miss the core supervisory risk.
A compliance officer performs an end-of-day reconciliation between the front-office OMS execution file and the downstream FINRA equity trade-reporting “accepted” file.
Exhibit: Reconciliation snapshot
OMS executions (May 14, 2025)
Time Symbol Qty Price
10:01:12 LMNO 10,000 18.20
10:03:44 LMNO 12,500 18.21
10:07:05 LMNO 7,500 18.19
Trade-reporting status (end-of-day)
Accepted: 10,000 shares
Accepted: 12,500 shares
Rejected: 7,500 shares (Reason: invalid contra MPID)
Based on the reconciliation, which action best addresses the break and its most likely cause?
Best answer: C
Explanation: The OMS-to-reporting quantity difference is 7,500 shares, matching the single rejected execution due to an MPID mapping error.
The OMS shows total executed quantity of 30,000 shares, while downstream accepted reports total 22,500 shares, leaving a 7,500-share break. That difference exactly matches the rejected 7,500-share execution. The most likely break cause is a rejected trade report (here, invalid contra MPID) that was not corrected and resubmitted.
A practical reconciliation control is to tie out executed quantities in the OMS to downstream “accepted” quantities and then match any differences to specific fills. Here, OMS executions sum to 30,000 shares, while accepted reporting sums to 22,500 shares, so the break is 7,500 shares—exactly the size of the single rejected line.
The appropriate compliance response is to ensure the rejected report is corrected and resubmitted (and to document root cause and remediation, such as fixing reference data/mapping for contra MPIDs). Waiting for “timing” is not reasonable when the snapshot is end-of-day and the exception is explicitly a rejection, and changing OMS records to fit downstream output destroys books-and-records integrity.
Key takeaway: when the break quantity matches a specific rejected execution, fix-and-resubmit is the primary closure path.
You are reviewing the firm’s new-issue allocation exception tracker for a managed account receiving shares in an IPO where the firm is a bookrunner.
Exhibit: New-issue allocation exception tracker (single row)
IPO: ZENI (Zenith Networks) Role: Bookrunner
Acct: 88K1 (Managed) Requested: 5,000 shares
Beneficial owner: Maya Chen Title: CFO
Company: AlphaGrid Corp Relationship: Current IB fee-paying client
IB status: Paid advisory fee within last 12 months; active follow-on pitch
5131 spinning screen: Executive officer/director = YES
Disposition: Pending CO review
Which interpretation is best supported by the exhibit, based on IPO allocation restrictions?
Best answer: A
Explanation: The exhibit shows an IPO allocation to an executive officer of a current investment banking client, which is the classic spinning fact pattern.
The record shows an IPO allocation to a CFO (executive officer) of a company that is a current, fee-paying investment banking client and a current pitch target. That combination supports a spinning concern—allocating IPO shares to corporate insiders to influence investment banking business—so the appropriate interpretation is that the allocation is impermissible absent an available carve-out and requires escalation and prevention.
IPO allocation restrictions are designed to prevent members from using hot IPO shares as a quid pro quo for investment banking business. A key prohibited practice is “spinning,” where IPO allocations are directed to executive officers or directors of current or prospective investment banking clients in a way that could reward or induce the award of banking mandates.
Here, the exhibit expressly identifies the beneficial owner as a CFO and documents that her company is a current fee-paying investment banking client with an active follow-on pitch, and the firm’s own screen flags the spinning condition. Those facts support interpreting the allocation as a spinning-prohibited allocation that should be stopped and escalated for compliance disposition (including documentation of the block and any remediation). The managed-account label does not cure the underlying conflict, and the exhibit does not provide facts necessary to conclude a different restriction is the driver.
Your broker-dealer participates in U.S. Treasury auctions and also manages an affiliated hedge fund under common control. In advance of an upcoming 10-year note auction, a rates trader messages the affiliate’s PM: “Put in a separate bid through your account—if we split it up we can stay under the 35% per-bidder cap.” The firm’s auction process does not aggregate bids/awards across affiliates.
From a compliance monitoring perspective, what is the primary red flag/control concern?
Best answer: B
Explanation: Treasury auction compliance monitoring should flag and prevent evasion of bidder caps by failing to aggregate bids/awards across commonly controlled accounts.
A key Treasury auction compliance focus is preventing manipulative or improper participation, including attempts to evade auction rules through affiliated entities. The message to “split it up” combined with no bid/award aggregation across commonly controlled accounts is a direct red flag for cap circumvention and inadequate supervisory controls.
Treasury auctions have participation rules intended to promote fair distribution and prevent manipulation. A practical compliance monitoring consideration is whether the firm can identify and aggregate bids and awards across accounts and entities under common control, so the firm does not exceed per-bidder limits or appear to evade them by routing bids through affiliates. The trader’s instruction to split bidding to stay under the cap is an explicit intent signal, and the lack of an aggregation control is a supervisory gap.
A defensible control set typically includes:
Other issues may exist in Treasury activity, but this fact pattern most directly implicates auction-rule circumvention risk.
During a high-volatility session, the firm’s equity surveillance system generates an alert on a proprietary trader for possible layering/spoofing near the close.
Exhibit: Alert snippet
Date: Oct 9, 2025
Symbol: QRS
Window: 15:50–16:00 ET
Pattern: Repeated large displayed buy orders added/canceled; small sells executed
Impact: Best bid moved up ~0.8% during sequence
Note: Trader net sold 35,000 shares; P&L +\$410,000
As the compliance official, which escalation action best aligns with durable supervision and market-integrity standards?
Best answer: D
Explanation: Potential manipulative conduct warrants immediate risk containment, evidence preservation, and coordinated escalation for independent review and timely external-response decisions.
A spoofing/layering-type pattern is a market-integrity red flag requiring prompt containment and structured escalation. The best response preserves evidence (including communications), involves independent supervisory review of trading activity, and brings in legal and senior management to manage regulatory exposure and external communications. This approach also ensures the investigation and remediation are documented and defensible.
When surveillance indicates potential manipulative trading, the compliance priority is to control ongoing risk and ensure an independent, well-documented review. That typically means pausing or restricting the activity as appropriate, placing a preservation/litigation hold on relevant records (orders, executions, chats, voice, and surveillance outputs), and escalating to the business-line supervisor and compliance surveillance for investigation and remediation. Legal should be included early to guide privilege, regulatory-response posture, and any potential self-reporting decisions, while senior management escalation is appropriate when the event is potentially material (e.g., significant P&L, close-of-market impact, or reputational/regulatory exposure). The key is coordinated escalation with clear ownership, timelines, and documented closure—not informal “talk it out” resolution or delay until an external inquiry forces action.
A broker-dealer’s equity surveillance generates an alert for possible capacity miscoding after two customers complain their confirmations show the firm acted as “agent” with no commission, but they believe the firm sold from its own inventory.
Exhibit: One representative trade (from order and fill data)
Customer order: Buy 10,000 ABC MKT
Execution to customer: 10,000 @ 25.10
Contra source: Firm principal inventory fill @ 25.08
Customer confirmation: Capacity = Agency; Commission = $0.00
As the compliance official triaging the alert and complaints, what is the best next step in the correct sequence?
Best answer: B
Explanation: You first validate actual trading capacity and quantify scope, while immediately containing the issue so customer disclosures and coding are not further misstated.
Capacity coding is a disclosure control because it drives what the customer confirmation communicates about the firm’s role and compensation. The appropriate workflow is to confirm the firm’s true capacity using objective records (orders, executions, inventory/contra) and determine the population impacted. In parallel, the firm should put an interim control in place to stop additional inaccurate confirmations while the review continues.
The core control objective is that the firm’s systems code agency vs principal consistently with how the firm actually handled the trade, because that coding supports accurate customer confirmations and related compensation/markup disclosure. When an alert and complaints suggest a mismatch, compliance should start with fact-finding from source records and quickly contain the issue.
A practical sequence is:
Premature customer outreach or external reporting without scoped facts increases the risk of incomplete remediation and inconsistent disclosures.
A broker-dealer’s surveillance team is enhancing controls to detect potentially manipulative activity.
Which statement best explains how these market-structure differences matter for compliance surveillance design?
Best answer: B
Explanation: Exchange-listed markets provide order-level transparency for detecting tactics like spoofing, while OTC/dealer markets are surveilled more through quotes, prints, and pricing/markup reasonableness.
Exchange-listed markets generally have centralized price discovery and order-book transparency, which enables surveillance to test for order-level manipulative patterns. OTC/dealer markets are more decentralized, so surveillance often depends more on trade reporting, quote behavior, and dealer pricing/markup reasonableness. The market structure drives what data is available and which red flags are most detectable.
The core difference is centralized, exchange-based trading versus decentralized, dealer-quoted OTC trading, and that difference determines what “signals” your surveillance can realistically use. For exchange-listed trading, the presence of a visible limit order book and standardized exchange execution makes order-event analysis (placements, cancellations, layering/spoofing-style patterns, and routing outcomes) a natural control focus. In OTC/dealer markets, there is typically no single consolidated order book; executions are often negotiated against dealers’ quotes, so surveillance is commonly more effective when it emphasizes trade/quote patterns, dealer quote changes, and reviews of execution quality and pricing fairness (including markup/markdown-style reasonableness) based on contemporaneous market information. The takeaway is to align surveillance to the transparency and data produced by the market structure.
An equities surveillance system generates an alert for potential spoofing/layering in a firm proprietary account after repeated large displayed buy orders are entered and canceled within seconds, followed by small sells that execute. Your WSP requires alerts to be dispositioned (closed or escalated) within 10 business days and requires documentation sufficient for an independent reviewer to understand the basis for the disposition. The trader claims the activity was “quote testing” during an issuer earnings release and asks Compliance to close the alert the same day.
What is the single best compliance action that meets the WSP constraints and minimizes regulatory risk when closing the alert as non-manipulative?
Best answer: D
Explanation: Closing as non-manipulative requires an evidence-backed investigative record (order events, context, analysis) and documented supervisory approval that an independent reviewer can follow.
Minimum evidence to close a trading surveillance alert is a defensible, retrievable case record that shows what was reviewed, what was concluded, and why. For a spoofing-style pattern, Compliance should corroborate the trader’s explanation with objective data (order entry/modify/cancel timestamps, executions, and market context) and document the analysis and approval within the WSP deadline. This creates an audit trail that an independent reviewer can validate.
A surveillance alert should be closed only when the firm can demonstrate a reasonable, good-faith review supported by objective evidence—not just a conclusion. For a potential spoofing/layering alert, “minimum evidence” typically means the alert record is linked to a case file that captures the underlying order lifecycle and the factual basis for the disposition, plus documented supervisory review consistent with WSPs.
A practical closing file should show:
If objective corroboration cannot be obtained or red flags remain, the alert should be escalated rather than closed on a narrative alone.
Use the Series 14 Practice Test page for the full Securities Prep route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Use the Series 14 Cheat Sheet on SecuritiesMastery.com when you want a compact review before returning to the FINRA Series 14 Practice Test page.