Series 24: Broker-Dealer Supervision

Series 24 Broker-Dealer Supervision questions help you isolate one part of the FINRA outline before returning to a mixed practice test. The questions below are original Securities Prep practice items aligned to this topic and are not copied from any exam sponsor.

Topic snapshot

Sample questions

Question 1

A broker-dealer’s net capital report shows capital and liquidity have tightened after increased proprietary positions and customer debit balances. The General Securities Principal reminds the desk and finance team why net capital is monitored daily.

Which statement about the purpose of net capital requirements and daily monitoring is INCORRECT?

• A. Net capital emphasizes liquidity by reducing the value of non-liquid or risky assets through deductions so only readily available resources support obligations.
• B. Net capital standards help ensure the firm can meet obligations to customers and creditors and, if necessary, wind down in an orderly manner.
• C. Net capital is primarily intended to ensure the firm stays profitable; if profits are strong, daily monitoring is unnecessary.
• D. Daily net capital monitoring helps detect rapid changes in exposures so management can restrict activity or raise financing before a deficiency occurs.

Best answer: C

Explanation: Net capital is a liquidity-based customer protection standard, not a profitability measure, and it must be monitored frequently because balances and market values change daily.

Net capital requirements are designed to protect customers and creditors by ensuring a broker-dealer maintains sufficient liquid resources to meet obligations and to allow an orderly liquidation if needed. Because market values, customer balances, and firm exposures can change quickly, principals monitor capital and liquidity daily to identify deterioration early and take corrective action before a violation occurs.

Net capital is a financial responsibility standard focused on liquidity and customer protection, not on whether a firm is “making money.” It limits how much risk and leverage a broker-dealer can take by requiring that only liquid, readily marketable resources (after appropriate deductions) count toward meeting obligations. Principals monitor net capital and liquidity daily because a firm’s condition can change quickly due to market moves, proprietary position changes, customer debits/credits, underwriting commitments, and settlement activity.

Daily monitoring supports effective supervision by enabling prompt escalation and remediation, such as:

• Reducing risk-taking/business activity
• Raising capital or obtaining financing
• Correcting breaks in the net capital computation and controls

Key takeaway: strong profits do not eliminate liquidity risk or the need for frequent net capital monitoring.

• The option tying net capital to profitability confuses earnings with liquidity and solvency protection.
• The statement about meeting obligations and orderly wind-down reflects the customer-protection purpose of the rule.
• The statement about daily monitoring enabling restrictions/financing is consistent with why principals track capital and liquidity frequently.
• The statement about deductions to emphasize liquid resources matches how net capital is designed to be a liquidity-based measure.

Question 2

A registered representative submits a recommendation for a customer to complete a 1035 exchange from one deferred variable annuity (VA) to another, stating the reason is “lower annual costs.” The customer plans to keep the VA for 6 more years.

Exhibit (all amounts in USD):

• Current VA: Value $200,000; surrender charge if exchanged today: 4%; annual expenses = M&E 1.25% + income rider 0.60%
• Proposed VA: annual expenses = M&E 1.10% + income rider 0.40%

Based only on the cost comparison, what should the principal do?

• A. Do not approve; the exchange does not break even in 6 years
• B. Approve; the customer can recover the surrender charge in 6 years
• C. Approve if the customer signs a surrender-charge disclosure form
• D. Approve; the proposed VA has lower annual expenses

Best answer: A

Explanation: The 4% surrender charge ($8,000) exceeds the 6-year estimated annual expense savings (0.35% \(\times\) $200,000 \(\times\) 6 = $4,200).

A principal should evaluate VA exchanges using a break-even/cost-benefit review that includes surrender charges and rider/ongoing fees. Here, the customer would pay a $8,000 surrender charge and save only about $700 per year in ongoing expenses, or $4,200 over 6 years. On costs alone, the exchange is not reasonably justified for the stated objective.

Supervising deferred variable annuity exchanges includes confirming the customer’s stated objective and comparing the economic impact of surrender charges, ongoing expenses (including riders), and any loss of benefits. Using the provided numbers, the surrender charge is immediate and certain, while the annual savings are relatively small.

• Surrender charge: \(4\% \times \$200{,}000 = \$8{,}000\)
• Annual expense difference: \((1.85\% - 1.50\%) = 0.35\%\)
• Annual savings: \(0.35\% \times \$200{,}000 = \$700\)
• 6-year savings: \(\$700 \times 6 = \$4{,}200\)

Because the cost break-even exceeds the customer’s 6-year horizon, approval would generally require other clearly documented, material benefits beyond “lower annual costs.”

• Approving solely because annual expenses are lower ignores the upfront surrender charge and the customer’s stated 6-year time horizon.
• Claiming the customer recovers the surrender charge in 6 years reflects an arithmetic error (it would take well over 6 years at $700/year).
• A signed disclosure form does not, by itself, make an otherwise uneconomic exchange consistent with supervisory expectations.

Question 3

Which statement about broker-dealer record retention is most accurate?

• A. Different record types have different retention periods because regulators require a longer preservation of records that evidence customer rights and the firm’s ongoing obligations, while routine records may have shorter periods once they no longer need to support the audit trail.
• B. Retention periods are determined solely by the product sold, so the same record can have different retention periods for different customers.
• C. All broker-dealer records must be retained for the same period to ensure consistent supervision.
• D. A firm may set any retention period it prefers as long as it discloses the schedule to customers.

Best answer: A

Explanation: Retention periods vary by record type to ensure the most important, long-lived compliance and customer-protection records remain available longer than routine records.

Record retention is designed to preserve an auditable history of a broker-dealer’s activities and protect customers. Because some records evidence long-term obligations and customer rights (and may be needed for examinations, complaints, or litigation years later), regulators require those records to be kept longer than routine, short-lived records.

Broker-dealer record retention is not a single, firm-chosen “one size fits all” policy. Regulators set minimum retention periods by record category because records have different compliance purposes and useful lives. Records that establish the firm’s identity, authority, customer relationship, and ongoing obligations (and that may be needed long after a transaction) generally require longer retention so they remain available for regulatory examinations, investigations, dispute resolution, and reconstruction of events. More routine records that become stale quickly may have shorter required periods once they no longer materially support the audit trail. A principal’s role is to ensure the firm’s retention schedule aligns to the required categories, is applied consistently, and supports prompt production of records when requested.

• The option claiming one uniform period ignores that retention is prescribed by record category, not a single blanket duration.
• The option suggesting disclosure to customers can substitute for regulatory minimums is incorrect; minimum retention is set by regulation.
• The option tying retention solely to the product sold misstates the framework; retention is driven by the record’s function/category.

Question 4

Which statement best defines hypothecation and the key regulatory limit on a broker-dealer’s use of customer securities?

• A. Pledging any customer securities, limited to their market value
• B. Using fully paid securities as collateral with written customer consent
• C. Pledging margin securities, limited to 140% of customer debit balance
• D. Pledging customer securities is unlimited if excess is segregated

Best answer: C

Explanation: Hypothecation is pledging customer margin securities as collateral, generally capped at 140% of the customer’s debit balance.

Hypothecation refers to a firm pledging customer margin securities to a lender to finance margin activity. The core protection is that the amount pledged is limited (commonly 140% of the customer’s margin debit balance), and fully paid/excess-margin customer securities are not meant to be used as firm collateral. Violations are serious because they can put customer assets at risk if the firm fails.

Hypothecation is the broker-dealer’s use of customer margin securities as collateral for the firm’s borrowing (typically to fund margin credit). The key limit is designed to prevent a firm from over-pledging customer securities relative to what the customer actually owes in the margin account: the pledge is generally limited to 140% of the customer’s debit balance, and customer fully paid and excess-margin securities should not be treated as firm financing collateral.

This is treated as a serious issue because it is a customer protection control: if customer securities are improperly pledged and the firm becomes distressed, customers may face delays or losses in recovering their securities, and the firm’s financial responsibility posture can be compromised. The supervisory focus is on WSPs, approvals, and periodic testing to ensure pledges stay within limits and customer securities are properly protected.

• The choice tying hypothecation to market value misses that the limit is based on the customer’s debit balance, not price.
• The choice suggesting fully paid securities can be pledged with consent conflicts with customer protection expectations for fully paid/excess securities.
• The choice suggesting unlimited pledging if “segregated” incorrectly treats segregation as a substitute for the quantitative hypothecation limit.

Question 5

A General Securities Principal is reviewing the firm’s cash-management procedures and finds the following excerpt.

Exhibit: WSP excerpt (Treasury intraday funding)

WSP 4.2 Intraday Funding
If the Operating Account balance is insufficient for firm obligations, Treasury may
transfer funds from the "Customer Reserve Bank Account" to the Operating Account
intraday.
Approval: CFO email approval required.
Treasury will return the funds to the Customer Reserve Bank Account no later than
the next business day.

Which interpretation is best supported by the exhibit, based on baseline Series 24 knowledge?

• A. The WSP permits using customer-protection funds to finance the firm, creating customer-asset misuse risk
• B. The WSP primarily indicates a cybersecurity concern because approvals occur by email
• C. The WSP is acceptable because CFO email approval is documented
• D. The WSP primarily indicates a suitability concern with automatic cash sweeps

Best answer: A

Explanation: Allowing transfers out of the Customer Reserve Bank Account for firm obligations is an improper funding practice that risks misuse of customer assets.

The exhibit authorizes moving money from a Customer Reserve Bank Account to pay firm obligations, even if described as temporary and approved. That practice creates a supervisory risk of misusing customer assets because customer-protection funds are intended to be maintained for customers, not used as a liquidity source for the broker-dealer.

The core supervisory issue is improper cash management that treats customer-protection funds as a firm “line of credit.” A Customer Reserve Bank Account (special reserve) is meant to segregate and hold funds for the protection of customers; procedures that allow transferring those funds to the firm’s operating account to meet firm obligations indicate a control design failure.

A principal should require controls that prevent misuse of customer assets, such as:

• Prohibiting operating/liquidity funding from customer reserve accounts
• Using firm-owned liquidity sources (bank credit lines, parent funding) for firm obligations
• Daily reconciliation/exception reporting of movements involving customer-protection accounts, with escalation and remediation

Documentation of approval does not cure an impermissible use of customer funds; the activity itself is the problem.

• The option relying on CFO email approval addresses documentation, not whether the underlying funding practice is appropriate.
• The option about automatic cash sweeps isn’t supported because the exhibit describes treasury transfers, not a disclosed sweep program.
• The option about cybersecurity may be a separate concern, but the exhibit’s clearest issue is the permitted use of customer-protection funds for firm obligations.

Question 6

A firm’s WSPs require that any written statement (including email or portal message) alleging a problem with a product, service, or associated person be captured in a centralized log, classified by complaint type, and routed for review. What is the primary purpose of this classification step?

• A. To satisfy CIP identity verification before investigating
• B. To determine reporting, escalation, and corrective-action requirements
• C. To establish a best execution baseline for each order
• D. To set the customer’s margin and options approval level

Best answer: B

Explanation: Accurate classification drives whether and how the matter is reported, who must review it, and what remediation and trend analysis are required.

Complaint classification is a supervisory triage control that helps the firm consistently decide the next steps for handling the matter. By categorizing complaints, supervisors can apply the right workflow for documentation, escalation, required reporting, and remediation. It also supports monitoring for patterns and repeat issues that may require broader corrective action.

A key supervisory control for customer complaints is to capture them in a central system and classify them consistently (for example, product/service issue, misrepresentation, unauthorized trading, or other alleged misconduct). That classification is not just administrative: it drives the firm’s triage decisions, including who reviews the matter, how it is documented, whether it triggers regulatory reporting, and what corrective actions or heightened supervision may be needed. Consistent classification also enables effective management information (trend and repeat-issue analysis) so the firm can identify root causes and implement broader remediation in its WSPs, training, or surveillance. The closest traps confuse complaint triage with other account-opening, trading, or execution controls.

• CIP identity verification is an account-opening/AML control and is not the purpose of categorizing a complaint for supervisory handling.
• Margin and options approval levels are customer account suitability/approval controls and are unrelated to complaint classification.
• Best execution baselines relate to order handling and execution quality reviews, not complaint intake and reporting decisions.

Question 7

A broker-dealer rolls out online options account opening. The WSPs describe collecting customer financial information but do not specify (1) which principal must approve options accounts, (2) what evidence of approval must be retained, or (3) when exceptions/red flags must be escalated.

After several customer complaints about unsuitable options trading, the firm cannot produce records showing principal approvals or any escalation decisions. What is the most likely outcome?

• A. Only customer restitution is required; WSP changes are unnecessary.
• B. No issue if principals can explain the process verbally.
• C. BCP testing can substitute for documenting approvals and escalation.
• D. Supervisory violation; remediation and potential enforcement for inadequate WSPs.

Best answer: D

Explanation: WSPs must assign supervisory roles and require documented approvals/escalations, and the firm’s inability to evidence those controls is a supervision failure.

WSPs must be reasonably designed to achieve compliance by clearly assigning supervisory responsibilities, setting required approvals and reviews, and creating a record that supervision occurred. When a firm cannot show who approved options accounts or how red flags were handled, the control failure typically results in a supervision/WSP deficiency and may lead to required remediation and disciplinary action.

WSPs are meant to translate a firm’s compliance obligations into an executable supervisory program. At a high level, they should (1) identify who is responsible for each supervisory task (including required principal approvals), (2) describe the controls and review steps to be performed, (3) require documentation/retention so the firm can demonstrate supervision occurred, and (4) define escalation paths for exceptions and red flags.

Here, the firm’s procedures omit clear ownership, evidence requirements, and escalation triggers, and the firm cannot produce approval or escalation records after complaints. That combination points to a failure to establish, maintain, and enforce an adequate supervisory system, which commonly results in exam findings, mandated remediation, and potential enforcement—rather than being cured by verbal descriptions or unrelated testing.

• The option suggesting verbal explanations are sufficient fails because regulators expect documented, reviewable evidence of required supervision.
• The option limiting the outcome to customer restitution ignores that inadequate supervisory procedures themselves create regulatory exposure.
• The option relying on business continuity testing confuses operational resiliency with day-to-day supervisory approvals, documentation, and escalation controls.

Question 8

During a routine SEC exam, the examiner requests all business-related emails for one registered representative for a two-month period. Your firm’s third-party email archive produces results for most dates but shows no captured messages for several days each week during that period. IT confirms a configuration change was made around that time, and it is unclear whether emails were not captured or are simply not searchable.

As the General Securities Principal, what is the best next step?

• A. Produce the partial email set and wait for the examiner to request anything missing
• B. Escalate and open a documented records incident to determine scope, recover/reconstruct emails, and provide regulators a status update
• C. Rely on the representative’s CRM notes as a substitute for the missing emails
• D. Migrate immediately to a new archiving vendor and purge the old archive to prevent duplicate records

Best answer: B

Explanation: A principal must promptly investigate a potential capture/retention failure, document actions, remediate and test controls, and keep regulators informed if production is delayed.

The firm has a red-flag that required records may not have been captured or are not readily accessible. The principal’s responsibility is to promptly escalate and run a documented investigation to determine the scope, attempt recovery/reconstruction, and implement and test remediation. If production cannot be completed promptly, the firm should communicate status and timing to the regulator.

When a regulator requests records and the firm discovers a potential gap in capture, retention, or searchability, supervision requires treating it as a books-and-records incident—not a routine production issue. The principal should promptly escalate to the firm’s records/compliance leadership, preserve what exists, and coordinate with IT and the vendor to determine whether records were not retained or are inaccessible.

Key actions typically include:

• Document the issue, timeline, and affected systems/users
• Perform a scoped assessment and attempt recovery/reconstruction from backups/journaling
• Remediate the root cause, update WSPs if needed, and test that capture and retrieval work
• Communicate transparently with the examiner about status and expected production timing

Producing partial results without escalation, substituting other sources, or making major system changes that risk further loss are not appropriate next steps.

• Producing only what is readily available without escalation skips the required investigation and remediation of a potential recordkeeping failure.
• Substituting CRM notes does not satisfy the obligation to retain and produce the actual business communications.
• Switching vendors and purging the existing archive risks spoliation and reduces record accessibility during an active request.

Question 9

A new General Securities Principal reviews the firm’s cash management and learns the “customer reserve” bank account is used to pay vendor invoices when the firm is short on operating cash, with the CFO stating the money is “only borrowed overnight” and then replaced.

Which supervisory action best aligns with customer-protection expectations for customer cash and securities custody?

• A. Convert the reserve into a general operating account with disclosure
• B. Stop the practice; restrict the reserve to customer benefit only
• C. Allow overnight use if the account is fully replenished daily
• D. Move the reserve to an affiliate bank to improve liquidity access

Best answer: B

Explanation: Customer reserve funds must be segregated and not used to finance firm operations, even temporarily.

Customer protection requirements are designed to keep customer cash and securities segregated from the firm’s proprietary assets and away from the firm’s creditors. Using a customer reserve account as a source of operating liquidity violates that core segregation and custody safeguard, regardless of intent to repay quickly.

At a high level, customer-protection requirements aim to reduce the risk that customer property is lost if the broker-dealer experiences financial stress. That is accomplished by (1) segregating customer cash in a reserve account maintained for the exclusive benefit of customers and (2) maintaining custody controls so fully paid and excess margin securities are in good control locations and not used for the firm’s own financing.

Using the customer reserve account to pay firm expenses is commingling and effectively turns customer property into an unsecured source of funding for the broker-dealer. A principal’s appropriate response is to stop the practice, ensure the reserve is properly restricted, and require remediation/escalation consistent with the firm’s supervisory controls. The key takeaway is that “temporary” use for operations still defeats the purpose of segregation.

• The option allowing overnight use still treats customer funds as a liquidity source, undermining segregation.
• Moving the reserve to an affiliate bank doesn’t address the core issue and can introduce additional custody/conflict concerns.
• Disclosure does not cure using customer-protected funds as a general operating account.

Question 10

After a regional power outage, FINRA attempts to reach a member firm using the firm’s listed emergency contacts, but the calls and emails go unanswered. The supervising principal learns the contacts were never updated after the operations manager and one branch manager left the firm last quarter, and the firm is preparing for its annual business continuity test next month. Which action is the best supervisory decision to address the issue and meet the purpose of emergency contact requirements?

• A. Update only the firm’s internal call tree and document the outage in the BCP test results
• B. File Form U4 amendments for all supervisors and rely on those records for emergency outreach
• C. Wait to update contacts at the next annual WSP review since the firm has an upcoming BCP test
• D. Update the firm’s emergency contact filing in FINRA Gateway and add a WSP control to verify updates after staffing changes

Best answer: D

Explanation: Emergency contact information is meant to let regulators quickly reach the firm during a disruption, so the principal should promptly update the official contacts and implement a control to keep them current.

Emergency contact information is maintained so regulators can quickly reach the firm to coordinate during significant business disruptions. Because the firm’s official contacts were stale and resulted in failed outreach, the principal should update the emergency contact record used for regulatory communications and implement a supervisory control to keep it accurate when personnel changes occur.

A firm’s emergency contact information is a core business continuity and supervisory-controls requirement because it enables FINRA and other regulators to rapidly reach the right individuals during an emergency (for example, to coordinate communications, assess operational status, and support continuity of critical functions). In the scenario, the failure was not the BCP test itself; it was that the firm’s official regulatory emergency contacts were outdated after known staffing changes, which undermines the purpose of the requirement.

The best supervisory response is to (1) promptly update the firm’s official emergency contact record in the system used for regulatory outreach and (2) strengthen WSPs so contact information is reviewed and updated whenever key personnel or contact details change, with documentation of the review. The key takeaway is that internal tools or unrelated filings do not replace keeping the regulator-facing emergency contacts current.

• Updating only an internal call tree may help operations, but it does not fix the regulator-facing emergency contact record that failed.
• Waiting for an annual WSP review ignores the immediate deficiency revealed by the failed regulatory outreach.
• Amending Form U4 data does not substitute for maintaining the firm’s designated emergency contact information for business continuity purposes.

Continue with full practice

Use the Series 24 Practice Test page for the full Securities Prep route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.

Related focused pages

• Registration and Personnel Supervision
• Customer Activity Supervision
• Trading Supervision
• Investment Banking Supervision
• Free Series 24 Full-Length Practice Exam

Free review resource

Use the Series 24 Cheat Sheet on SecuritiesMastery.com when you want a compact review before returning to the FINRA Series 24 Practice Test page.