Try 150 free Series 24 practice questions across the official topic areas, with answers and explanations, then continue with the full Securities Prep question bank.
This free full-length Series 24 practice exam includes 150 original Securities Prep questions across the official topic areas.
The questions are original Securities Prep practice questions aligned to the exam outline. They are not official exam questions and are not copied from any exam sponsor.
Count note: this page uses the full-length practice count maintained in the Mastery exam catalog. Some exam sponsors publish total questions, scored questions, duration, or unscored/pretest-item rules differently; always confirm exam-day rules with the sponsor.
For a compact topic review before or after this set, use the Series 24 Cheat Sheet on SecuritiesMastery.com.
| Item | Detail |
|---|---|
| Issuer | FINRA |
| Exam | Series 24 |
| Official route name | Series 24 — General Securities Principal Exam |
| Full-length set on this page | 150 questions |
| Exam time | 225 minutes |
| Topic areas represented | 5 |
| Topic | Approximate official weight | Questions used |
|---|---|---|
| Registration and Personnel Supervision | 6% | 9 |
| Broker-Dealer Supervision | 30% | 45 |
| Customer Activity Supervision | 21% | 32 |
| Trading Supervision | 21% | 31 |
| Investment Banking Supervision | 22% | 33 |
Topic: Registration and Personnel Supervision
A broker-dealer hires a registered representative who had a recent customer complaint, so the firm places the rep on a 90-day heightened supervision plan. The firm’s WSP requires the assigned principal to review and document the greater of (1) 25% of the rep’s customer order tickets each week or (2) 12 tickets per week, and to round up any fraction to a whole ticket.
Last week the rep entered 38 customer order tickets. What is the minimum number of tickets the principal must review and document for that week?
Best answer: D
Explanation: The principal must review the greater of 25% of 38 rounded up (10) or the 12-ticket minimum, so 12.
Heightened supervision is designed to mitigate risk from higher-risk personnel by adding tighter controls and increased review cadence that are documented. Here, the WSP sets a weekly review minimum and a percentage-based sample. Applying the “greater of” requirement results in the minimum documented reviews for the week.
Heightened supervision is a documented, risk-based supervisory plan used for higher-risk associated persons (for example, those with recent complaints or disciplinary history). Common control patterns include approval gates, more frequent reviews, and activity restrictions.
Apply the WSP’s “greater of” requirement:
Because 12 exceeds 10, the principal must evidence review of 12 tickets for that week.
Topic: Registration and Personnel Supervision
A new retail broker-dealer is being formed and plans to (1) register with the SEC, (2) apply for FINRA membership, and (3) solicit and open accounts for customers in several states using an online platform and registered representatives located in those states. Which statement by the designated principal is INCORRECT?
Best answer: D
Explanation: SEC broker-dealer registration does not eliminate separate state broker-dealer (and agent) registration requirements where the firm does business.
Broker-dealers commonly operate under multiple regulatory regimes at the same time: federal (SEC), SRO (such as FINRA), and state “blue sky” requirements. Registering with the SEC does not preempt state broker-dealer registration where the firm has customers, solicits business, or has personnel/locations that trigger state jurisdiction. Supervisors must plan for all applicable registrations and renewals.
A principal must distinguish three overlapping regimes. SEC registration is the federal requirement to operate as a broker-dealer under the Exchange Act. FINRA membership is an SRO relationship with its own application, supervision, and rule set, and it typically applies to retail broker-dealers even when they are SEC-registered. Separately, each state can require broker-dealer registration, branch office notice/registration, and agent (registered representative) registration when the firm solicits or does business with residents of that state.
Because the firm in the scenario will open accounts and solicit customers in multiple states using representatives located in those states, both state and federal regimes can apply simultaneously, and SRO membership obligations can apply as well. The key takeaway is that SEC registration does not “replace” state broker-dealer/agent requirements.
Topic: Registration and Personnel Supervision
A member firm is considering an agreement with CapitalFinder LLC, an unaffiliated company. CapitalFinder would (1) identify and solicit accredited investors for private placements, (2) help move investors through the subscription process, and (3) be paid a “success fee” equal to 1% of capital raised. Which statement is most accurate?
Best answer: A
Explanation: Transaction-based compensation tied to securities sales is a key broker indicator and generally requires broker-dealer registration (or association with a registered BD), which drives regulatory obligations.
Broker status is evaluated based on activities, not labels, and transaction-based compensation is a major red flag. Here, soliciting investors and being paid a percentage of capital raised closely aligns CapitalFinder with effecting securities transactions for others. That determination matters because broker activity generally requires broker-dealer registration (or proper association), along with the related supervisory and regulatory framework.
At a high level, an entity is likely acting as a broker when it is involved in effecting securities transactions for others—especially when it solicits investors, participates in negotiations or the subscription process, and is compensated in a way that depends on transaction success. A “success fee” or percentage of capital raised is commonly viewed as transaction-based compensation and is a strong indicator of broker activity.
Why it matters: broker activity generally requires broker-dealer registration (or being an associated person of a registered broker-dealer), which subjects the activity to the broker-dealer regulatory regime (supervision, communications, books and records, AML, and other compliance obligations). Member firms must be cautious about paying transaction-based compensation to unregistered parties and should escalate for compliance/legal review before proceeding.
Topic: Broker-Dealer Supervision
A carrying broker-dealer is preparing its weekly customer reserve computation. The FINOP provides the following totals (USD):
Under the customer protection requirements, the firm must maintain a cash deposit in a Special Reserve Bank Account equal to customer credits minus customer debits. What is the minimum amount the principal should ensure is on deposit in the reserve account?
Best answer: D
Explanation: The required reserve is customer credits minus customer debits: $8.4 million − $6.9 million = $1.5 million.
Customer protection requirements are designed to safeguard customer cash and securities by requiring segregation and dedicated reserves at banks. Here, the supervisory action is to ensure the reserve deposit equals net customer credits over debits. Using the provided totals, the firm must keep $1.5 million in the Special Reserve Bank Account.
The customer protection framework is intended to reduce the risk that customer assets are used to finance the firm’s proprietary business or become unavailable if the firm fails. A core control is maintaining a Special Reserve Bank Account, which helps segregate customer-related cash by requiring a deposit based on the firm’s net customer credit balance.
Using the simplified reserve instruction in the question:
This focuses the principal on maintaining segregation/reserves rather than relying on the firm’s general operating cash.
Topic: Customer Activity Supervision
Which statement is most accurate regarding approving customer day-trading accounts and supervising day-trading controls?
Best answer: C
Explanation: Firms must deliver the day-trading risk disclosure and get the customer’s acknowledgment before approving or permitting day trading.
Day trading requires heightened front-end disclosure and approval controls. The firm must provide the day-trading risk disclosure and obtain the customer’s acknowledgment before the account is approved or permitted to day trade. Principals then supervise through written procedures, surveillance, and documented review of exceptions and restrictions.
Day-trading customers must receive a specific risk disclosure describing the unique risks (e.g., leverage, rapid losses, and margin calls), and the firm must obtain the customer’s acknowledgment before approving the account for day trading or allowing day-trading activity. From a principal’s perspective, supervision is not limited to initial approval; the firm should have WSPs and supervisory controls to monitor day-trading activity and enforce any required restrictions.
Common principal controls include:
The key compliance point is pre-approval disclosure/acknowledgment plus ongoing surveillance and enforcement.
Topic: Broker-Dealer Supervision
A firm principal is reviewing a personal securities account request submitted by an associated person (AP).
Exhibit: Personal account request (internal system extract)
Outside firm: GreenPeak Securities (FINRA member)
Account type: Individual brokerage
Account opened at outside firm: June 2, 2025
First trade date at outside firm: June 3, 2025
AP disclosed to firm / requested approval: June 4, 2025
Principal written consent recorded: June 6, 2025
Duplicate statements/confirmations: Not yet received
Based on the exhibit, which interpretation is best supported under typical supervision requirements for AP accounts at other broker-dealers?
Best answer: A
Explanation: The exhibit shows the account was opened and first traded before the firm recorded written consent.
For covered securities accounts at other broker-dealers, the AP generally must obtain the employing firm’s prior written consent before opening the account (and the firm must then arrange for transaction/statement reporting). Here, the open date and first trade date both precede the recorded written consent date. That timing supports a conclusion that the AP did not obtain required prior approval.
Accounts an associated person maintains at another broker-dealer or other financial institution that can effect securities transactions are typically subject to prior disclosure and the employing firm’s prior written consent. After granting consent, the firm must also implement supervision, commonly by requesting or receiving duplicate confirmations and account statements (or an electronic feed) to enable monitoring.
In the exhibit, the account was opened on June 2, 2025 and traded on June 3, 2025, but the AP did not request approval until June 4, 2025 and written consent was recorded on June 6, 2025. That sequence supports the supervisory conclusion that the AP opened and used the account before obtaining required prior written consent, triggering escalation/investigation and remediation (including promptly obtaining the outside account records for review).
The missing duplicates relate to ongoing monitoring, but they do not cure the prior-consent timing issue.
Topic: Investment Banking Supervision
A member firm is the placement agent for a public offering structured as a best-efforts, all-or-none underwriting with a stated minimum raise by a deadline in the offering documents. The principal did not enforce the WSP requiring investor funds to be held in an escrow/special bank account until the minimum was reached, and the firm deposited subscription checks into its operating account and paid offering expenses before the deadline. If the minimum is not reached by the deadline, what is the most likely outcome?
Best answer: A
Explanation: In an all-or-none best-efforts offering, failing to escrow funds and then missing the minimum typically requires cancelation and refunds and can trigger enforcement for improper use of customer monies.
An all-or-none best-efforts structure conditions closing on achieving the stated minimum by the deadline. If the minimum is not met, the offering does not close and subscribers are entitled to a prompt refund. Using subscription proceeds for expenses before the condition is satisfied heightens regulatory exposure because customer funds were not safeguarded as represented.
Best-efforts offerings do not obligate the underwriter to sell a fixed amount, and an all-or-none term adds a clear condition: the deal closes only if the stated minimum is met by the stated time. Supervisory controls typically require that subscription proceeds be segregated (escrow/special account) and not used until the condition is satisfied, so the disclosure to investors about how their funds are handled remains accurate. If the minimum is missed, the firm must treat the offering as failed and return subscriber funds promptly; having commingled and spent proceeds before the close creates customer-harm and compliance risk (misuse/mishandling of customer monies and misleading process). The key takeaway is that the underwriting term drives both the operational handling of funds and the consequence when the condition is not met.
Topic: Investment Banking Supervision
Your firm is the placement agent for a small issuer’s registered offering being sold on a best efforts, all-or-none basis. The prospectus states customer funds must be held in a third-party escrow account and returned if the minimum is not reached by the deadline. During the selling period, you learn several registered reps are using an email template that calls the deal “underwritten” and implies the closing is assured.
As the investment banking principal, what is the single best supervisory action to satisfy the stated constraints and reduce regulatory risk?
Best answer: D
Explanation: Communications must not mischaracterize a best-efforts, all-or-none offering as guaranteed, so the principal should halt the template and implement pre-use review with accurate contingency and escrow disclosure.
A best efforts, all-or-none offering is contingent on reaching the minimum, with investor funds held in escrow until that condition is met. Calling the deal “underwritten” or implying a certain closing is misleading and undermines required transparency about the contingency. The principal’s best response is to stop the communication, correct it, and document and enforce controls to prevent recurrence.
The core supervisory issue is ensuring offering communications accurately reflect the underwriting arrangement and any contingency. In a best efforts, all-or-none deal, the firm is not committing capital to buy the securities, and the offering cannot close unless the minimum is sold; investor funds must remain in escrow and be returned if the condition is not met. A principal should treat inaccurate deal descriptions as a high-risk red flag because they can mislead customers about both execution certainty and how their money is handled.
Appropriate supervision includes:
Relying on “oral clarification” is not an adequate control when written communications are misleading.
Topic: Investment Banking Supervision
Which statement best defines a stabilizing bid in a public offering and the primary supervisory focus for a General Securities Principal?
Best answer: C
Explanation: Stabilizing bids are permitted only under defined conditions and require principal-controlled procedures, disclosure, and monitoring to prevent manipulative pricing.
A stabilizing bid is a permitted, disclosed syndicate/manager bid intended to support the offering’s market in a limited way, not a general market-making tool. Because stabilization can resemble manipulation if misused, the principal’s key role is ensuring WSPs, documentation, and monitoring controls over who may place the bid and under what conditions.
Stabilization refers to entering a bid in the open market in connection with a distribution to help maintain an orderly market and prevent or slow a price decline during the offering period. It is narrowly permitted and must be handled as a controlled syndicate process rather than routine trading. A General Securities Principal typically supervises this by ensuring the firm’s WSPs:
The key takeaway is that stabilization is a limited, documented distribution activity with heightened controls, not discretionary price support.
Topic: Investment Banking Supervision
During a quarterly supervisory control test, a research principal discovers that five equity research reports distributed to retail clients last month do not include the firm’s standard analyst certification language, and the electronic attestation log for those reports is blank. The analysts state a publishing-system outage prevented the “certify” click, but they stand by the content.
What is the best next supervisory step?
Best answer: D
Explanation: Missing certifications require documented escalation and corrective action, including obtaining the required attestations and fixing and testing the control before relying on it.
Research reports generally require analyst certifications, and principals must supervise the process that captures and evidences those certifications. When the reports and the attestation log both show missing certifications, the principal should escalate and document the exception, obtain the required written certifications for the affected reports, and fix and validate the publication control so the breakdown does not recur.
A core research-supervision obligation is ensuring required analyst certifications are made and that the firm can evidence them through a controlled process (e.g., required certification language in the report and a retained attestation record). Here, the principal has an identified control failure with customer-facing impact: multiple distributed reports lack the certification language and there is no attestation record.
Appropriate next-step supervision is to:
Verbal assurances alone are not sufficient evidence, and updating procedures without addressing already-distributed reports and the control failure leaves the firm unable to demonstrate compliance.
Topic: Broker-Dealer Supervision
A FINRA examiner asks how your firm’s principals evidence ongoing supervision of required books and records in an electronic recordkeeping environment.
Two WSP designs are proposed:
Which design best fits the decisive factor of demonstrating recordkeeping supervision to regulators?
Best answer: B
Explanation: It creates auditable evidence of periodic review, exception follow-up, and documented corrective actions with closure.
To evidence recordkeeping supervision, principals should be able to show a repeatable review process, what exceptions were identified, and what corrective actions were taken and closed. A structured exception-report review with principal sign-off and a corrective-action log produces a clear audit trail. An informal spot-check process without tracking makes it difficult to demonstrate consistent oversight and remediation.
Recordkeeping supervision is best demonstrated through documentation that a principal (or supervised designee) performed periodic reviews, identified exceptions, and ensured issues were remediated and verified. An exception-reporting program tied to documented principal review and a corrective-action log creates a defensible “end-to-end” record: what was tested, what failed, who owned the fix, when it was completed, and how the firm confirmed the fix worked.
Design A aligns with these expectations because it combines:
A sampling-only approach can be part of supervision, but without sign-off and remediation tracking it is weaker evidence of supervisory control execution.
Topic: Broker-Dealer Supervision
A firm allows registered reps to text customers only on firm-issued phones. As a supervisory control to detect retention gaps and possible off-channel texting, the firm reconciles each rep’s monthly wireless carrier text-message count to the firm’s archiving vendor count. The WSP states: “Escalate to Compliance and the supervisor if the archive capture rate is below 95%.”
Exhibit: Rep J monthly reconciliation (January)
What should the principal do?
Best answer: B
Explanation: The capture rate is \(468/520=90\%\), which is below the WSP’s 95% escalation threshold.
The principal should apply the firm’s reconciliation control by calculating the archive capture rate and comparing it to the WSP threshold. Here, 468 archived texts out of 520 carrier-reported texts is 90%, which is below 95%. That shortfall must be treated as a supervisory exception and escalated for investigation and remediation.
Firms must supervise electronic communications retention and have controls to detect gaps that could indicate a system failure or business conducted off-channel. When a firm’s WSP defines an escalation threshold, the supervisor should follow it, document the exception, and drive remediation (e.g., confirm device configuration, verify journaling/archiving feeds, review for business communications outside approved channels, and apply any needed heightened supervision).
Here the control is a simple reconciliation:
\[ \begin{aligned} \text{Capture rate} &= \frac{468}{520} \\ &= 0.90 = 90\% \end{aligned} \]Because 90% is below the 95% standard in the WSP, escalation and follow-up are required rather than closing the item as immaterial.
Topic: Investment Banking Supervision
Which statement about information barriers between investment banking, research, and trading is most accurate?
Best answer: B
Explanation: Information barriers are intended to stop MNPI and influence from crossing departments, supporting independent research and fair markets.
Information barriers (often called “Chinese walls”) are supervisory controls that limit communications and access to sensitive information across investment banking, research, and trading. Their purpose is to reduce conflicts of interest and prevent the misuse of material nonpublic information, supporting independent research and fair, orderly markets.
Information barriers are firm-level supervisory controls (policies, access limits, surveillance, and escalation) that separate investment banking, research, and trading to reduce conflicts and prevent the misuse of material nonpublic information (MNPI). In practice, barriers restrict who can access deal information, limit interdepartment communications, require watch/restricted lists and preclearance where applicable, and require documentation and training. They matter because investment banking has incentives tied to deals, research influences investor decisions, and trading can profit from MNPI; without barriers, the firm risks biased research, selective dissemination, insider trading, and loss of market confidence. A key supervisory principle is that research conclusions (e.g., ratings/targets) must not be controlled by investment banking or trading, and controls must be more than informal reminders.
Topic: Investment Banking Supervision
A firm wants to strengthen its information barriers between investment banking and equity research. Which supervisory control best matches the core purpose of an information barrier designed to prevent investment banking influence on research content and ratings?
Best answer: B
Explanation: Information barriers are meant to keep banking from directing or approving research opinions or ratings, while allowing limited factual checks under controlled procedures.
An effective information barrier prevents investment banking personnel from shaping, pressuring, or approving research opinions and ratings. A common permitted exception is a tightly controlled factual accuracy check, without allowing banking to edit conclusions or determine coverage decisions. The correct match focuses on restricting banking influence while preserving research independence.
Information barriers are supervisory controls intended to preserve research objectivity by separating research from investment banking influence. At a high level, this means research must control its own opinions, ratings, and timing, and bankers should not be able to direct, pressure, approve, or veto research conclusions.
A practical control that aligns with this purpose is allowing only limited, supervised interaction with banking for non-opinion matters (for example, verifying factual statements), while prohibiting banking from participating in drafting, rating decisions, or publication approval. The key takeaway is independence of research judgments, not simply managing trading activity or customer issues.
Topic: Trading Supervision
At 10:17 a.m., the SIP disseminates a LULD “Trading Pause” in listed stock XYZ. Your firm is both a registered market maker in XYZ and routes customer orders through an automated smart order router.
A post-close review shows that, for about two minutes after the pause message, the firm’s system continued to display market maker quotes and routed several IOC customer orders that were rejected by the exchange. As the trading principal, what is the single best supervisory action that addresses the immediate halt-handling requirements and reduces the risk of recurrence?
Best answer: B
Explanation: During a halt/volatility pause the firm must stop quoting and prevent order entry/routing in the halted symbol until resumption, and a principal must remediate and evidence supervisory controls.
During a trading halt or LULD volatility pause, trading in the affected security is paused and firms must not continue to quote or route orders as if the market were open. The best supervisory response is to have automated controls keyed off the SIP halt status to withdraw quotes and block order entry/routing, then investigate, remediate, and document the issue through supervisory control testing.
The core requirement during a trading halt/volatility pause is that the firm must treat the security as not available for trading until the halt is lifted (resumption message). For a market maker, that means quotes must be withdrawn and not displayed/updated during the pause. For agency order handling, the firm should prevent new routing/market access activity in the halted symbol and handle existing orders consistent with the firm’s WSP (for example, hold, cancel, or require re-entry after resumption, depending on the firm’s procedures).
A principal’s best decision is to pair immediate containment with control remediation:
A manual reminder alone does not adequately control an automated router/quoting system.
Topic: Broker-Dealer Supervision
A broker-dealer has one OSJ and plans to add 20 registered representatives who will work from home in multiple states. Reps will not meet customers at home, but they will place orders, open accounts, and communicate with customers electronically. To reduce overhead, the firm wants to treat each home office as an “other/non-branch location” and have a single OSJ principal perform all approvals and supervision remotely.
Which statement best describes the primary risk/limitation the firm must address in this supervisory structure?
Best answer: C
Explanation: If duties for remote activities and locations are not specifically assigned and documented in WSPs, gaps in “reasonable supervision” are likely.
When supervision is centralized at one OSJ over many dispersed locations, the key tradeoff is lower physical oversight in exchange for heavier reliance on clearly allocated supervisory duties and controls. The firm must ensure each activity (account opening, communications, order review) has an identified supervisor with documented responsibilities in WSPs. Otherwise, the structure is prone to supervisory gaps and unresolvable accountability issues.
A principal designing a supervisory structure must be able to demonstrate “reasonable supervision” across locations and activities. Centralizing supervision over remote, non-branch locations can be workable, but it reduces day-to-day physical oversight and increases the need for a well-defined supervisory chain.
To manage that tradeoff, the firm should ensure its WSPs:
The core limitation is not the remote model itself—it’s whether the firm can clearly allocate and evidence supervisory responsibility so no function or location is effectively “owned by no one.”
Topic: Trading Supervision
A broker-dealer introduces a new order-entry system used by trading and sales for equities, corporate bonds, and UITs. During a post-trade review, an operations supervisor finds multiple settlement fails traced to quantity-entry errors (e.g., bond trades entered as “10” when the customer intended $10,000 par; UIT purchases entered as “100 shares” instead of 100 units). As the Series 24 principal, which supervisory action best meets a customer-protection expectation and reduces delivery problems?
Best answer: A
Explanation: Preventive controls and pre-settlement review that validate instrument-specific delivery units best reduce fails and customer harm.
Operational accuracy in units of delivery is a core settlement control because clearing and delivery systems settle based on the quantity field, not the rep’s intent. Supervisory procedures should prevent and detect mismatches by validating the correct unit by product type (shares for equities, par amount for bonds, units for UITs) before submission and confirmation, reducing fails and customer impact.
A principal should supervise clearance and settlement by ensuring orders and confirms reflect the correct unit of delivery for the product being traded. Equities settle in shares, most bonds settle in par amount (commonly $1,000 par increments), and UITs are purchased and delivered in units. If the firm allows inconsistent quantity entry, the result can be DKs, settlement fails, incorrect cash debits/credits, and customer disputes.
A sound approach is to combine:
Relying on downstream parties or fixing errors after settlement is reactive and increases customer harm and operational risk.
Topic: Customer Activity Supervision
A retail customer submits a signed request at the receiving firm to transfer her entire brokerage account via ACATS. The carrying firm confirms there is no margin debit, no open orders, and no legal hold or lien on the account. As the supervising principal, which action or statement by the carrying firm is INCORRECT?
Best answer: A
Explanation: A firm must not impede or delay an ACATS transfer for business reasons when there is no valid restriction on releasing the account.
ACATS is designed to facilitate timely, standardized transfers between broker-dealers. When there is no legal or financial restriction (e.g., no lien, court order, or unresolved debit), the carrying firm should process the request and must not create delays to discourage the customer from transferring. Supervisory procedures should focus on accuracy, fraud prevention, and consistent fee practices—not retention tactics.
ACATS is the industry system used to transfer customer accounts between broker-dealers in a standardized way. A principal’s supervisory obligation is to ensure the firm processes transfers promptly and accurately and does not interfere with a customer’s right to move their account.
Permissible transfer handling typically includes:
By contrast, creating a “retention hold” or otherwise delaying a transfer for business reasons (when there is no debit, lien, or legal restriction) is improper interference. The key takeaway is that restrictions must be tied to a legitimate legal/financial basis, not sales or retention goals.
Topic: Broker-Dealer Supervision
During a mid-month net capital computation, a carrying broker-dealer determines its net capital has fallen below its minimum requirement due to an unexpected proprietary loss. The firm can still meet customer deliveries today, but the CFO expects additional volatility. As the General Securities Principal, which action best meets customer-protection expectations and appropriate supervisory standards?
Best answer: C
Explanation: When net capital falls below the minimum, the firm must promptly notify regulators and restrict activity that could worsen the deficiency until it is back in compliance.
A net capital deficiency triggers an expectation of prompt regulatory notification and immediate steps to protect customers by limiting business activity. The supervisory response should focus on stopping actions that could increase liabilities or trading exposure while the firm restores capital. Simply planning to report later or “trade through” the problem conflicts with the customer-protection purpose of the financial responsibility rules.
At a high level, when a broker-dealer’s capital condition deteriorates to a deficiency, regulators expect timely notice and decisive supervisory intervention to prevent further weakening that could put customers at risk. A principal should ensure the firm promptly escalates and notifies the appropriate regulatory contacts and implements business curtailment measures designed to reduce exposures and obligations while capital is restored.
Practical curtailment typically includes:
The key takeaway is that “we can meet today’s settlements” does not replace the need to notify and curtail when minimum capital is breached.
Topic: Customer Activity Supervision
A firm launches a new digital account-opening workflow. During a supervisory control test, the principal finds that the vendor’s “final review” screen intermittently failed to display (and capture acknowledgment of) the firm’s margin disclosure statement, extended-hours trading risk disclosure, SIPC notice, and the pre-dispute arbitration agreement. About 150 new retail accounts were opened in the last 30 days and can trade.
What is the BEST next step for the principal?
Best answer: A
Explanation: The principal should promptly cure missing required disclosures/acknowledgments, evidence the fix, and validate it with follow-up testing.
When a principal identifies that required customer disclosures and acknowledgments were not reliably presented in a new workflow, the next step is to stop the harm and cure the deficiency. That means restricting impacted activity as needed, delivering the missing disclosures and obtaining acknowledgments, and documenting what was fixed. The principal should also validate the fix with follow-up testing and adjust supervisory controls/WSPs so the issue does not recur.
Customer disclosures such as margin risk information, extended-hours trading risks, SIPC coverage notice, and pre-dispute arbitration agreement presentation are expected to be delivered in a way that is reasonably designed to reach the customer and be evidenced (especially in a digital workflow). When supervisory testing finds a control failure affecting live customer accounts, a principal’s workflow should prioritize: (1) immediate remediation to prevent further impacted transactions, (2) curing the gap for affected customers (delivery plus acknowledgment where the process requires it), (3) documenting the issue, root cause, and corrective actions, and (4) retesting/monitoring the vendor process and updating WSPs to reflect the control and escalation path. Simply communicating generally, delaying to a periodic review cycle, or prematurely closing after attribution to a vendor does not address the firm’s responsibility to supervise and evidence disclosure delivery.
Key takeaway: remediate first, then evidence and validate the control going forward.
Topic: Trading Supervision
On June 10, 2025, your firm’s clearing operations team reports that a corporate bond delivery via DTC settled this morning, but the securities delivered are the wrong CUSIP versus the trade confirmed to the customer. The contra party says it was a booking error and asks your firm to “just keep the bonds” and they will correct their side later. Your firm must correct the settlement problem promptly, ensure the customer trade record reflects what was actually purchased, and document how the issue was resolved for supervisory review.
As the Series 24 principal, what is the single best supervisory action?
Best answer: D
Explanation: Because the delivery already settled and is the wrong CUSIP, the firm should reclaim/return the securities, correct records, and retain documentation of the resolution.
When the firm has already received and settled an incorrect delivery, the appropriate high-level correction is to process a reclamation to return the securities and obtain the correct CUSIP. Supervisory follow-through includes correcting the firm’s and customer-facing trade records to match the intended transaction and retaining clear documentation (timing, communications, and final disposition). This addresses both timely settlement correction and an auditable resolution.
Rejections and reclamations are tools to correct settlement problems when what is delivered does not match what was supposed to settle. A rejection is used to refuse an item before accepting/settling it (for example, when a delivery presented does not match the expected CUSIP or quantity). A reclamation is used after the firm has received/accepted a delivery that turns out to be wrong, so the firm returns the securities to the delivering party and works to get the correct securities delivered.
Here, the delivery already settled and the CUSIP is wrong, so the principal should ensure operations processes a reclamation (rather than “keeping” the bonds), corrects any internal booking/customer trade record issues tied to the error, and maintains documentation of the investigation and resolution (communications with the contra, corrected allocations/records, and any remediation to prevent recurrence). The key takeaway is to match the remedy to when the mismatch is discovered (pre-acceptance vs post-settlement) and to create a complete supervisory audit trail.
Topic: Trading Supervision
A firm assigns equity traders to separate aggregation units in its order management system (OMS): one for proprietary market making and one for agency/customer orders. During an OMS migration, a principal allows a market-making trader to use a shared login that can enter orders in both units, and the firm’s pre-trade risk limits and surveillance are configured at the aggregation-unit level.
What is the most likely outcome of this control failure?
Best answer: C
Explanation: If mandates and controls are set by aggregation unit, broad access lets a trader circumvent restrictions and defeats monitoring tied to the assigned unit.
Trader mandates are enforced by restricting traders to their assigned aggregation units and monitoring activity within those units. If a trader can enter orders in multiple units while controls are applied at the unit level, the trader can effectively evade the tighter limits and surveillance intended for the mandate. This creates a foreseeable breakdown in market access risk management and supervisory oversight.
Aggregation units are used to group trading activity for supervision, risk limits, and surveillance, and trader mandates are implemented by restricting a trader’s system access to the units they are authorized to use. If a trader can submit orders under a different unit than their mandate, unit-level controls (for example, order size, credit/position limits, or surveillance parameters) can be avoided simply by choosing the other unit. That undermines the firm’s ability to evidence compliance with mandates, weakens monitoring, and increases the risk of problematic activity going undetected.
Key takeaway: when controls are calibrated to aggregation units, principals must prevent cross-unit access and periodically test that trader entitlements match mandates.
Topic: Customer Activity Supervision
A firm is reviewing a retail advertisement for a variable annuity. The ad highlights: “Hypothetical 10.00% annual return based on the performance of the selected underlying fund (fund expenses reflected).”
The variable annuity contract also charges an annual 1.25% mortality and expense (M&E) risk charge plus a 0.35% annual administrative charge.
To keep the communication fair and not misleading, what net annual return should the principal require the ad to present (or clearly disclose would apply after contract charges) if it uses the 10.00% figure?
Best answer: A
Explanation: Variable product performance presentations must not omit material contract charges; subtracting 1.60% in annual contract charges from 10.00% yields 8.40%.
Variable annuity communications must be fair and balanced and cannot present underlying fund performance without clearly reflecting the impact of the annuity’s recurring contract charges. Here, the ad’s 10.00% figure would be reduced by the 1.25% M&E charge and the 0.35% administrative charge. The net annual return to present or disclose is 8.40%.
Variable products add contract-level fees (such as M&E risk charges and administrative charges) on top of the underlying fund’s expenses. If a retail communication highlights underlying fund performance but omits material variable annuity charges, it can mislead customers about what they would actually earn in the contract. A principal should require performance to be presented net of, or clearly adjusted for, the annuity’s recurring charges when using a single “return” figure.
Compute the annual net return by subtracting the contract charges from the stated return:
A common trap is applying the fees multiplicatively rather than as a simple subtraction in this type of disclosure check.
Topic: Customer Activity Supervision
A firm’s WSPs require operations to maintain a centralized file of current, signed customer instructions that permit an associated person to pick up, endorse, or otherwise transmit a customer check. The firm must reject any disbursement request if the written authorization is missing or outdated. Which supervisory record/control does this describe?
Best answer: B
Explanation: It describes keeping and using written customer authorizations before allowing check handling or transmission by firm personnel.
The control matches supervision of negotiable instrument authorizations: the firm must keep and rely on written customer instructions before allowing an associated person to handle customer checks. Strong recordkeeping and rejection of unsupported requests reduce the risk of misappropriation and undetected, unauthorized disbursements.
Negotiable instrument authorization records are the firm’s evidence that a customer has granted permission for someone at the broker-dealer to handle, endorse, or transmit a customer check (or similar negotiable instrument). Supervisory controls typically require the authorization to be written, current, centrally retained, and verified before the firm processes the disbursement.
Weak or missing controls in this area create clear fraud and conversion risks, such as:
A similar supervision concept applies to customer mail holding: firms should log and monitor holds because mail holds can conceal unauthorized activity, but that is a different control purpose than documenting authority over negotiable instruments.
Topic: Investment Banking Supervision
A member’s investment banking group wants to run a digital marketing campaign to attract issuers considering an IPO. The chief compliance officer proposes two WSP control designs:
Which control design best addresses the decisive risk of conditioning the market in offering communications while still allowing generic advertising?
Best answer: C
Explanation: It limits communications to non-issuer-specific, non-offering content and adds pre-use review, reducing the chance the firm is viewed as soliciting interest in a particular offering.
Generic advertising is meant to promote the firm or its services without encouraging interest in a specific issuer or securities offering. The conditioning-the-market risk is driven primarily by issuer- and deal-specific “teaser” content that looks like an offer or solicitation before appropriate offering materials exist. A control that prohibits issuer/terms references and requires pre-use principal approval best addresses that risk.
The key supervisory issue is preventing communications that could be viewed as soliciting interest in a particular distribution before the market has access to appropriate, permitted offering materials. “Generic” advertising is higher-level and institutional (the firm’s capabilities, experience, and general market commentary) and avoids naming a specific issuer or discussing a contemplated deal’s timing, pricing, or other terms. When communications cross into issuer- or offering-specific promotion (even with principal approval), they raise conditioning-the-market concerns because they can function as pre-selling.
A principal’s WSPs should therefore:
The decisive differentiator is content: issuer- and deal-specific teasers are the conditioning risk, not the delivery channel.
Topic: Broker-Dealer Supervision
A broker-dealer is planning a transaction that will change who controls the firm and will also add a new line of business that could materially alter its supervisory, financial, and operational profile. Which regulatory concept is specifically designed to obtain FINRA’s prior approval before the firm implements this type of material change?
Best answer: D
Explanation: A Form CMA is used to seek FINRA approval before implementing a material change in ownership/control or business operations.
A Continuing Membership Application (Form CMA) is the process for obtaining FINRA’s approval before a member makes a material change in its ownership/control or business operations. In practice, the principal coordinates the internal analysis, documentation, and supervisory/operational readiness needed to support the application before the change is implemented.
The core concept is FINRA’s continuing membership review process. When a member plans a material change—such as a change in who controls the firm or a significant change to business activities that could affect supervision, compliance, finances, or operations—the firm generally must seek FINRA approval through a Continuing Membership Application (Form CMA) before implementing the change. A principal’s role is to identify that the change triggers the approval process, coordinate required internal stakeholders (legal, finance, operations, compliance), ensure WSPs and supervisory controls are updated for the new activity, and support the firm’s communications and submissions to FINRA. By contrast, other forms are primarily for updating registrations/records rather than obtaining prior approval for a material change to the membership profile.
Topic: Broker-Dealer Supervision
A registered representative asks for approval to help a relative’s company sell convertible notes (a security) to the rep’s existing customers. The issuer will pay the rep a one-time “success fee” of $7,500 only if at least $150,000 of notes are sold through the rep’s efforts (otherwise $0).
As the supervising principal, which action is most appropriate?
Best answer: D
Explanation: The success fee is transaction-based compensation ( \(7{,}500/150{,}000=5\%\)), so it is a compensated private securities transaction requiring prior written approval and supervision/recordkeeping.
The payment is contingent on the amount of securities sold, making it transaction-based compensation. Calculating \(\$7{,}500\) on \(\$150{,}000\) shows an effective 5% success fee, which is characteristic of commissions. Because this is a private securities transaction with compensation, the firm must give prior written approval and supervise it like firm business, including appropriate books-and-records treatment.
Outside business activities are generally non-securities business conducted away from the firm, while private securities transactions involve an associated person participating in a securities transaction outside the firm. Here, the product is a security (convertible notes) and the rep’s payment is contingent on raising investor money.
A principal can confirm it is transaction-based compensation by computing the effective rate:
Because the rep is being compensated for selling securities away from the firm, it should be treated as a compensated PST requiring prior written notice and written approval, plus supervision and recordkeeping as if the transactions were executed through the firm. The key takeaway is that contingent/sales-based pay points to a compensated PST, not a simple OBA.
Topic: Trading Supervision
A broker-dealer’s WSPs prohibit proprietary trading ahead of the firm’s unpublished research. For any security placed on the research “watch list” in the 24 hours before a scheduled report, the order-entry system must block and escalate any proprietary order larger than 150% of the desk’s 30-day average daily proprietary volume in that security.
The equity desk’s 30-day average daily proprietary volume in QRS is 8,000 shares. At 9:55 a.m., a trader enters a proprietary buy order for 14,000 shares of QRS. The research report on QRS is scheduled for 10:00 a.m.
As the trading supervisor, what should occur under the WSP control?
Best answer: A
Explanation: 150% of 8,000 is 12,000 shares, so 14,000 must be blocked and escalated to prevent trading ahead of unpublished research.
The supervisory control uses a size-based threshold to prevent misuse of nonpublic research information. Since 150% of 8,000 shares is 12,000 shares, a 14,000-share proprietary order entered minutes before publication must be blocked and escalated for compliance review before it can trade.
Trading ahead of an unpublished research report raises material nonpublic information and conflict concerns, so firms use information barriers plus prepublication restrictions (watch/restricted lists) and automated surveillance. Here, the WSP sets a specific prepublication control: if a name is on the watch list, proprietary orders above 150% of the desk’s average daily prop volume must be blocked and escalated.
Post-trade-only review is not an adequate control when the WSP requires pre-trade blocking to reduce the risk of trading ahead.
Topic: Broker-Dealer Supervision
A firm is seeing an increase in recommendations of a 2x daily reset leveraged ETF by several registered reps. Exception reports show many customers are buying and holding the ETF for months in retirement accounts, and a subset of the same accounts has frequent in-and-out trades of the product.
The firm wants to continue offering the ETF to customers for whom it is appropriate, but the principal must update supervision to address both product risk and the trading patterns. What is the single best supervisory action?
Best answer: D
Explanation: It addresses reasonable-basis, customer-specific, and quantitative suitability through product due diligence, customer-level controls, and monitoring/escalation.
Because the product is complex and the firm is seeing both long holding periods and frequent trading, supervision must cover all three suitability components. The principal should ensure the firm has a reasonable-basis understanding of the ETF, enforce customer-specific eligibility and time-horizon controls, and add quantitative surveillance and escalation for excessive trading or exception patterns.
A principal’s product supervision should align supervisory controls to the three suitability components. For a leveraged, daily reset ETF, the firm should first complete reasonable-basis work (product due diligence, training, and clear guidance on intended use and key risks). Next, customer-specific suitability requires controls that tie recommendations to the customer’s profile and objectives, including explicit review of time horizon and strategy, with documentation and (where risk warrants) principal pre-approval.
Because the firm also observed frequent in-and-out trading in some accounts, supervision must include quantitative suitability controls, such as surveillance for turnover/short-term switching patterns, exception reports, and a defined escalation and remediation process. Disclosures or acknowledgments alone do not substitute for these supervisory obligations.
Topic: Customer Activity Supervision
A broker-dealer is launching a new outbound calling campaign to retail prospects using a third-party dialing platform. In a recent review, the principal found several customer complaints stating they had previously asked not to be called again, but were contacted by different registered reps weeks later. Which supervisory action best aligns with high-level do-not-call and outbound contact control expectations?
Best answer: C
Explanation: Centralizing opt-outs and scrubbing call lists against internal and applicable do-not-call sources helps prevent repeat calls and is a core supervisory control.
The supervisory issue is inconsistent handling of do-not-call requests across reps and campaigns. The best control is a firmwide process that captures opt-outs centrally, ensures outbound lists are scrubbed before use, and includes documented surveillance/testing of the process (including any vendor). This design directly addresses repeat-call complaints and supports consistent compliance.
Telemarketing supervision should be built around preventing prohibited or unwanted outbound contacts through consistent, documented controls. When complaints show that opt-out requests are not being honored across different reps, the supervisory fix is to remove reliance on individual memory or rep-maintained lists and implement a centralized workflow.
A strong high-level approach includes:
Vendor assurances can support oversight, but they do not replace the firm’s duty to maintain procedures and supervise outbound contact activity.
Topic: Trading Supervision
A General Securities Principal reviews an automated trade-reporting exception generated after a system update.
Exhibit: Exception log (snapshot)
Time Product Symbol/CUSIP Execution venue Routed to Result
10:14:08 Corporate bond 46625HAA7 OTC (dealer-cust) Nasdaq TRF REJECT: invalid security type
Based on the exhibit, which interpretation is best supported?
Best answer: A
Explanation: Corporate bond transactions are generally reported to TRACE, while TRFs are for equity trade reporting.
The exhibit shows a corporate bond traded OTC but routed to an equity Trade Reporting Facility (TRF) and rejected for an invalid security type. Corporate bond trade reporting is generally handled through TRACE, not through TRFs or the ADF. A principal should identify this as a routing/control issue and ensure bond trades are directed to TRACE reporting.
The key interpretive fact is the product type: it is a corporate bond. TRFs (and the ADF) are mechanisms associated with equity trade reporting, including OTC equity prints. By contrast, corporate bond transactions are generally reported to FINRA’s TRACE system. The rejection message (“invalid security type”) is consistent with an equity-reporting destination receiving a fixed income trade.
A principal’s appropriate supervisory takeaway is that the firm’s reporting/routing logic (or security master mapping) is misclassifying or misrouting the product, and the control should be corrected and tested so corporate bond trades flow to TRACE (with appropriate exception review for any trades affected by the change).
Topic: Trading Supervision
A listed stock triggers an exchange-declared volatility pause (trading halt). Your firm is a market maker in the stock and also routes retail customer orders through an automated order management system. During the pause, a customer submits a market order to buy 2,000 shares.
As the trading principal, which supervisory approach best complies with how orders and quotes must be handled during a halt?
Best answer: A
Explanation: During a halt/volatility pause, trading and quoting must stop, so orders may be accepted only if they are not executed or displayed until the security reopens.
During a trading halt or volatility pause, the firm must not execute trades or disseminate quotations in the halted security. A compliant supervisory control is to accept the customer’s order only if it is held (not routed, executed, or displayed) until trading resumes, while also ensuring the market-making desk’s quotes are withdrawn for the duration of the pause.
The core supervisory principle is that when a security is subject to an exchange/market-declared halt or volatility pause, broker-dealers must have controls that stop trading activity and the publication of quotes in that security until it reopens. For an incoming customer order during the pause, a firm may accept the order, but it must be handled in a way that prevents execution, routing intended to execute, or display while the halt is in effect (e.g., queue/hold the order for potential handling after resumption, subject to the customer’s instructions). For market making, the firm should ensure its quotations are not disseminated during the halt and that systems do not automatically resume quoting or release held orders without appropriate reopening logic and supervision.
Key takeaway: “Hold, don’t trade; withdraw, don’t quote” during the pause.
Topic: Investment Banking Supervision
Your firm is a co-manager on an IPO that priced on May 6, 2025. Under the firm’s WSP (designed to fit the FINRA research quiet-period safe harbor), the firm may not publish a research report until 10 full calendar days after pricing; the day after pricing counts as day 1.
An analyst asks for approval to publish on May 16, 2025. What is the earliest date the research principal may approve publication without violating the WSP?
Best answer: D
Explanation: May 7 is day 1, making May 16 day 10, so the earliest publish date is May 17.
Because the firm is participating in the offering, publishing research during the restricted window can be viewed as impermissible conditioning. The WSP allows publication only after 10 full calendar days following pricing, with the day after pricing treated as day 1. Counting forward makes May 17, 2025 the first permitted publication date.
During an offering, firms must control research to avoid communications that could improperly condition the market for the securities being distributed. Many firms implement WSPs aligned with FINRA’s quiet-period framework and safe harbors, requiring a defined “cooling off” period after pricing before any research is issued.
Here the WSP is explicit and provides the counting convention:
Approving publication any earlier would defeat the intended control designed to prevent impermissible conditioning during the offering period.
Topic: Trading Supervision
A broker-dealer’s WSPs state that research analysts and any employee with pre-publication access to a research report may not trade the covered security from the time the report enters final drafting until 24 hours after the report is disseminated to customers, unless Compliance grants a documented exception. Which supervisory control does this describe?
Best answer: C
Explanation: It imposes a time-based no-trade period for persons with advance access to research to prevent trading ahead of report dissemination.
A trading blackout tied to the drafting and release of research is a common control to prevent employees with advance knowledge of report timing or content from trading ahead of dissemination. It limits or prohibits trading during a defined window and typically requires Compliance-controlled exceptions and documentation. This helps reduce the risk of misuse of nonpublic research information.
Trading ahead of a research report can raise concerns that an associated person used nonpublic information about the report’s content or timing to benefit themselves or the firm. A principal should ensure WSPs restrict trading by research personnel and others with pre-publication access through a defined blackout window, supported by preclearance, exception documentation, and surveillance for suspicious activity around publication.
Effective controls commonly include:
A restricted list is broader and issuer-based, while the stem describes a time-based blackout specific to research dissemination.
Topic: Registration and Personnel Supervision
A candidate is being onboarded as a registered representative and the firm plans to file Form U4 in CRD today so the rep can begin soliciting next week. During the final review, the candidate tells the registration principal about a prior customer complaint that was settled and a tax lien that was later satisfied, but neither item appears on the draft U4. The candidate cannot provide supporting documents until after the start date, and the firm’s WSPs require disclosure of all customer complaints and tax liens regardless of outcome.
What is the BEST supervisory action?
Best answer: D
Explanation: A principal should not submit a U4 that is known to be incomplete and must ensure required disclosures are captured and attested as accurate before filing.
Form U4 is the firm’s official registration filing in CRD and includes disclosure information such as customer complaints and financial events (for example, tax liens). When a principal knows required items are missing, the filing cannot be submitted as-is. The supervisor must ensure the U4 is complete and accurate, supported by follow-up documentation, and attested to before submission.
Form U4 is the individual’s registration application and is used to populate CRD with the person’s identifying and background information, including key disclosure items (for example, customer complaints and certain financial events like liens). Supervisory priority is completeness and accuracy because regulators, other firms, and the public (where applicable) rely on CRD data for eligibility and risk decisions.
Here, the principal has actual knowledge that two WSP-required disclosure items are missing from the draft U4. The appropriate control is to require the candidate to correct the U4 and attest to its completeness before submission, and then obtain and retain supporting documents as soon as available (and amend promptly if new facts arise). Filing a U4 that the firm knows is incomplete prioritizes speed over accuracy and creates regulatory and firm risk.
Topic: Broker-Dealer Supervision
Which statement about supervising mutual fund share class recommendations and breakpoint sales is most accurate?
Best answer: B
Explanation: Principals should require documentation and controls for total-cost share class selection and proper application of available sales-charge discounts (e.g., ROA/LOI).
A principal’s focus is on having WSPs and surveillance that address total cost and conflicts in share class recommendations and that prevent customers from missing eligible sales-charge discounts. Breakpoint supervision includes detecting aggregation opportunities and ensuring any required documentation (such as LOIs) is obtained and retained.
Supervision of investment company securities should address two recurring risk areas: (1) whether the recommended mutual fund share class is in the customer’s best interest based on expected holding period and total costs (front-end load vs. ongoing 12b-1/fees, and any available waivers), and (2) whether the customer receives any applicable sales-charge discounts. Effective WSPs typically require registered reps to collect information needed to evaluate share class economics and to identify breakpoint eligibility, and require principal review plus post-trade surveillance for missed discounts.
Common breakpoint controls include checking rights of accumulation and householding/related accounts where permitted, obtaining and tracking letters of intent when used, and documenting how the discount or waiver was applied. The key is demonstrable, repeatable oversight rather than relying on disclosures alone.
Topic: Customer Activity Supervision
A firm is rolling out fully digital retail account opening with real-time OFAC screening against sanctions lists. Management wants “instant approvals,” but the vendor tool generates frequent potential matches based on name similarity. The principal must update WSPs for how alerts are handled so the firm can grow while staying compliant.
Which option best states the primary risk/tradeoff the principal must manage in this setup?
Best answer: B
Explanation: OFAC screening exists to prevent dealing with sanctioned parties, so the key tradeoff is speed versus properly escalating and resolving potential matches before any activity occurs.
OFAC screening is designed to prevent the firm from opening accounts for, or transacting with, sanctioned individuals, entities, or jurisdictions. When a tool produces frequent potential matches, the principal’s core tradeoff is operational speed versus ensuring alerts are escalated, reviewed, and resolved before the firm permits activity. The greatest risk is a missed true match leading to prohibited transactions.
OFAC screening is a sanctions-compliance control intended to stop the firm from providing services to sanctioned persons/entities or engaging in prohibited transactions. Automated tools often produce false positives, so supervision must focus on a documented process that prioritizes accuracy over “instant” onboarding when an alert occurs.
A principal typically supervises this by ensuring WSPs require:
The key limitation is that faster approvals increase the risk of clearing or ignoring alerts without sufficient review.
Topic: Trading Supervision
A broker-dealer is rolling out a low-latency workflow in which traders electronically enter orders into an OMS that automatically routes to multiple venues for execution. To minimize delay, the firm will not add a manual pre-trade approval step. For some block executions, the trader will allocate filled shares to multiple customer accounts after execution at an average price.
As the supervising principal designing controls across the order lifecycle (entry, routing, execution, allocation), which option identifies the primary risk/limitation that should drive the supervisory control design for this setup?
Best answer: B
Explanation: If manual pre-trade review is removed, the main limitation is that inadequate automated controls at order entry/routing can allow erroneous or unauthorized orders to be executed before supervision can act.
Because the firm is prioritizing low latency and eliminating manual pre-trade approvals, the key tradeoff is reduced human intervention before an order is routed and executed. That makes automated, pre-trade controls at order entry (before routing) the most critical supervision point to prevent erroneous, unauthorized, or noncompliant orders from reaching the market.
In an order lifecycle, the earliest point to prevent harm is before the order is routed to a market center. When a firm designs a low-latency workflow that removes manual pre-trade approvals, the primary limitation is that supervision can no longer rely on humans to stop problematic orders before execution; controls must be embedded and automated at order entry and before routing (e.g., size/price/credit/authorization and other market-access risk checks). Post-trade surveillance and allocation reviews remain important, but they are inherently after-the-fact and cannot prevent a disruptive or noncompliant order from being executed. The most important design driver in this scenario is therefore ensuring effective automated pre-trade controls where the order first enters the system and is sent out for execution.
Topic: Trading Supervision
A customer deposits a physical stock certificate and asks the firm to sell the shares the same day. Operations notes the certificate is torn (mutilated) and bears a “restricted securities” legend. A registered rep tells the customer the firm can “credit the shares now and fix the paperwork later.” As the supervising principal, which action best meets a broad customer-protection supervisory standard for special-case securities handling?
Best answer: B
Explanation: Mutilated or restricted certificates should be segregated and not credited or sold until the firm confirms they are negotiable and freely transferable.
When a security is mutilated or bears a restrictive legend, the firm cannot assume it is good deliverable. Sound supervision requires segregating the item as non-negotiable and obtaining transfer agent/issuer and, as needed, legal/compliance clearance before crediting the account or accepting a sell order. This prevents settlement failures and protects both the customer and the firm from processing an ineligible or non-transferable security.
A principal should treat restricted, mutilated, or otherwise special-case certificates as higher-risk because they may not be transferable, may be rejected in clearance/settlement, or may require issuer/transfer agent action (and sometimes legal review) before they become good deliverable. Supervisory controls typically require the item to be segregated/identified as non-negotiable, with no account credit or liquidation permitted until the firm verifies transferability and any restrictions are resolved.
Practical controls include:
The key takeaway is that “fixing it later” creates avoidable customer harm and firm exposure from fails, buy-ins, and improper processing of restricted securities.
Topic: Investment Banking Supervision
A broker-dealer is a selling group member in a fixed-price follow-on equity offering. The firm’s reps are soliciting retail orders using the final prospectus and must sell at the stated public offering price.
Which principal statement is INCORRECT regarding supervision of this fixed-price offering?
Best answer: B
Explanation: In a fixed-price offering, selling below the stated public offering price (or rebating economics) is generally prohibited regardless of the issuer’s net proceeds.
Fixed-price offerings require sales to customers at the public offering price shown in the prospectus. A principal’s supervision should focus on preventing discounting, rebating, or other undisclosed concessions that effectively change the price paid by customers. Monitoring trade documentation and ensuring required price and concession disclosures are present are core controls.
In a fixed-price offering, the public offering price is set and disclosed to investors, and selling group members are expected to sell to customers at that price. A principal’s supervisory responsibility is to implement and evidence controls that detect and prevent practices that change the effective price to the customer, such as selling below the stated price or rebating part of a commission/concession.
Effective fixed-price offering supervision typically includes:
The key takeaway is that “issuer net proceeds” does not cure a violation if customers are not charged the disclosed fixed public offering price.
Topic: Investment Banking Supervision
Your firm is a co-manager in a firm-commitment IPO. The syndicate desk is updating written procedures for pricing, allocations, and aftermarket activities, and the Series 24 principal must approve the approach.
Which supervisory statement is INCORRECT?
Best answer: C
Explanation: IPO allocations cannot be tied to a customer’s agreement to make aftermarket purchases or provide other additional business.
A principal must supervise underwriting practices to ensure allocations and aftermarket conduct are fair, transparent, and not conditioned on improper customer commitments. Conditioning IPO allocations on a customer’s promise to buy in the aftermarket is an improper “tie-in” arrangement. The other statements describe common, permissible controls when properly documented, disclosed where required, and consistently applied.
In public offerings, principals supervise the underwriting process to prevent abusive sales practices and to ensure customers and the market are treated fairly. IPO allocations must stand on legitimate, consistently applied criteria; they cannot be used as leverage to extract additional commitments from customers (for example, requiring aftermarket purchases or other business as a condition of receiving shares).
Supervisory controls typically focus on:
The key takeaway is that “tie-in” conditions are prohibited even if the firm otherwise has strong documentation and approval workflows.
Topic: Broker-Dealer Supervision
FINRA sends the firm an 8210 request for all written communications (email and approved business text messages) between two registered reps and 15 customers for the prior six months. The supervisor forwards the request to the reps but does not notify Compliance/Legal or IT, and the firm’s systems continue their normal auto-deletion (30 days for texts; 90 days for certain email folders). Two weeks later, the firm discovers that some responsive messages were deleted after the request was received.
Based on this control failure, what is the most likely outcome?
Best answer: A
Explanation: Once a regulatory request is received, the firm must preserve potentially responsive records (legal hold), and continued deletion can lead to books-and-records violations and sanctions.
After receiving a regulatory records request, a broker-dealer should promptly implement a legal hold and preserve potentially responsive records. Allowing routine deletion to continue can result in an inability to produce required records. Regulators commonly treat this as a serious books-and-records and supervisory controls failure, leading to sanctions and required remediation.
A core supervisory expectation is that regulatory inquiries trigger immediate preservation. When a firm receives an 8210 request (or similar regulator demand), it should promptly coordinate Compliance/Legal and IT to identify sources of responsive records and suspend any routine destruction (a legal hold) for those sources, custodians, and time periods. If the firm continues auto-deletion and responsive records are lost, the firm may be unable to “promptly produce” records and may be viewed as having failed to maintain and preserve required books and records. That outcome typically creates enforcement risk for the firm, including findings around inadequate WSPs/supervisory controls, remediation undertakings, and monetary sanctions. The key takeaway is that preservation starts when the request is received, not when collection begins.
Topic: Broker-Dealer Supervision
A broker-dealer is replacing its in-house order management system with a cloud-based platform. The supervisory objective is to deploy frequent updates to address regulatory reporting changes quickly, but the firm has a small IT staff.
To speed releases, the vendor proposes allowing the firm’s developers to make configuration/code changes directly in production without a separate approver, relying on Git commit history as the only record of changes.
Which option best states the primary risk/tradeoff a principal should focus on before approving this approach?
Best answer: A
Explanation: Direct production changes without independent approval and a system audit trail undermine segregation of duties, supervision, and evidence of controlled changes.
The proposal creates a control tradeoff: speed versus controlled, auditable change management. Allowing developers to change production without independent approval weakens segregation of duties and can leave the firm unable to demonstrate that changes were authorized, tested, and traceable. That is the core systems-control concern a principal must address in WSPs and supervisory controls.
The core supervisory issue is maintaining effective access controls and change management while using technology to meet regulatory obligations. If the same individuals can develop and push changes directly into production, the firm loses segregation of duties and increases the risk of unauthorized or untested changes impacting customer orders, reporting, or recordkeeping.
A principal should ensure the technology process supports:
Git history may help with versioning, but it does not by itself evidence supervisory approval or controlled deployment into production.
Topic: Investment Banking Supervision
A broker-dealer’s equity research group is rolling out a new publishing system. During testing, the research principal sees that an analyst can submit a report for external distribution even if the analyst-certification section is left blank, and the sales desk can edit that section after submission.
Which supervisory action best complies with high-level analyst certification expectations for research reports?
Best answer: C
Explanation: Supervision should ensure the analyst personally attests and the report cannot be distributed without an unaltered certification.
Analyst certifications are meant to be the analyst’s own attestation tied to the specific research report being distributed. A principal should supervise the process with controls that prevent external distribution if the certification is missing or can be altered by non-research personnel. System-based blocks and access controls directly support consistent adherence and an auditable process.
The core supervisory expectation is that each externally distributed research report includes the required analyst attestation and that the attestation is made by the analyst, not added or modified by others. Here, the control gaps (publishing without certification and allowing sales to edit the certification) undermine the integrity of the certification process.
A research principal should implement WSPs and system controls that:
This approach both protects investors and creates a clear supervisory audit trail; a “blanket” or after-the-fact certification is not an adequate substitute for report-level certification at issuance.
Topic: Investment Banking Supervision
An investment banking desk is preparing a pitch book for a prospective issuer. The deck includes a league table and market statistics sourced from a third-party data provider, plus several slides with the bank’s own valuation and “expected synergies” projections.
The firm is choosing between two supervisory control designs for pitch books used with prospective issuers.
Which control design best addresses the key approval expectation that the content be fair, balanced, and supported by evidence?
Best answer: A
Explanation: It pairs review/approval with documented substantiation, supporting a fair and balanced presentation.
A principal’s pre-use review is meant to ensure pitch books are not misleading and that material statements have a reasonable basis. Because pitch books often mix third-party data with firm-created analyses and projections, supervision should include retaining support for key claims (sources, methodologies, assumptions) and documenting approval before use.
The supervisory expectation for pitch books and similar marketing materials is that they be reviewed and approved by an appropriately qualified principal before use, with a focus on whether statements are fair, balanced, and not misleading. In practice, that means the reviewer should be able to trace material claims—such as league table rankings, market statistics, valuations, and synergy or growth projections—to reliable sources and reasonable assumptions, and the firm should retain that back-up as part of its records.
A control that only checks for legends or assumes that citing a data vendor “solves” accuracy misses the core obligation: the firm must have a reasonable basis for the content and be able to evidence it. The key takeaway is that substantiation and documented approval are the differentiators for supervising pitch book content.
Topic: Trading Supervision
A principal is redesigning the firm’s market surveillance and “regulator inquiry response” process. The objective is to quickly investigate and explain FINRA exceptions using data the firm already has. Due to budget limits for the next 6 months, the firm plans to monitor only an end-of-day feed of its trade reports (e.g., TRACE/TRF) and not integrate order-management, routing, or allocation records.
Which option describes the primary limitation/tradeoff of this approach?
Best answer: D
Explanation: FINRA surveillance links trade reports to order, routing, and allocation details, so monitoring only trade reports can leave the firm unable to reconstruct and explain exceptions.
Regulators use trade reporting data as a starting point for surveillance, but many patterns and exceptions require linking the reported trade back to order origination, routing decisions, allocations, timestamps, and related records. If the firm monitors only end-of-day trade reports, it may be unable to investigate root cause or provide a complete, credible response to regulatory inquiries and exception reports.
Trade reporting feeds (e.g., TRACE/TRF) are heavily used for surveillance because they provide a standardized record of executions and can be analyzed for patterns (timing, price, size, counterparties/venues, reporting timeliness). However, when an alert is generated, regulators typically expect the firm to “close the loop” by producing supporting records that explain the trade: order entry and modifications, routing/venue decisions, allocations, trader/customer instructions, timestamps, and any supervisory review.
With only an end-of-day trade report feed, a principal can spot some execution-level outliers, but the firm may not be able to distinguish reporting issues from trading conduct, validate best execution decisions, or provide the complete audit trail needed to resolve an inquiry. The key takeaway is that trade reports are necessary but often not sufficient evidence by themselves.
Topic: Trading Supervision
A broker-dealer is deploying a new OMS rule to auto-populate the CAT short sale indicator (long/short/short exempt) to reduce manual marking errors. The rule marks an equity sell order “long” if the customer shows a net long position in a nightly position file; otherwise it marks the order “short.”
Constraints: the firm has active intraday trading (buys and sells in the same name), multiple clearing/position sources, and a separate stock loan desk that manages locates. The principal must approve the control design in the WSPs.
Which choice states the primary risk/limitation the principal should address for this automation?
Best answer: C
Explanation: Short sale indicators drive market surveillance, so an automated rule must prevent firmwide misreporting caused by inaccurate or untimely position and locate inputs.
Short sale indicators are relied on in regulatory reporting and surveillance to evaluate short sale activity and the integrity of trade/order data. If an OMS auto-marks based on a nightly position file, the biggest tradeoff is that stale, fragmented, or intraday-changing position and locate information can create consistent, large-scale mis-marking. That creates a reporting integrity problem that principals must control with validation and exception supervision.
The core supervisory concept is that the short sale indicator is a data-quality field used to support market surveillance and reporting integrity (for example, distinguishing true long sales from short sales and identifying activity that merits additional review). In this scenario, the firm’s goal (fewer manual errors) conflicts with the risk of a “single point of failure”: if the nightly position file or locate inputs are inaccurate, incomplete across clearing sources, or not updated for intraday trading, the OMS can mis-mark many orders the same way.
A principal should require controls such as:
This surveillance/reporting integrity risk is more material than operational side effects like minor latency.
Topic: Trading Supervision
A firm’s surveillance generates an alert showing a proprietary trader repeatedly entering large sell orders away from the market to create apparent supply, then canceling them within seconds after buying smaller size at the bid. Which statement is most accurate?
Best answer: A
Explanation: Repeated large, quickly canceled orders that appear intended to move supply/demand are a classic manipulation red flag that must be investigated and escalated.
The order pattern described—large displayed orders that are rapidly canceled after achieving fills on smaller opposite-side orders—is a common red flag for spoofing/layering (manipulative order placement). A principal must ensure the alert is promptly escalated, investigated using time-sequenced order and execution data, and fully documented with any remediation.
Spoofing/layering is a manipulative practice in which a trader places non-bona fide orders (often large and visible) to create a false impression of supply or demand, then cancels those orders after obtaining executions on smaller, genuine orders on the other side. When surveillance identifies this type of pattern, supervision cannot treat it as a “false positive” based solely on an assertion of benign intent.
A reasonable principal-led response includes:
The key takeaway is that potential market manipulation alerts demand timely, documented investigation and escalation.
Topic: Broker-Dealer Supervision
A firm’s surveillance generates multiple alerts showing a registered representative placing nearly simultaneous buy and sell orders in a thinly traded stock across several customer accounts with similar contact information and IP logins. The orders are frequently canceled and re-entered near the close, and the representative’s explanations are vague.
Which supervisory action is INCORRECT?
Best answer: B
Explanation: Potential manipulative trading requires documented review and escalation, not closure based solely on an oral assurance.
The pattern described is consistent with potentially manipulative activity, so a principal must escalate and conduct a documented supervisory investigation. Reasonable steps include analyzing trading and communications, assessing account linkages, and implementing interim controls while facts are gathered. Simply accepting a verbal denial and closing the matter fails to investigate red flags and undermines supervisory obligations.
Supervisors must treat red flags of potentially manipulative, deceptive, or fraudulent conduct as matters requiring escalation and a documented investigation. Here, repeated near-close activity, rapid cancellations/re-entries, and linked accounts suggest possible wash trades, marking-the-close, or other manipulative behavior.
Appropriate supervisory handling typically includes:
A verbal denial may be collected as part of the fact-finding, but it is not a substitute for independent review and documented disposition of the alerts.
Topic: Investment Banking Supervision
A firm’s research analyst appears on a widely streamed podcast and recommends a specific issuer. The firm’s WSPs require the analyst to disclose, during public appearances, whether the firm has investment banking relationships with the issuer and whether the analyst has a financial interest in the issuer. A principal later learns the analyst made the recommendation but gave no such disclosures, and no one reviewed or monitored the appearance.
As the supervising principal, what is the most likely outcome of this control failure?
Best answer: C
Explanation: Public appearances with recommendations require conflict disclosures, and lack of monitoring supports a failure-to-supervise finding.
When an analyst makes a public appearance that includes a recommendation, required conflict disclosures must be made at the time of the appearance. If the firm’s procedures require those disclosures but the firm does not review, monitor, or otherwise reasonably supervise compliance, regulators can cite both the disclosure failure and a failure to supervise.
Analyst public appearances (TV, radio, podcasts, webinars, conference panels) are treated as communications that can trigger research-related disclosure obligations when they include a recommendation or research views. The disclosures are meant to alert the audience to material conflicts (for example, the firm’s investment banking relationship or the analyst’s financial interest) at the time the recommendation is made.
If a principal cannot demonstrate reasonable supervision—such as training on required disclosures and some method to review, monitor, evidence, and remediate public appearances—regulators typically view the issue as both (1) a disclosure deficiency in a public communication and (2) a supervisory control breakdown. The closest trap is assuming the medium (podcast) or format (oral vs. written) eliminates the obligation.
Topic: Broker-Dealer Supervision
Which statement is most accurate about a broker-dealer’s new product approval process?
Best answer: D
Explanation: A sound new product process is documented and addresses due diligence, risk/target market limits, supervisory procedures/training, and controlled implementation with ongoing oversight.
A new product approval process should be a documented supervisory control, not a sales initiative. It generally includes product due diligence, a risk assessment, defining the appropriate customer profile and any restrictions, updating WSPs and training, and implementing rollout controls. After launch, the firm should monitor activity and outcomes to confirm the product is being sold and serviced within the intended parameters.
For a Series 24 principal, a “new product” (or new feature/service) should not be introduced based only on vendor materials, training completion, or revenue potential. A high-level new product approval process typically requires (1) documented due diligence to understand the product and its risks, (2) a formal risk assessment that leads to a defined target customer profile and explicit limitations (including ineligible customers, concentration/size limits, or account-type restrictions), (3) updates to WSPs and required training so supervision is practicable, and (4) rollout controls (such as pilot/limited eligibility, pre-use approvals, surveillance, and escalation paths) followed by post-launch monitoring and remediation if issues arise. The key takeaway is that approval is a controlled, risk-based supervisory decision with ongoing oversight, not a one-time sales enablement step.
Topic: Trading Supervision
A broker-dealer’s fixed income desk executes corporate bond trades and reports them to TRACE. The trading principal is redesigning controls after learning that the desk’s current process uses a vendor’s publicly disseminated TRACE feed to reconstruct trade details for the firm’s blotter.
Which supervisory control design best reflects the key difference between TRACE public dissemination and the firm’s internal recordkeeping obligations?
Best answer: D
Explanation: Public TRACE prints are not a substitute for the firm’s required books-and-records, so the firm must maintain its own complete internal trade records.
TRACE dissemination is designed to provide market transparency using publicly disseminated trade information, which can be limited compared with what a firm must keep internally. A broker-dealer cannot treat the disseminated feed as its books and records. The appropriate supervisory design is to ensure complete internal trade capture and retention, then use the public TRACE output for monitoring and exception reviews.
TRACE’s publicly disseminated data is meant to provide post-trade market transparency (a “tape” of reported activity) and is not designed to satisfy a broker-dealer’s internal books-and-records requirements. Public dissemination may not include every field a firm must maintain for supervision, audit trail, and regulatory production, and it should not be the firm’s system of record.
A sound principal-level control is to:
Using TRACE dissemination as the system of record is an under-control because it confuses market transparency data with required firm recordkeeping.
Topic: Customer Activity Supervision
A registered rep submits the following recommendation for principal review.
Exhibit: Pre-trade review snapshot
| Field | Value |
|---|---|
| Customer | Age 72, retired |
| Account | Traditional IRA; liquid net worth $260,000 |
| Objective | Income / capital preservation |
| Risk tolerance | Low |
| Liquidity need | High (planned home repairs in 6 months) |
| Account market value | $150,000 |
| Proposed trade | Buy $60,000 of a 2x leveraged inverse S&P 500 ETF |
| Rep note | “Customer wants to hedge and plans to hold ~6 months.” |
| Firm product note (KYP) | “Daily reset; intended for short-term tactical trading. Performance over periods >1 day can differ materially from -2x of the index; high volatility.” |
Based on the exhibit, which interpretation is best supported under know-your-customer and know-your-product supervisory review?
Best answer: A
Explanation: The exhibit shows a low-risk, income/preservation customer with near-term liquidity needs being recommended a daily reset leveraged inverse ETF intended for short-term trading.
The customer’s KYC profile (income/capital preservation, low risk tolerance, near-term liquidity needs) conflicts with the firm’s KYP description of a daily reset leveraged inverse ETF intended for short-term tactical trading. The rep’s stated intent to hold for about 6 months heightens the mismatch because returns over longer periods can deviate materially from the stated daily multiple. A principal should escalate and not approve as-is without a well-supported, documented rationale.
A principal’s review should connect KYC (customer objectives, risk tolerance, time horizon/liquidity needs, and concentration) with KYP (how the product is designed to work and its key risks). Here, the firm’s product note explicitly describes a daily reset leveraged inverse ETF intended for short-term tactical trading and warns of path-dependent performance over periods longer than a day. The rep’s note that the customer plans to hold for about 6 months, combined with the customer’s low-risk income/preservation objective and near-term liquidity need, makes the recommendation difficult to justify and a clear supervisory red flag.
A reasonable supervisory response is to:
Relying on account type or an acknowledgment alone does not resolve a KYC/KYP mismatch.
Topic: Trading Supervision
A firm’s clearing broker sends the following exception report to the trading principal.
Exhibit: Clearing Firm Daily Settlement Risk Report (June 3, 2025)
Open Item: Fail-to-Deliver (customer sale) - XYZ
Trade date: June 2, 2025 Contract: Sell 10,000 @ $20.00 (regular way T+1)
Current market (close): $23.50
Mark-to-market (MTM) debit due from BD today: $35,000
Note: Contract price and settlement date unchanged; item remains open until delivery.
Which interpretation is supported by the exhibit and best explains how marking to the market relates to settlement obligations and risk management?
Best answer: D
Explanation: The MTM debit reflects current-market exposure on an unsettled fail and is collected to reduce the clearing firm’s credit/settlement risk without changing the contract price.
The exhibit shows an open fail with a market move against the party that must deliver securities. Marking to the market is a risk-control process that collects (or pays) daily value changes on unsettled obligations so the clearing firm is not exposed to the full market move while the contract remains open. It does not change the original trade’s contract price or settlement terms.
Marking to the market in the clearance/settlement context means revaluing open, unsettled obligations at current market prices and collecting/paying the resulting variation to manage counterparty credit exposure. Here, the firm has an open fail-to-deliver on a customer sale; because the market price rose above the contract sale price, the party obligated to deliver is economically “short” and the clearing firm faces increased replacement-cost risk if delivery does not occur. The clearing firm therefore issues an MTM debit (variation) due today while the fail remains open.
Key point: MTM addresses ongoing settlement risk on open items; it does not amend the trade’s contract price, does not by itself trigger a buy-in, and is not a regulatory fine.
Topic: Broker-Dealer Supervision
Which category of broker-dealer records generally includes order tickets and trade blotters (i.e., the details of orders received and executions)?
Best answer: C
Explanation: Order tickets and trade blotters are core trade/order records documenting orders and executions.
Order tickets and trade blotters are records of orders received and trades executed, so they fall into the trade/order record category. Customer account records focus on customer identity and account information, confirmations are customer-facing transaction reports, and communications records capture correspondence and messages.
Broker-dealers create and retain several major categories of books and records. Trade/order records document the life cycle of customer and firm orders and executions and typically include order tickets (or electronic order records) and trade blotters showing key execution details. Customer account records are separate and generally relate to account opening/maintenance information (such as customer identity and account documentation). Confirmations are distinct customer-facing records that disclose the details of a completed transaction to the customer. Communications records cover business-related correspondence (for example, emails, texts on approved channels, and other written communications) and are supervised and retained as part of the firm’s recordkeeping program.
Topic: Investment Banking Supervision
A research analyst will appear live on a financial podcast to discuss and recommend shares of ABC. The analyst owns ABC in a personal account, the firm makes a market in ABC, and the firm acted as co-manager on an ABC follow-on offering six months ago.
As the research principal supervising the appearance, which action best supports compliant conflict disclosure?
Best answer: A
Explanation: Material conflicts tied to the analyst and firm must be disclosed during the appearance, with supervision to ensure they are made and documented.
For public appearances, a research analyst must disclose material conflicts in a manner the audience can understand at the time of the appearance. Here, personal ownership, market making, and recent investment banking involvement are material and should be stated on-air, with direction to where full written disclosures can be found. A principal should have controls to verify the disclosures occur and retain evidence of supervision.
The core standard is that listeners should receive timely, clear disclosure of material conflicts when an analyst makes a public appearance that includes a recommendation or investment view. In this scenario, the analyst’s personal ownership and the firm’s market making and recent investment banking role are the types of conflicts that are typically considered material and should be communicated during the appearance (not only after, and not only if asked).
A supervisory approach that supports compliance is to:
Key takeaway: posting disclosures somewhere without making the audience aware of them during the appearance does not satisfy the investor-protection purpose of the disclosure requirement.
Topic: Broker-Dealer Supervision
A customer disputes an associated person’s recommendation and is seeking $15,000 in damages. The customer signed a predispute arbitration agreement and tells the firm they are willing to try a voluntary process first if it reduces forum costs, but also asks the firm to “have FINRA punish the rep.”
Cost assumptions (USD):
Which action should the principal take?
Best answer: A
Explanation: Mediation is a voluntary, nonbinding way to resolve a customer dispute and, at $1,200, is cheaper than the $1,500 arbitration minimum.
Regulatory enforcement is initiated by regulators to address rule violations, not to award customer damages. A customer compensation dispute is typically resolved through arbitration (binding) or mediation (voluntary and nonbinding). Using the provided assumptions, mediation costs $1,200 versus the arbitration $1,500 minimum, so mediation best fits the customer’s stated preference to try a lower-cost voluntary process first.
Customer claims for damages against a broker-dealer are generally handled through FINRA dispute resolution (arbitration or mediation), while regulatory enforcement is brought by FINRA/SEC to sanction misconduct and does not function as a customer-compensation forum. Since the customer is willing to attempt a voluntary process first, the principal can propose FINRA mediation and compare the expected forum costs using the assumptions provided.
\[ \begin{aligned} \text{Arbitration estimate} &= 0.03 \times 15{,}000 = 450 \;\Rightarrow\; \text{minimum applies} = 1{,}500 \\ \text{Mediation estimate} &= 600 + (200 \times 3) = 1{,}200 \end{aligned} \]The key takeaway is to route customer damage disputes to arbitration/mediation (not enforcement) and apply the correct minimum/fee inputs when estimating costs.
Topic: Customer Activity Supervision
Which statement best describes the Automated Customer Account Transfer Service (ACATS) and a member firm’s supervisory obligation when a customer requests an account transfer to another broker-dealer?
Best answer: D
Explanation: ACATS standardizes and automates inter-firm account transfers, and supervision must prevent improper interference such as delaying, conditioning, or otherwise obstructing a customer’s transfer request.
ACATS is the industry’s automated, standardized process (through NSCC) for transferring customer accounts between broker-dealers. Supervisory procedures must ensure the firm does not improperly interfere with a valid transfer request, such as by creating unnecessary obstacles or delays that impede the customer’s ability to move the account.
ACATS is an NSCC/DTCC-operated automated system that facilitates the transfer of eligible customer account assets and related information between broker-dealers. From a Series 24 supervision perspective, the key obligation is to maintain WSPs and oversight that support prompt, orderly processing of transfer instructions and prevent “improper interference.” Improper interference generally means placing unjustified hurdles in the way of a customer’s decision to transfer—such as unnecessary documentation demands, delaying tactics, conditioning release on unrelated actions, or other practices designed to discourage or obstruct the transfer. A principal’s role is to ensure operations follow standardized transfer workflows, exceptions are handled and documented appropriately, and issues are escalated and remediated so the firm does not impede customer portability.
Topic: Broker-Dealer Supervision
A General Securities Principal is comparing two proposed updates to the firm’s business continuity plan (BCP) after a recent outage that disabled the firm’s email, VoIP phones, and CRM access.
Which proposal best addresses the decisive BCP element highlighted by the outage?
Best answer: C
Explanation: BCPs must address how the firm will communicate with customers, regulators, and employees when normal systems are unavailable.
The outage exposed a communications failure, so the best BCP design is the one that maintains reliable communications when core systems (email/phones/CRM) are down. Proposal 2 provides alternate channels and procedures to reach customers, employees, vendors, and regulators. That is a core, high-level BCP element principals must ensure is documented and workable.
A BCP must be reasonably designed to let the firm continue critical functions during a disruption, including maintaining communications. In this scenario, the disruption specifically took down the firm’s primary communication tools, so the decisive differentiator is whether the plan includes practical, independent ways to communicate with key stakeholders.
Proposal 2 addresses this by building redundancy (alternate phone capability, public website messaging, and a mass-notification tool) and by maintaining current contact procedures (call trees for vendors, customers, and regulators). While backups and alternate locations are also important BCP elements, they do not solve the immediate supervisory gap revealed here: the firm’s inability to reach or update stakeholders during a systems outage.
Topic: Broker-Dealer Supervision
In a broker-dealer’s product-risk framework used to supervise recommendations and account approvals, which choice best defines liquidity risk and how it typically affects which customer accounts a product is appropriate for?
Best answer: D
Explanation: Liquidity risk is the risk a position can’t be converted to cash quickly without a significant price concession, making it more suitable for accounts that can tolerate limited access to funds.
Liquidity risk is about how easily a security can be sold without materially moving the price. When liquidity is limited, customers may be unable to access cash when needed or may incur large concessions to exit. As a result, illiquid products generally align better with accounts that can hold through stress and do not have near-term liquidity needs.
Liquidity risk is the risk that a position cannot be sold quickly (or at all) at a reasonable price because trading activity is thin, markets are disrupted, or the product has structural limits on redemptions/resales. In supervisory terms, this risk characteristic influences which account types are appropriate by emphasizing the customer’s ability to:
A product can have low credit risk or even low day-to-day volatility and still be inappropriate for customers who require ready access to funds if it is difficult to sell at a fair price.
Topic: Trading Supervision
A broker-dealer provides a hedge fund with direct market access using the firm’s MPID. During a supervisory review, the principal receives the following risk-control audit record.
Exhibit: Market access control audit (session HF-DMA-07)
Pre-trade credit limit check: BYPASSED (sales request)
Max order size check: DISABLED
Restricted symbol list check: ENABLED
Kill switch authority: VENDOR ONLY
Result: 3 orders routed while BYPASSED/DISABLED flags active
Which interpretation is best supported by the exhibit and baseline Series 24 knowledge about market access risk controls?
Best answer: B
Explanation: Market access must include broker-dealer-controlled, pre-trade risk checks and an effective kill switch, not bypassable at the request of sales or left only to a vendor.
The exhibit shows that pre-trade credit/size validations were bypassed or disabled and that only a vendor could activate a kill switch. Market access controls are required to prevent orders that could exceed capital/credit thresholds or create market disruption, and they must be under the broker-dealer’s direct control. The firm must remediate the ability to bypass controls and ensure an effective firm-controlled kill switch.
Market access risk controls are designed to prevent a firm from unintentionally allowing orders that create outsized financial exposure or disrupt markets. For any customer or proprietary access that uses the broker-dealer’s market participant identifiers or routing, the broker-dealer is expected to maintain effective, pre-trade controls such as credit/capital limit checks and order/size validations, plus the ability to promptly block trading (a “kill switch”) under the firm’s control.
Here, the audit record shows:
Those facts support the conclusion that the control framework is not appropriately designed or controlled by the firm; the closest trap is assuming post-trade review or customer sophistication can substitute for pre-trade controls.
Topic: Registration and Personnel Supervision
A firm’s WSPs require each registered representative to promptly notify Compliance of any material changes to their record (for example, new name/address, outside business activity, a bankruptcy filing, or a new criminal or regulatory matter) so the firm can update the individual’s registration information in CRD and avoid issues from late or incomplete disclosure.
Which regulatory concept is this control designed to support?
Best answer: B
Explanation: Form U4 amendments are used to update an associated person’s CRD record for reportable events and other material changes.
The control is designed to ensure the firm updates an associated person’s disclosures and other material information in CRD by amending Form U4 when changes occur. Form U4 is the primary registration form for individuals and must be kept current when reportable events or other material updates arise. Late or incomplete amendments can expose both the firm and the individual to regulatory discipline.
Form U4 is the individual registration form used to create and maintain a registered person’s CRD record. When a registered person has a material change or a reportable event (such as certain address/name changes, outside business activities, bankruptcies, or new criminal/regulatory disclosures), the firm must update the CRD record by filing a Form U4 amendment.
Supervisory controls commonly include:
The key risk addressed by the WSP is that delayed or inaccurate Form U4 updates can result in regulatory findings and sanctions for failures in registration/disclosure supervision.
Topic: Broker-Dealer Supervision
A broker-dealer is rolling out an approved texting platform for registered reps to communicate with retail customers. The firm will allow use on firm-issued and personal devices, but only if all business messages are captured and retained and supervisors can evidence periodic review. During a pilot, supervisors found several unarchived customer texts from one rep, and the rep says the app “sometimes fails to sync.” As the General Securities Principal, what is the BEST WSP action to satisfy the rollout constraints and address the pilot red flag?
Best answer: B
Explanation: WSPs must assign review responsibilities, require record retention, document evidence of supervision, and define escalation when controls fail.
WSPs must do more than permit a tool; they must define who supervises, what controls operate, what evidence is created, and when issues are escalated. The pilot revealed a recordkeeping control failure, so the WSP should require archiving and supervisory exception monitoring with clear remediation and escalation steps before broader use.
At a high level, WSPs must be tailored to the firm’s business and describe a supervisory system that is reasonably designed to achieve compliance. In this scenario, the firm’s constraints require (1) retention of all business-related texts and (2) supervisory review with evidence. The pilot also created a clear red flag that the control may not work as intended (missing/unsynced messages), so the WSP needs both preventive and detective controls and a defined escalation path.
A strong WSP update here would:
The key takeaway is that WSPs must operationalize supervision with controls, evidence, and escalation, especially when a pilot reveals failures.
Topic: Investment Banking Supervision
A member firm is a co-manager on an oversubscribed IPO. The head of investment banking asks the syndicate desk to allocate shares to the CEO of a public company that is considering hiring the firm for a follow-on offering, stating it would “help us win the mandate.” The syndicate principal must approve allocations by end of day using only the firm’s standard new-issue eligibility questionnaire and documented allocation rationale. Which risk/limitation is most important for the principal to address in this setup?
Best answer: B
Explanation: Directing IPO shares to an executive to influence banking business creates a spinning/conflict-of-interest risk that must be prevented and documented away.
The key supervisory tradeoff is between commercial pressure to “reward” an executive and the prohibition on using IPO allocations to obtain or retain investment banking business. The principal’s control challenge is ensuring allocations are not influenced by (or appear tied to) banking mandates and that allocation decisions are supportable with documented, objective criteria.
IPO allocations are a high-conflict area because limited shares can be used to improperly curry favor. Here, investment banking is explicitly asking for an allocation to an issuer-related executive to help win a mandate, which elevates the primary supervisory risk to “spinning” (a quid pro quo allocation) and related new-issue conflicts.
A principal should ensure the process:
Customer education, stabilization oversight, and execution quality are important supervisory topics, but they do not address the core risk created by the stated allocation motive.
Topic: Customer Activity Supervision
A firm principal is reviewing a communication that was distributed without prior review.
Exhibit: WSP excerpt and distribution log
WSP definitions (30-day lookback)
- Retail communication: >25 retail recipients; principal approval required BEFORE first use
- Correspondence: ≤25 retail recipients; supervised via risk-based post-use reviews
- Institutional communication: institutional investors only; principal review may be post-use
Distribution log
- Title: "ETF Income Strategies" (PDF attachment)
- Date sent: March 1, 2026
- Channel: mass email
- Recipient list: R-IncomeProspects (retail clients)
- Count: 32
- Principal approval on file BEFORE send: No
Based on the exhibit, what is the appropriate interpretation?
Best answer: B
Explanation: It was sent to more than 25 retail recipients, and the WSP requires pre-use principal approval for retail communications.
The distribution was a mass email to 32 retail clients, which the WSP defines as a retail communication. Under the WSP, retail communications must be approved by a registered principal before first use, so sending it without pre-use approval is not consistent with the required supervision approach.
Communications are categorized by both audience and distribution. The exhibit’s WSP ties supervision to those categories: retail communications (to more than 25 retail recipients in a 30-day period) require registered principal approval prior to first use, while correspondence (25 or fewer retail recipients) is supervised through post-use review procedures. Institutional communications apply only when the audience is exclusively institutional investors, and the WSP allows those to be reviewed post-use.
Here, the recipient list is explicitly retail clients and the count is 32, so the message fits the WSP’s retail communication definition and should not have been distributed without pre-use principal approval. The key takeaway is to classify based on actual audience/distribution, then apply the firm’s documented approval workflow.
Topic: Broker-Dealer Supervision
A broker-dealer’s annual business continuity plan (BCP) test shows that the firm’s cloud-based order management system can fail over within 45 minutes, but remote users cannot access the firm’s VoIP phones due to an incorrect VPN configuration. The test results, root-cause notes, and screenshots are retained.
The operations manager says the VPN setting was corrected the same day and asks the principal to “close out” the test. Under the firm’s supervisory process, which is the best next step for the principal?
Best answer: C
Explanation: A principal should not close a BCP test exception until remediation is verified through documented, targeted re-testing and the results are recorded and escalated as required by WSPs.
BCP testing is intended to validate that critical functions work as designed and to identify gaps that require corrective action. When a deficiency is found, a principal should ensure the fix is implemented, verify it with a targeted re-test, and retain documentation showing both the remediation and the re-test outcome. Only then should the item be closed and reported under the firm’s WSPs.
BCP tests are not just check-the-box exercises; they are supervisory controls designed to validate the firm can continue critical operations and communications under stress. When a test identifies a gap (here, remote VoIP access), the principal’s role is to ensure the issue is remediated and that the remediation is effective.
A sound closeout sequence is:
Without a re-test, the firm cannot demonstrate that the control failure was actually corrected, which undermines the purpose of BCP testing and supervisory oversight.
Topic: Customer Activity Supervision
In a broker-dealer’s supervision of recommendations, which statement best defines a principal’s “know-your-product” (KYP) responsibility?
Best answer: A
Explanation: KYP is product due diligence used to set appropriate supervisory controls and permissible-use guidance for recommendations.
KYP focuses on the firm’s understanding of the investment product itself—its structure, risks, costs, liquidity, and conflicts—so supervisory controls can govern how it is recommended. This product understanding supports reviewing recommendations and monitoring account activity for alignment with the product’s intended use and customer profiles.
KYP is a high-level supervisory concept requiring the firm (through its principals and processes) to perform and document reasonable product due diligence. The goal is to ensure the firm understands what the product is, how it works, and the risks and limitations that matter to customers before allowing recommendations.
In practice, KYP supports supervisory controls such as:
KYC, by contrast, is focused on understanding the customer; KYP is focused on understanding the product being recommended.
Topic: Investment Banking Supervision
A firm is the lead underwriter for an IPO. Investment banking wants registered reps to email a 6-slide “IPO highlights” deck (includes a price range and selected financial metrics) to a list of prospective investors. The issuer’s registration statement has been filed, but the firm has not yet implemented a process in its WSPs to review, approve, retain, and (when required) file these decks. As the General Securities Principal, what is the BEST supervisory action before permitting any distribution?
Best answer: A
Explanation: The deck is written offering material outside the statutory prospectus, so it must be controlled as an FWP with pre-use approval, required disclosures, and retention/filing procedures.
A free writing prospectus is a written offering communication used in a registered offering outside the statutory prospectus. Because the firm lacks controls for creation, approval, retention, and filing (when required), the principal should stop distribution until the material is reviewed/approved, carries the required legend, is consistent with filed materials, and is covered by WSPs that address retention and any required SEC filing.
The slide deck is written marketing material used to solicit interest in a registered offering and is not itself the statutory prospectus, so it should be supervised as a free writing prospectus. A principal’s key controls are to ensure the communication is vetted (typically by investment banking supervision and counsel), does not contain information that conflicts with or is not fairly presented versus the filed registration statement/prospectus, includes the required FWP legend and any required access/delivery conditions, and is retained as a required record. Supervisory procedures should also address when an FWP must be filed with the SEC and who is responsible for confirming filing before or after first use, as applicable. The best decision is to implement and follow these controls before allowing any distribution.
Topic: Customer Activity Supervision
A customer submits an online new account application titled “Smith Family Trust u/a dated May 3, 2019.” The application lists two co-trustees, but only one trustee e-signs and requests that a non-registered third party (a family friend) be given discretionary trading authority immediately. The customer also asks for approval to trade options as soon as a wire arrives. As the supervising principal, what is the best next step before approving the account for trading?
Best answer: C
Explanation: The firm must document the trust’s existence and who has authority, and obtain proper written authorization before allowing discretionary activity or trading.
The account title indicates a fiduciary capacity, so supervision must confirm the legal account structure and who is authorized to act for it. Before permitting trading—especially options and requested discretionary authority—the firm should obtain documentation supporting the trust and the authority of the trustees and any proposed agent, and retain it in the account file.
When an account is opened in a trust (or other fiduciary) title, the principal’s key supervision focus is matching the account designation to the legal reality: who the customer is (beneficial ownership at a high level), who controls the account, and what documentation supports instructions. Here, the trust title and the presence of co-trustees create an authority issue (only one signed), and the request to grant a third party discretionary authority adds a second, higher-risk control requirement.
Before approving trading, supervision should ensure the file contains:
A title change or reliance on an unsupported representation would not resolve the authority and documentation gaps.
Topic: Registration and Personnel Supervision
A firm terminates a registered representative after receiving several customer complaints alleging unsuitable recommendations. Compliance has opened an internal review, but it is not yet complete. The OSJ supervisor’s objective is to meet the firm’s termination reporting obligations while minimizing legal and regulatory exposure.
Which option describes the primary risk/tradeoff the supervisor should focus on when preparing the Form U5 filing?
Best answer: A
Explanation: Form U5 disclosures must be timely and accurate, so the firm should file using supportable, factual language and amend later rather than alleging misconduct without documentation.
Form U5 is filed when a registered person’s association ends and it communicates the firm’s stated reason for termination (and certain disclosure information) to regulators via CRD. The key tradeoff here is that the firm generally cannot wait for a perfect, completed investigation, but it must avoid unsupported accusations and rely on documented, factual statements that can be amended if conclusions change.
Form U5 is the firm’s termination notice for a registered person, filed when the individual’s association ends, and it becomes part of the regulatory record used by regulators and future employers. Because the internal review is ongoing, the supervisor must balance two competing pressures: filing promptly and ensuring what is reported is accurate, complete, and supported by documentation. The safest supervisory approach is to use factual, non-inflammatory language (e.g., “terminated while under internal review” or a documented policy-based reason) and preserve the investigative file so the firm can support the disclosure and update it if later findings require an amendment. The main risk is regulatory and litigation exposure from stating conclusions or allegations that the firm cannot substantiate at the time of filing.
Topic: Customer Activity Supervision
A broker-dealer uses a third-party vendor to generate electronic trade confirmations for retail fixed income transactions. During a principal’s supervisory review, the firm identifies 15 corporate bond trades executed as principal where the confirmations incorrectly show the firm acted as agent and omit remuneration/markup disclosure. The confirmations were otherwise delivered to customers on trade date.
Which supervisory action best complies with customer-protection expectations for accurate and timely confirmations?
Best answer: D
Explanation: Principals should ensure customers receive accurate confirmations promptly and implement controls that detect and prevent recurrence (e.g., reconciliation/testing against trade records).
Confirmations are customer-facing transaction records and must be accurate as to key trade terms and required disclosures (including capacity and remuneration/markup, when applicable). When an error is found, a principal should ensure corrected confirmations are sent promptly and that the firm documents remediation. Supervisory controls should include verification/testing that confirmations match the firm’s order and trade records, even when a vendor produces the confirms.
A principal’s supervision of confirmations focuses on two themes: (1) customers receive confirmations promptly after execution and (2) the information on the confirmation is accurate and includes required disclosures for the product and transaction. Here, the firm identified confirmations that misstate the firm’s capacity (agent vs principal) and omit remuneration/markup disclosure, both of which are material to a customer’s understanding of the transaction.
The appropriate supervisory response is to:
Timely delivery alone does not cure inaccurate or incomplete confirmations, and vendor use does not eliminate the firm’s supervisory responsibility.
Topic: Investment Banking Supervision
Which statement is most accurate about a broker-dealer principal’s supervision of the distribution of research during the firm’s participation in an offering?
Best answer: C
Explanation: Principals must supervise prepublication review and controlled distribution during offerings while preventing investment banking influence over research conclusions.
Firms must have supervisory procedures that control both the review and the timing/audience of research distribution when the firm is participating in an offering. A principal or Compliance reviews research for compliance and required disclosures and ensures distribution occurs only when permitted under applicable restrictions. Controls must also prevent investment banking from influencing research content or recommendations.
During an offering, research is a high-risk communication because it can be perceived as sales support for the distribution. A principal/Compliance supervisor should ensure a prepublication review process is followed (for required disclosures, conflicts, and policy compliance), that distribution timing complies with any applicable offering/quiet-period restrictions, and that the audience is limited to those permitted under the firm’s policies and regulatory requirements. Supervisory controls should also enforce information barriers and limit investment banking involvement to what is permitted (such as identifying factual errors), without allowing investment banking to approve, pressure, or shape ratings, price targets, or recommendations. The key supervisory goal is controlled, compliant dissemination—no premature or selective distribution that could undermine research independence.
Topic: Broker-Dealer Supervision
A broker-dealer is approving a new complex product (a structured note with principal-at-risk features) for retail solicitation. Several registered representatives ask to begin offering it immediately after the product desk circulates the issuer’s brochure and a recorded webinar.
As the supervising principal, which action best meets a high-level supervisory expectation for training associated persons on new products and validating readiness before sales begin?
Best answer: A
Explanation: Principals should ensure reps receive product-specific training and demonstrate understanding (e.g., testing/attestation) before being permitted to solicit and must document the basis for readiness.
When introducing a new or complex product, supervision should ensure associated persons are trained on features, risks, costs, and appropriate customer profiles before they solicit it. Readiness should be validated through a documented process such as a knowledge assessment and supervisory sign-off, not merely by distributing materials. Controls should prevent sales activity until training and validation are complete.
A principal’s responsibility is not just to make training available, but to reasonably ensure registered persons understand the product well enough to explain it fairly and evaluate whether it is appropriate for a retail customer. For a complex product, a sound approach includes product-specific training that covers key features, risks, liquidity, costs/fees, and investor profile, plus a method to validate comprehension.
Practical readiness validation typically includes:
The key takeaway is that supervision should evidence both training and demonstrated competency before customer-facing activity begins.
Topic: Investment Banking Supervision
A member firm acted as a selling group member in a registered follow-on equity offering. The firm uses electronic delivery: customers must receive the final prospectus (or a compliant electronic notice/access package) and the firm must retain evidence of delivery.
After settlement, the syndicate principal reviews an exception report showing 12 retail purchasers received their trade confirmations, but the prospectus notice email was not sent due to a template error.
What is the best next supervisory step?
Best answer: B
Explanation: The principal should promptly cure the delivery failure for affected purchasers, document the remediation, correct the process breakdown, and validate the control going forward.
Prospectus delivery is a required offering process control that must be supervised through evidence, exception handling, and remediation. Here, the firm has an identified delivery failure affecting specific purchasers, so the principal should promptly deliver the required materials (or compliant notice/access package), document what was sent, and address the root cause. The control should then be validated with follow-up testing to prevent recurrence.
Principals supervising offering disclosure processes must ensure the firm can demonstrate that required prospectus materials (or a compliant electronic access/notice package) were delivered to purchasers and that exceptions are resolved. When an exception report shows a concrete delivery breakdown tied to identified accounts, the appropriate sequence is to (1) confirm the scope and what failed, (2) promptly remediate by delivering the required materials to affected customers, (3) document evidence of delivery and the supervisory review, and (4) correct the underlying cause (e.g., templates/vendor logic) and perform follow-up testing/monitoring to confirm the fix works. Treating public availability as a substitute for the firm’s delivery obligation, delaying remediation, or escalating externally before establishing facts does not satisfy supervisory expectations for disclosure controls.
Topic: Broker-Dealer Supervision
A broker-dealer’s CFO directs operations to temporarily transfer $8 million from the firm’s customer reserve bank account to pay vendor invoices, planning to replace the funds “when commissions come in.” The firm does not update its reserve computation after the transfer and no principal reviews the movement of funds.
If the firm becomes insolvent while the reserve account remains underfunded, what is the most likely outcome this control failure is designed to prevent?
Best answer: C
Explanation: Customer protection requirements are intended to keep customer assets segregated and available, so underfunding the reserve account increases the risk of a customer shortfall in an insolvency.
Customer protection requirements are intended to safeguard customer cash and securities by segregating them and maintaining a dedicated reserve so they are not used to finance the firm’s business. Moving money out of the reserve account without timely recomputation and supervision creates the risk that customer property will not be fully protected if the firm fails.
Customer protection requirements focus on custody safeguards: keeping customer cash and securities segregated from the firm’s own funds and maintaining a properly funded customer reserve account. These controls help ensure that customer property is available to be returned and is less exposed to the firm’s creditors if the broker-dealer becomes financially distressed.
Here, a principal-level control breakdown (moving funds out of the reserve account, not updating the reserve computation, and lacking supervisory review) can leave the reserve underfunded at the exact moment it is needed. In an insolvency, that underfunding increases the likelihood of a customer shortfall and customer harm, which is the core outcome these requirements are designed to prevent.
Topic: Broker-Dealer Supervision
A member firm requires its CEO(s) to sign an annual compliance and supervisory controls certification stating the firm has processes to establish, maintain, review, test, and modify its compliance policies and supervisory procedures. The new General Securities Principal is assembling the support file for this year’s certification.
Which is the best next step to create appropriate evidence for the certification before it is signed?
Best answer: D
Explanation: A certification should be supported by documented reviews/testing and evidence that identified issues were remediated and tracked to completion.
Annual compliance and supervisory certifications are meant to evidence senior management accountability for having a functioning supervisory system. The most persuasive support is contemporaneous documentation showing the firm reviewed and tested supervisory controls and followed through on findings with documented remediation and follow-up. Building that support file should occur before executives sign the certification.
The purpose of an annual compliance/supervisory controls certification is to demonstrate that the firm’s senior leadership has a reasonable basis to attest the firm maintains an effective supervisory and compliance framework. A principal should treat the certification as a conclusion supported by evidence, not as a standalone form.
Strong supporting evidence typically includes:
Collecting and organizing this documentation before obtaining executive signatures helps ensure the signer can reasonably rely on the support file and that deficiencies are not prematurely closed without remediation or validation.
Topic: Investment Banking Supervision
A broker-dealer is a member of the underwriting syndicate for an IPO. The firm’s WSPs require principal review of any “offering communication” used with investors.
Exhibit: WSP excerpt and approval log
WSP (IB Comms):
- Any term sheet, roadshow deck, or “IPO highlights” used externally must be
approved in writing by an IB Principal BEFORE first use.
- Material edits require re-approval.
- Approvals and final distributed version must be retained in the deal folder.
Deal folder log (IPO Highlights one-pager):
09:58 Marketing: "Attached: IPO_Highlights_v4.pdf for 10:00 investor meeting"
10:02 Sales: "Sent to investors; used in 10:00 meeting"
10:47 Marketing: "Approval request for IPO_Highlights_v4.pdf"
11:12 IB Principal: "Approved v4"
Based on the exhibit, which interpretation is best supported?
Best answer: D
Explanation: The log shows external use before the required pre-use approval and retention trail, weakening controls that help prevent/defend misstatement or omission claims.
The exhibit shows the one-pager was sent to investors and used in a meeting before the IB Principal’s written approval, contrary to the WSP. Misstatements or omissions in offering communications can lead to civil claims against firms involved in the distribution, and weak review/recordkeeping makes it harder to show disciplined diligence and control. A documented pre-use review trail helps reduce both the chance of an error and the firm’s exposure if one occurs.
Misstatements or omissions in offering-related communications can create civil liability exposure for parties involved in selling/distributing securities, not just the issuer. The WSP requires written principal approval before first use and retention of the approved, distributed version to demonstrate a disciplined review process.
Here, the log shows “sent to investors” and “used” at 10:00, but the approval request was not made until 10:47 and the IB Principal approved at 11:12. That means the firm used an offering communication externally without the required pre-use approval and without a contemporaneous record that the version used was vetted. Consistent review, version control, and documentation reduce the likelihood of a misleading statement and help evidence reasonable diligence if a claim is later made.
Same-day approval after distribution does not cure the control failure reflected in the log.
Topic: Broker-Dealer Supervision
A customer submits a written complaint seeking $30,000 in damages related to an alleged unsuitable recommendation. The customer’s account was opened online and includes a signed predispute arbitration agreement.
Exhibit: Firm WSP excerpt (Dispute Resolution)
1. Customer disputes involving the firm or its associated persons must be resolved in the FINRA arbitration forum when a customer is eligible to demand arbitration under FINRA rules.
2. A signed predispute arbitration agreement does not eliminate a customer's ability to file a claim; it establishes arbitration as the dispute resolution forum instead of court.
3. Claims of $50,000 or less are processed as “simplified arbitration” and are decided on submitted documents unless the customer requests a hearing.
Based on the exhibit, which interpretation is best supported for how this dispute should proceed?
Best answer: A
Explanation: The WSP states eligible customer disputes go to FINRA arbitration, and claims $50,000 or less are simplified and decided on documents unless a hearing is requested.
The WSP directs eligible customer disputes to the FINRA arbitration forum, and it explains that a predispute arbitration agreement sets arbitration (not court) as the forum. Because the claim is $30,000, it fits the WSP’s simplified arbitration description and would typically be decided on documents unless the customer requests a hearing.
A predispute arbitration agreement generally means customer disputes will be resolved through arbitration rather than litigation, but it does not prevent a customer from bringing a claim. For a broker-dealer, the key supervisory decision is selecting the proper dispute-resolution forum and process consistent with firm procedures and FINRA’s arbitration framework.
Here, the WSP states that eligible customer disputes must be resolved in the FINRA arbitration forum. It also states that claims at or below the simplified threshold are typically decided on submitted documents, with a hearing only if the customer requests one. Because the customer seeks $30,000, the dispute fits the WSP’s simplified arbitration description and should proceed accordingly.
The main takeaway is that the agreement establishes the forum (arbitration), and the claim size drives whether simplified procedures apply.
Topic: Investment Banking Supervision
A broker-dealer is lead underwriter for an IPO and also publishes equity research to retail customers. Investment banking asks the research analyst to join issuer diligence meetings and the roadshow, and to share draft “key messages” with the syndicate desk so the sales force can use them while taking indications of interest. The firm’s objective is to strengthen the marketing effort without compromising its supervisory obligations.
Which risk/limitation is the most important tradeoff the principal must address in this setup?
Best answer: D
Explanation: Using research to support underwriting creates a significant conflict of interest that must be mitigated with information barriers, limits on coordination, and prominent disclosures.
The key supervisory tradeoff is the conflict created when research personnel and content are used to support an underwriting. That conflict can pressure analysts to produce favorable views or tailor content to win banking business, undermining research independence. The principal must focus on controls and disclosures that prevent research from becoming marketing material for the offering.
When a firm is underwriting an IPO and also produces research, the central conflict is that investment banking has a financial incentive to influence research, while customers reasonably expect research to be objective. Having an analyst participate in the roadshow and feeding “key messages” to syndicate/sales increases the risk that research becomes part of the offering marketing process.
A principal should prioritize controls and disclosures that mitigate this conflict, such as:
Other operational or trading risks may exist, but they are not the primary limitation created by the requested coordination between underwriting and research.
Topic: Customer Activity Supervision
A principal reviews an AML exception report for a newly opened retail account. No trades have occurred.
Firm surveillance rule: escalate when outgoing wires within 7 calendar days are 90% of incoming wires.
Exhibit: Wire activity (USD)
Date Direction Amount
May 6 Incoming $9,800
May 6 Incoming $9,700
May 7 Incoming $9,900
May 7 Incoming $9,600
May 8 Outgoing $36,000
Based on the firm rule and the activity shown, what is the best supervisory next step?
Best answer: C
Explanation: Outgoing wires are about 92% of incoming wires ( 6,000/ 9,000), exceeding the firm s escalation trigger.
The principal should treat this as a rapid in-and-out red flag and escalate because the outgoing wire is a high percentage of recent incoming wires. The math shows 6,000 sent out versus 9,000 received, which is above the firm s 90% escalation threshold. Escalation means promptly routing the alert to the AML function with supporting documentation for review and potential SAR decisioning.
A common AML red flag in brokerage accounts is rapid movement of funds with little or no securities activity, especially when outgoing transfers closely match recent incoming transfers. Here, the firm s surveillance rule requires escalation when outgoing wires within 7 days are at least 90% of incoming wires.
Compute the ratio using the exhibit totals:
Because the ratio exceeds the trigger and there were no trades, the principal should escalate to the AML officer/AML department, ensure the alert is documented with the supporting transaction details, and follow internal procedures for any appropriate account restrictions pending review. The key takeaway is to escalate based on the pattern and trigger, not on the net change in account balance.
Topic: Investment Banking Supervision
A member firm’s investment banking team drafts a weekly “Sector Update” that is emailed to retail customers. The piece names several issuers the firm hopes to underwrite, includes a “Top Pick” label, and states that the stock is “likely to outperform over the next 12 months.”
To speed distribution, a principal allows the emails to be sent as “educational market commentary” without Research review, required research disclosures, or controls to separate banking influence from the content.
What is the most likely outcome if FINRA reviews this practice?
Best answer: A
Explanation: Because it contains issuer-specific views and a recommendation-like “Top Pick/outperform” statement, regulators may deem it research requiring research governance and disclosures.
Content that provides issuer-specific analysis or recommendation-like conclusions can be considered “research” regardless of labels like “educational” or “commentary.” Here, the “Top Pick” and “likely to outperform” language creates a research-like view that should be subject to research supervisory controls and required disclosures. Allowing banking to draft and distribute it without those controls creates an obvious conflict and supervision problem.
“Research” is determined mainly by substance, not the title or format. Communications that present issuer-specific views (for example, a “top pick,” “buy/sell” style conclusion, or an “outperform” expectation) are likely to be viewed as research-type communications and must be supervised within the firm’s research framework, including appropriate review, required disclosures, and controls to mitigate investment banking influence.
In this scenario, the firm’s control failure is treating a recommendation-like message as mere education to bypass research review and disclosures, while it is authored by investment banking and references prospective underwriting targets. A regulator review would most likely identify a breakdown in research supervision and conflicts management rather than accept the “educational” label at face value.
Topic: Trading Supervision
A FINRA surveillance alert shows your firm continued to publish two-sided quotations in an OTC equity on OTC Link from 10:20 a.m. to 10:55 a.m. while a regulatory trading halt was in effect (halted at 10:15 a.m.; resumed at 11:00 a.m.). One execution occurred at 10:32 a.m. and was reported to the OTC Reporting Facility (ORF). In addition, supervision cannot locate the required 15c2-11 “issuer information” file supporting quotations in this security, and the quote size was entered as an odd lot.
As the trading principal, what is the best next step?
Best answer: A
Explanation: The principal should immediately cease impermissible activity during a halt, preserve and review evidence, and remediate by correcting trade reporting and restoring quoting prerequisites before resuming.
A firm should not publish quotations or effect trades in a security that is subject to a regulatory trading halt. The principal’s next step is to immediately stop the activity, investigate and document what occurred (including the odd-lot quote entry and missing 15c2-11 support), and remediate by correcting any inaccurate/impermissible ORF reporting before allowing quoting to restart.
OTC equity supervision includes controls to prevent quoting/trading during regulatory halts and to ensure quotes are only published when the firm has the required issuer information on file (commonly associated with Rule 15c2-11). Here, the firm displayed quotes and executed a trade during the halt, creating both a supervision problem and a potential reporting issue because the execution was sent to ORF.
A sound next-step workflow is:
Changing size formatting or simply waiting for the halt to end does not address the execution and reporting that already occurred.
Topic: Investment Banking Supervision
Your firm is a bookrunner for XYZ’s IPO. An OSJ principal is reviewing whether a “research update” can be distributed to customers under the firm’s research-report safe-harbor procedures.
Exhibit: Research distribution log (snapshot)
| Item | Value |
|---|---|
| Report title | XYZ Initiation (Updated) |
| Original publication | March 3, 2026 |
| Offering status | IPO roadshow in progress |
| Last edit (who) | Investment Banking VP |
| Last edit (what) | Added IPO price range $18–$20 and use of proceeds |
| Distribution list | “IPO indications” list (32 accounts) |
| Compliance pre-approval | No |
Which interpretation is best supported by the exhibit?
Best answer: D
Explanation: The exhibit shows investment banking edits, offering-specific content, targeted distribution, and no compliance pre-approval—factors inconsistent with regular-course, independent research distribution.
Research safe harbors generally rely on research being produced and distributed in the ordinary course, without investment banking control, and not repurposed as offering marketing. The exhibit shows investment banking made offering-related edits and the piece was targeted to an IPO indications list without compliance pre-approval, supporting that it should not be treated as a safe-harbor research distribution.
A principal supervising research around an offering should focus on whether the communication is truly “regular-course” research or instead an offering-related sales/marketing piece. The exhibit shows classic red flags that defeat a safe-harbor-type posture: investment banking personnel edited the report, the edits added offering-specific details (price range and use of proceeds), and distribution was targeted to an IPO indications list during the roadshow. In addition, the firm’s process control implied by the log (compliance pre-approval) was not followed.
Supervisory actions typically include halting distribution, escalating to Compliance/Research supervision, documenting the issue, and remediating controls to preserve research independence and prevent investment banking from directing research content or distribution. The key takeaway is that labeling something “research” does not make it eligible for safe-harbor treatment when it is being used in connection with the offering.
Topic: Trading Supervision
A broker-dealer allows registered reps to solicit retail purchases of an OTC microcap stock trading at $0.60 per share. To “reduce friction,” the firm’s WSPs do not require delivery of penny stock risk/compensation disclosures or a written customer acknowledgment before the first trade, and the firm does not run surveillance reports focused on low-priced securities (e.g., excessive markups/commissions, rapid in-and-out trading, or concentrated activity in a single microcap).
What is the most likely outcome of this control failure?
Best answer: C
Explanation: Penny stock activity requires heightened customer disclosures and supervision, and weak controls increase the risk of abusive sales practices and regulatory sanctions.
Penny stock transactions are a high-risk area that require specific customer disclosures and strong supervisory controls over sales practices. If a firm permits solicited retail trades without required disclosures/acknowledgments and does not surveil microcap activity, it increases the likelihood of abusive selling, excessive charges, and manipulative activity going undetected. The durable consequence is heightened enforcement risk and customer harm exposure tied to inadequate supervision.
Low-priced OTC microcap securities present elevated risks of high-pressure sales, excessive markups/commissions, churning-like activity, and manipulation (e.g., pump-and-dump). A principal is expected to implement WSPs that require penny stock disclosures and customer acknowledgments when applicable, and to supervise trading activity with surveillance calibrated to the higher-risk product (reviews of concentrations, rapid trading, and compensation/charges).
When those controls are intentionally removed, the likely result is not just an operational issue; it is a sales-practice and supervisory breakdown that can lead to customer complaints/arbitrations and FINRA/SEC findings for inadequate supervision and failure to follow required penny stock procedures. Trade reporting review may still matter, but it does not address the core customer-protection obligations for penny stocks.
Topic: Trading Supervision
A broker-dealer has seen an increase in settlement fails caused by mismatched quantities between order tickets, trade confirmations, and clearing records. The General Securities Principal is updating WSPs and rep training on delivery obligations and correct units of delivery for equities, corporate bonds (quoted per $1,000 par), and UITs.
Which statement is INCORRECT?
Best answer: D
Explanation: Bond settlement is based on principal (par) amount, so relying on later conversion invites quantity errors and fails.
Settlement accuracy depends on using the correct unit of delivery for each product. Equities deliver in shares, bonds settle by principal (par) amount, and UITs deliver in units. Supervisory procedures should require accurate capture and reconciliation of those units to prevent fails, buy-ins, and customer impact.
A key supervisory control in clearance and settlement is ensuring trade records reflect the security’s correct unit of delivery all the way from order entry through comparison/affirmation and clearing. Equities settle by delivering the correct number of shares, so share quantity should match executions and clearing. Corporate bonds are commonly quoted per $1,000 par, and settlement is for a principal (par) amount rather than a “number of bonds,” so quantity should be captured and affirmed as par to avoid conversion mistakes. UITs are sold and delivered in units, so confirmations and clearing records should reconcile on units.
When firms allow downstream “conversion” of quantities, small input errors can create chronic fails, buy-ins/close-outs, and inaccurate confirmations and books-and-records. The best control is accurate front-end capture plus exception reporting and timely resolution of breaks.
Topic: Trading Supervision
A trading principal is reviewing a daily CAT control that tests clock synchronization for systems that create CAT-reportable order events. The firm’s WSP sets a maximum allowed divergence of 50 milliseconds (ms) between any two synchronized systems.
Exhibit: Same order event logged on two systems (HH:MM:SS.mmm)
OMS timestamp: 10:15:30.250
Router timestamp: 10:15:30.340
Based on the divergence shown, what is the most appropriate supervisory action?
Best answer: B
Explanation: The timestamps differ by 90ms, exceeding the 50ms WSP limit, so the firm should remediate clock sync and correct impacted CAT reporting with documentation.
The two timestamps differ by 0.090 seconds, which equals 90ms. Because that exceeds the firm’s 50ms synchronization standard, the principal should treat it as a clock-synchronization control failure. Appropriate supervision includes immediate remediation, determining the impact on CAT timestamps, and correcting/maintaining records of any affected CAT submissions.
CAT’s objective is to create a consolidated, time-sequenced audit trail of orders and related events to support market surveillance and investigations. Because CAT relies heavily on accurate event timestamps, firms must maintain clock synchronization controls for systems that capture and report order events.
Here, compute the divergence:
Supervisory follow-up typically includes re-synchronizing clocks, determining the time window/systems affected, correcting CAT data if timestamps may be inaccurate, and retaining evidence of testing, remediation, and resubmissions. The key takeaway is that clock sync is a core prerequisite to reliable CAT reporting and recordkeeping.
Topic: Trading Supervision
A broker-dealer’s equity market-making desk receives an internal email that a research analyst will issue a “Sell” rating change on ABC at 10:00 a.m. The email states the content is embargoed until publication, but the firm has no restricted list process, no pre-publication trading blackout for proprietary accounts, and no surveillance to detect trading ahead of research.
At 9:45 a.m., the market maker sells a large amount of ABC from firm inventory and reduces its quote size. After the report is released, ABC declines sharply.
If FINRA reviews this event, what is the most likely outcome for the firm?
Best answer: B
Explanation: Using nonpublic research content to adjust proprietary trading/quoting before publication creates trading-ahead risk and evidences inadequate information barriers and surveillance.
The firm’s failure to restrict and monitor proprietary trading/quoting ahead of an embargoed research change creates a foreseeable misuse-of-information risk. Regulators typically view this as both improper trading ahead of research and a breakdown in supervisory controls and information barriers. The likely consequence is an examination finding and potential enforcement, requiring remediation and sanctions.
Trading or adjusting quotes based on the content or timing of a nonpublic research report can be viewed as using firm information unfairly and undermining market integrity. Here, the desk had advance knowledge of an embargoed rating change and acted before publication, while the firm lacked core controls (restricted/watch processes, blackout rules for proprietary activity, and surveillance).
A principal should expect regulators to focus on whether the firm:
Because the facts show both the opportunity and the actual pre-publication trading, the durable risk is an enforcement finding for trading ahead of research and deficient supervisory controls, not a routine inventory-management rationale.
Topic: Trading Supervision
A broker-dealer provides certain institutional customers with direct market access (DMA) to U.S. equities through an API. Orders route under the firm’s market participant identifier, and a recent “fat-finger” incident was prevented only because an exchange rejected the order.
Which statement about the firm’s required market access risk controls is INCORRECT?
Best answer: B
Explanation: A firm providing market access remains responsible for having and supervising its own risk controls and cannot outsource that obligation away.
Market access rules require broker-dealers to have reasonably designed, pre-trade risk controls to prevent erroneous orders and limit financial exposure when customer orders access the market under the firm’s identifier. Those controls include capital/credit limits, order validation checks, and the ability to immediately cut off trading. The supervisory obligation remains with the sponsoring broker-dealer even if vendors provide technology.
When customer orders reach the market using the broker-dealer’s market access, the firm must have controls reasonably designed to manage financial and regulatory risk before orders are routed. At a high level, this means the firm sets and enforces credit/capital exposure limits, applies pre-trade validations (such as preventing clearly erroneous price/size, blocking restricted or halted securities, and other firm-defined checks), and maintains an immediate shutdown mechanism (“kill switch”) to stop order flow when necessary.
These controls are required because market access can rapidly create large, firm-level exposures and market disruption (for example, from a fat-finger order), and post-trade detection may be too late. Even if a third-party vendor provides tools, the sponsoring firm remains responsible for implementing, supervising, and periodically testing/documenting the effectiveness of its market access controls.
Topic: Broker-Dealer Supervision
A firm designs a control that periodically checks whether supervisors are completing required account reviews and trade surveillance, verifies evidence of those reviews, documents any exceptions, and requires follow-up actions that include updating procedures and delivering targeted training to affected staff.
Which supervisory concept does this function best describe?
Best answer: B
Explanation: It describes independent testing/verification of supervisory processes and using documented findings to drive corrective action and training.
The described control is designed to test and verify that day-to-day supervision is actually being performed and evidenced, not just that procedures exist. A supervisory control system includes periodic testing, documentation of findings, and a feedback loop that drives remediation such as procedure changes and targeted training.
A supervisory control system is meant to validate that a firm’s supervisory processes are working in practice. In the scenario, the firm is (1) checking that required supervisory reviews occur, (2) verifying supporting evidence, (3) documenting exceptions, and (4) requiring corrective actions that flow back into updated procedures and targeted training. That combination is the hallmark of supervisory control testing and verification.
Controls like business continuity planning, AML independent testing, or complaint trending may be important firmwide reviews, but they do not primarily serve to verify completion of routine supervisory reviews and then systematically drive remediation and training for supervision failures. The key takeaway is the closed-loop process: test/verify, document, remediate, and train.
Topic: Trading Supervision
A broker-dealer makes a market in OTC equity securities and sometimes stops quoting when an issuer’s public information becomes stale. The trading principal is updating the firm’s supervisory controls and is comparing two designs:
Which design best fits OTC quotation requirements, based on the decisive factor in the rules?
Best answer: B
Explanation: OTC quoting rules are designed to prevent publishing quotes until current issuer information is publicly available and reviewed before initiation or resumption.
The key supervisory requirement is that the firm may not publish or resume OTC quotes unless the required current issuer information is publicly available and the firm has a basis to believe it is current. Controls must operate as a pre-quote gate, not merely a post-quote cleanup process. A system block with compliance evidence and principal approval best aligns the process to that timing requirement.
OTC quotation requirements are built to protect the market from quotes in securities where reliable, current issuer information is not publicly available. From a supervision perspective, the critical differentiator is timing: the firm must have controls that prevent initiating or resuming a published quote unless the required issuer information is available and the firm has performed the required review/verification steps.
A strong control design typically:
A post-review approach allows quotes to be published when the information may be missing or stale, which is the outcome the quotation framework is intended to prevent.
Topic: Trading Supervision
A broker-dealer reports corporate bond transactions to TRACE. For this question, assume the applicable requirement is that each trade must be reported within 15 minutes of execution. A recent internal review found that 6% of trades were reported after 15 minutes, largely when traders waited until late afternoon to enter executions.
The trading principal is choosing between two supervisory control designs:
Which design is the more appropriate supervisory control, given the key risk created by late reporting?
Best answer: C
Explanation: Design A is designed to prevent and promptly correct late reports, which supports timely public reporting and surveillance.
Design A is superior because it builds timeliness into the workflow with automated capture plus real-time alerts and escalation before the reporting deadline. Late trade reports undermine market transparency and impair regulators’ ability to surveil for manipulative or abusive activity. A principal should prioritize controls that prevent late reporting and drive prompt remediation when it occurs.
Trade reporting rules are built around prompt reporting within the applicable facility’s deadline; supervisory controls should therefore detect, escalate, and remediate issues quickly enough to avoid late submissions. In the scenario, the root cause is delayed entry by traders, so a control that depends on end-of-day batching and after-the-fact weekly coaching does not address timeliness risk.
Design A aligns to the supervisory objective because it:
The key takeaway is that late reporting isn’t just an ops issue—it can distort real-time market data and create regulatory exposure for inadequate supervision.
Topic: Investment Banking Supervision
A Research Principal is reviewing a draft equity research report on ABC Corp before publication. The report states the analyst has no reportable financial interest in ABC. The principal checks the following internal data:
Under the firm’s WSP, the report must disclose (1) analyst beneficial ownership of 1% or more and (2) any investment banking compensation/relationship with the subject company in the prior 12 months.
Which disclosure must the principal require before approving publication?
Best answer: A
Explanation: The firm’s co-manager role within the last 12 months is a required conflict disclosure, while 75,000/50,000,000 is below 1%.
The principal must ensure the report discloses material conflicts that could bias the research. The firm’s investment banking relationship within the prior 12 months is explicitly required by the WSP. The analyst’s ownership is not reportable here because 75,000 shares is only 0.15% of 50,000,000 shares outstanding.
Research supervision focuses on transparent conflict-of-interest disclosures so investors can evaluate potential bias in recommendations. Here, the firm participated in an ABC offering 8 months ago, which is an investment banking relationship/compensation item the WSP requires to be disclosed.
The principal should also verify the analyst-holdings disclosure threshold using the provided figures:
Because 0.15% is below the firm’s 1% threshold, the analyst-holdings disclosure is not triggered, but the investment banking relationship disclosure is required to promote investor transparency.
Topic: Investment Banking Supervision
Following an IPO, the managing underwriter prepares a final accounting that allocates the syndicate’s underwriting expenses and profits (or losses) among the syndicate members and shows the net amount each member must pay or receive to close out the underwriting. A principal is updating WSPs to require review and retention of this final accounting.
Which offering-related concept is being described?
Best answer: A
Explanation: It is the post-offering final accounting and net pay/receive process used to close out the syndicate’s books.
The description is of the final syndicate accounting that reconciles underwriting profits/losses and expenses and determines what each syndicate member must pay or receive. Principals supervise this by requiring documentation, accuracy checks, and retention as part of underwriting records. That process is the syndicate account settlement.
Syndicate account settlement is the close-out process for an underwriting syndicate after the offering is completed. The syndicate manager prepares a final settlement statement that reconciles items such as the gross spread, underwriting expenses, and any syndicate profit or loss, then allocates the net results among syndicate members to determine each member’s final pay/receive amount. From a supervisory standpoint, a principal’s WSPs typically require review for completeness and accuracy (including expense support and allocation methodology) and retention of the final accounting as part of the firm’s underwriting records. This differs from trading-support tools (like stabilization) that may occur in the aftermarket and have separate identification and disclosure controls.
Topic: Customer Activity Supervision
A broker-dealer is moving retail customers to electronic delivery. Two supervisory control designs are proposed for trade confirmations (regular-way equity settlement is T+1):
Proposal 1: The clearing firm generates a trade confirmation for every execution and posts it to the customer’s secure portal shortly after the trade, with an email alert. Operations runs a daily exception report for any trade lacking a posted confirmation or missing required disclosure fields (e.g., capacity and transaction-specific charges). A principal reviews and documents resolution of exceptions and performs periodic sample testing of confirmation accuracy.
Proposal 2: Trades appear in the customer’s portal in real time, but “formal confirmations” are delivered only as part of the monthly account statement. A principal reviews the statement template annually.
As the designated principal, which proposal best meets the high-level trade confirmation requirement and provides an appropriate way to verify confirmations and disclosures are accurate and timely?
Best answer: C
Explanation: Trade confirmations must be sent for each transaction on a timely basis, and daily exception monitoring plus principal testing supports both timely delivery and disclosure accuracy.
Confirmations are transaction-by-transaction disclosures that must be delivered promptly (no later than settlement) and must contain required information specific to the trade. A principal’s supervision should include controls that evidence delivery and test content, such as exception reports and periodic accuracy reviews. The design that produces confirmations for each trade and monitors for missing/late items best fits these requirements.
Trade confirmations are required for customer transactions and are intended to provide prompt, trade-specific information and disclosures (as applicable) such as the security, price, capacity, and transaction-related charges. Monthly account statements do not replace the requirement to deliver a confirmation for each transaction, and waiting until a statement cycle can undermine timeliness in a T+1 environment.
A principal’s supervisory approach should be designed to:
The key differentiator is whether the control design actually delivers per-trade confirmations promptly and gives the principal a practical way to verify both delivery and disclosure completeness.
Topic: Customer Activity Supervision
During a routine supervisory review, a Series 24 principal discovers that the firm’s digital account-opening workflow has approved several new retail cash accounts with only the customer’s name, residential address, email, and bank link on file. The workflow did not collect a date of birth or tax identification number, and it also left the customer investment profile fields (e.g., employment/occupation and investment objectives) blank. Some of the accounts have already placed trades.
What is the best next supervisory step?
Best answer: A
Explanation: The firm should not allow activity to continue without the minimum CIP identifiers and the customer information needed to supervise recommendations and account operations.
The principal should stop the process from continuing with incomplete account records and remediate the specific deficiencies. At a high level, opening an account requires obtaining core CIP identifiers to support identity verification for AML purposes and collecting sufficient customer information to support suitability/Reg BI supervision and operational needs such as tax reporting and statements.
A principal’s role is to ensure accounts are opened and approved only after required customer information is obtained and controls prevent exceptions from becoming “business as usual.” Here, the firm lacks minimum CIP identifiers (such as date of birth and a taxpayer ID for an individual), which undermines identity verification for AML/CIP. It also lacks key customer account information used to form an investment profile (such as occupation/employment and investment objectives), which impairs supervision of recommendations and account activity.
The appropriate workflow is to restrict activity, obtain and verify the missing CIP data, complete the investment profile information needed for supervision, document the remediation, and then confirm the onboarding system control is fixed so incomplete accounts cannot be approved going forward. The closest trap is treating a bank link or later updates as a substitute for required account-opening information.
Topic: Customer Activity Supervision
A long-time retail customer emails a registered rep asking the firm to add her adult daughter as an agent with authority to place trades and request disbursements on the account, attaching a scanned durable power of attorney (POA). As the supervising principal, which action best meets a high-level supervisory standard for account maintenance changes affecting account authority?
Best answer: D
Explanation: Changes to account authority should not be implemented until written authority is reviewed, identities are validated, records are updated, and supervisory approval is documented.
Adding an agent with trading and disbursement authority is a material account maintenance change that increases fraud and misuse risk. A principal should require written, properly executed documentation, confirm the legitimacy of the request (including validating the agent’s identity), ensure the account records reflect the new authority, and document supervisory approval before any instructions are accepted from the agent.
Principals must supervise account maintenance so that changes to ownership, authority, or customer profile are accurate, authorized, and documented before the firm acts on them. When a customer adds a third-party agent (especially with disbursement authority), the firm should treat it as a high-risk change and apply controls that prevent unauthorized access.
A sound supervisory approach is to:
The key takeaway is that the firm should not accept instructions from the new agent until authority is verified, recorded, and approved.
Topic: Investment Banking Supervision
A broker-dealer will act as placement agent in a best-efforts contingency offering for a microcap issuer. The offering is disclosed as a “minimum–maximum” (min–max): at least 2,000,000 shares must be sold for the offering to close, and up to 5,000,000 shares may be sold.
Two proposed WSPs are being compared:
Which procedure best fits the offering terms while promoting fairness, transparency, and compliance?
Best answer: C
Explanation: In a min–max contingency offering, funds are typically escrowed until the minimum is met, after which closings may occur while sales continue up to the maximum.
A min–max offering is a contingency structure where customer funds are protected in escrow until the stated minimum is achieved. Once the minimum is reached, the offering can close for those investors and funds can be released consistent with the escrow agreement and disclosures, while sales may continue up to the maximum. Supervisory procedures should align to that disclosed structure and prevent premature use of customer funds.
The decisive factor is the underwriting arrangement: this is a best-efforts contingency offering with a stated minimum and maximum. In a contingency offering, a principal should supervise to ensure customer funds are handled exactly as disclosed and are not available to the issuer (or the firm) until the contingency is satisfied under a written escrow arrangement.
For a min–max structure, appropriate supervision typically includes:
Holding all funds until the maximum is sold treats the deal like an all-or-none and can conflict with what was disclosed to investors about when the offering may close.
Topic: Broker-Dealer Supervision
A member firm enters into a networking/referral arrangement with an unaffiliated bank whose employees are not registered representatives. Which approach is most consistent with a permitted referral arrangement and the disclosures/agreements a principal should expect?
Best answer: A
Explanation: Permitted networking arrangements typically require a written agreement, required retail disclosures, no sales activity by unregistered bank employees, and only nominal non-transaction-based referral compensation.
Principals should expect referral arrangements to be structured so unregistered persons only make referrals and are not compensated based on securities transactions. The arrangement should be governed by a written agreement and accompanied by clear customer disclosures about the nature and risks of the securities products (for example, not bank deposits or FDIC-insured).
At a high level, a permitted referral/networking arrangement must avoid paying unregistered persons for securities sales activity. A principal should look for (1) a written agreement that allocates responsibilities and sets compensation limits, (2) customer-facing disclosures that distinguish brokerage products from bank products (for example, not FDIC-insured, not deposits/obligations of the bank, and subject to investment risk), and (3) controls ensuring the referring employees do not solicit, recommend, or discuss specific transactions. Compensation to unregistered bank employees should be nominal and fixed (not tied to trades, commissions, or product sales), because transaction-based compensation is a key indicator of acting as a broker.
The key supervisory objective is aligning compensation and conduct so referrals are informational handoffs—not securities sales.
Topic: Investment Banking Supervision
A member firm is the lead underwriter for ABC Corp’s IPO (not yet priced). A supervising principal reviews the following request to distribute a “fact sheet” to customers during the roadshow.
Exhibit: Distribution request (internal log)
Requestor: Investment Banking
Doc name: ABC Corp IPO Investor Fact Sheet
Prepared by: Equity Research
Planned distribution: Email to customers + post on firm website
Timing: During roadshow (before pricing)
Content flags (summary):
- Includes analyst view: "Buy"
- Includes 12-month price target: $28
- Includes peer comparison table and business overview
Based on the exhibit, which interpretation is best supported by offering-period research restrictions and related safe-harbor concepts?
Best answer: B
Explanation: Because it contains a rating and price target during an active offering, it is not a purely factual communication and presents conditioning risk.
Offering-period controls are designed to prevent impermissible “conditioning the market” through research. The exhibit shows the piece is prepared by Research and includes a rating and price target before pricing, which makes it research-like rather than purely factual. A principal should treat it as restricted during the offering and require revision/removal or delay in distribution.
During an underwriting/IPO, firms must supervise communications so that research (or research-like content) does not improperly influence the market for the offering. A document labeled a “fact sheet” is not a safe harbor if it includes opinions, recommendations/ratings, forecasts, or price targets—especially when prepared by Research and distributed during the roadshow.
A principal’s supervision typically includes:
The key takeaway is that content and timing—not the label or sender—drive whether the communication creates conditioning risk.
Topic: Broker-Dealer Supervision
During an internal audit, a Series 24 principal learns the firm stores retail communications and certain supervisory approval files as PDFs on a shared cloud drive. The drive allows registered reps to overwrite or delete files, and the system cannot show who made edits or when they occurred. The audit also finds several marketing pieces in the folder with no evidence of required principal pre-use approval. The business cannot pause marketing activity.
What is the single best supervisory action that addresses the recordkeeping failures and strengthens controls going forward?
Best answer: C
Explanation: It remediates unverifiable edits by preserving immutable records with an audit trail and closes the missing-approval gap by implementing a controlled pre-use approval process.
The core failure mode is that the firm’s electronic records can be overwritten or deleted without a verifiable audit trail, making the records unreliable. The best supervisory response is to preserve records in a compliant, immutable format and implement controls that capture and evidence required principal approvals before use. This fixes both the integrity issue and the missing-approval documentation while allowing marketing to continue under controlled workflows.
When electronic records can be changed or removed without a reliable audit trail, the firm cannot demonstrate the authenticity and completeness of its books and records. A principal’s best response is to (1) move required records to an immutable, WORM-compliant retention solution that captures who/what/when for changes and access, and (2) implement a controlled workflow that requires and evidences principal pre-use approval for retail communications (with retention of the approved version and approval metadata). In parallel, the principal should remediate by preserving what exists, performing a documented lookback to identify missing approvals, and updating WSPs/training so the process is consistently followed.
The key takeaway is that backups or attestations do not cure unverifiable edits or replace required supervisory approval evidence.
Topic: Customer Activity Supervision
Which statement about supervising social media and other electronic communications is most accurate?
Best answer: D
Explanation: Static posts are generally pre-use approved as retail communications, while interactive posts are supervised as correspondence through risk-based review and oversight.
Supervision differs based on whether the content is static or interactive. Static content is generally handled like retail communication and is typically subject to pre-use principal approval. Interactive communications are typically handled like correspondence, meaning they are supervised and reviewed under the firm’s procedures rather than pre-approved message-by-message.
A principal must understand how the communication’s format affects classification and supervision. Static content (for example, a profile page, banner, or a planned post that remains viewable until changed) is generally treated like a retail communication and is subject to pre-use approval and other content standards. Interactive content (for example, real-time posts, comments, or replies) is generally treated like correspondence, so firms supervise it using written procedures that typically rely on risk-based post-use review, surveillance, and escalation.
Regardless of format, firms must have controls to capture and retain required records of business-related communications, train associated persons on permitted use, and address third-party content (links, shares, and endorsements) consistent with firm policies.
Topic: Broker-Dealer Supervision
A broker-dealer wants to enter into a networking/referral arrangement with an unaffiliated CPA firm. The CPA firm will receive a flat $5,000 annual marketing fee for (1) allowing the BD to hold quarterly educational seminars in the CPA’s office and (2) making the BD’s contact information available to interested clients. The CPA firm will not recommend specific securities, discuss product features, or receive compensation tied to accounts opened or trades.
As the supervising principal, what is the best next step before approving the arrangement?
Best answer: D
Explanation: Permitted networking arrangements generally require a written agreement defining permissible activities and clear customer disclosure of the compensation/relationship, with WSP-based supervision and documentation.
Because the CPA is unregistered and being compensated, the firm should treat this as a controlled networking/referral relationship. A principal should expect a written agreement that limits the CPA’s activities to non-securities communications and requires appropriate disclosures to customers about the relationship and compensation. The firm should also document approvals and supervise the arrangement through WSPs and ongoing monitoring.
A principal’s role is to ensure referral/networking arrangements are structured to avoid unregistered persons engaging in securities solicitation and to ensure conflicts are disclosed. Before approval, the firm should put the arrangement in writing (who does what, what is prohibited, how compensation is calculated/paid, and recordkeeping) and require clear disclosure to customers of the relationship and compensation so customers can evaluate the conflict. The principal should also update WSPs to cover approval, training/attestations for involved personnel, and periodic testing/monitoring of communications and payments to confirm the CPA firm stays within the agreed limitations. The key is sequencing: document and control first, then launch.
Topic: Trading Supervision
A broker-dealer notices a rise in interdealer claims and customer complaints on corporate and municipal bond trades where the accrued interest on confirmations does not match the contra party’s figure. Operations finds the errors are concentrated in bonds recently added to the firm’s security master and are usually tied to an incorrect day-count basis or coupon schedule in that master file. The firm wants a control that addresses the root cause, reduces settlement/claim volume, and does not require manual recalculation before every trade.
What is the single best supervisory action for the municipal/corporate bond principal to implement?
Best answer: A
Explanation: A master-file governance and exception-review control targets day-count/coupon errors without slowing trading.
The problem is caused by incorrect security master attributes that drive accrued interest calculations (day-count basis and coupon schedule). The best supervisory response is an automated, exception-based control that validates those inputs and flags mismatches for documented review and correction. This reduces downstream claims and fails without forcing manual recalculation on every trade.
Accrued interest on bond trades is system-calculated from key security master inputs (coupon, last/next coupon dates, and day-count convention such as 30/360 vs actual/actual). When those inputs are wrong, the firm will consistently generate incorrect accrued amounts, leading to DKs, interdealer claims, and customer complaints at settlement.
A principal-level supervisory control should therefore focus on preventing and detecting bad security master data and calculation outliers:
This targets the root cause and provides ongoing monitoring without adding trade-by-trade manual steps.
Topic: Customer Activity Supervision
A firm begins selling leveraged and inverse ETFs to retail customers through an online channel. The WSPs require principal approval before the first purchase, but the principal’s review is limited to confirming the customer clicked through a risk disclosure; the principal does not verify the customer’s investment profile (e.g., time horizon, liquidity needs, risk tolerance) or whether the registered representative had a reasonable basis to recommend the product.
If this supervisory approach continues, what is the most likely outcome?
Best answer: D
Explanation: Without effective KYC and KYP review, the firm may recommend complex ETFs to mismatched customers and be unable to evidence a reasonable basis and customer-specific best-interest analysis.
Click-through disclosure alone does not demonstrate that recommendations were in a retail customer’s best interest. A principal who does not validate customer profile information and product understanding increases the likelihood of mismatched recommendations, customer harm, and findings that the firm lacked a reasonable supervisory system. This also makes it difficult to evidence the basis for approvals during a FINRA exam or complaint review.
Supervisors must apply know-your-customer and know-your-product principles when reviewing recommendations, especially for complex products like leveraged/inverse ETFs that are typically designed for short-term trading and can behave very differently from traditional ETFs over time. If principal approval is reduced to confirming a disclosure was delivered, the firm may miss whether the product fits the customer’s objectives, risk tolerance, time horizon, liquidity needs, and experience, and whether the representative had a reasonable basis to recommend it.
An effective control generally includes:
The predictable consequence of the described failure is increased unsuitable/Reg BI exposure and weaker defensibility, not reduced risk.
Topic: Broker-Dealer Supervision
Which statement is most accurate about a member firm’s networking arrangement with a financial institution (for example, a bank) and the supervision needed to manage conflicts?
Best answer: C
Explanation: In a bank networking program, the broker-dealer remains responsible for written agreements, disclosures, and supervision of who solicits/sells securities and how they are compensated.
In a financial-institution networking arrangement, the broker-dealer must structure and supervise the program to control conflicts created by referrals and shared branding. That includes using written agreements, ensuring clear customer disclosures about the nature of the products and relationship, and ensuring only appropriately registered persons perform securities activities and are compensated in a permissible way.
Networking arrangements with banks and other financial institutions can create customer confusion and referral-driven conflicts (for example, customers may assume products are bank deposits or that bank staff are acting as securities representatives). The broker-dealer must treat the program like any other sales channel: set terms in a written agreement, adopt WSPs, and conduct oversight to confirm required disclosures are delivered and that sales/solicitation is performed by properly registered and supervised associated persons. Supervision should also address compensation and referral practices so that bank personnel are not effectively paid transaction-based compensation for securities activity without appropriate registration, and that marketing and customer interactions do not mislead customers about the nature of the products or the roles of bank vs. broker-dealer personnel.
Topic: Trading Supervision
A broker-dealer’s WSP states that TRACE-eligible corporate bond trades must be reported within 15 minutes of execution and that the trading principal must open and document a supervisory review if the daily late-report rate exceeds 3.0%.
On a given day, the firm executed 240 TRACE-eligible trades. The exception report shows 9 trades were reported more than 15 minutes after execution.
What is the best supervisory action?
Best answer: A
Explanation: The late rate is \(9/240=3.75\%\), which exceeds the WSP’s 3.0% escalation threshold and presents market integrity and regulatory risk.
The principal should calculate the late-report percentage and compare it to the firm’s escalation trigger. Here, 9 late reports out of 240 trades equals 3.75%, exceeding the 3.0% threshold. Late reporting can distort price transparency and surveillance, so the appropriate response is a documented supervisory review with remediation.
Transaction reporting is expected to be timely (typically “as soon as practicable” and within the facility’s timeframe) so the market receives accurate, prompt trade information and regulators can surveil for misconduct. When exception reporting shows late submissions beyond the firm’s stated tolerance, a principal should treat it as a supervisory-control issue: investigate root cause (system/interface issue, manual back-up process, staffing, training), correct affected reports as needed, document findings, and implement remediation and follow-up testing.
Here, the late rate is:
Simply “fixing” individual reports without investigating the control failure misses the broader market integrity and regulatory risk.
Topic: Investment Banking Supervision
Your firm is the lead underwriter for an IPO. The registration statement has been filed and the deal is in the waiting period. A desk manager proposes (1) a “tombstone” newspaper ad with basic offering facts and (2) a one-page emailed “deal highlight sheet” with bullet points, selected financial metrics, and management quotes that reps may forward to customers.
Which supervisory statement about these materials is INCORRECT?
Best answer: A
Explanation: A written highlight sheet that goes beyond a tombstone may be a free writing prospectus, generally requiring legends/filing and carrying Securities Act liability.
Communications used in an offering must be properly classified because that classification drives what can be used when, what must be filed or accompanied by required legends, and what Securities Act liability can attach. A tombstone is a limited notice and does not substitute for a prospectus. A more substantive written “highlight sheet” can be treated as a free writing prospectus, with additional conditions and potential liability.
In a registered offering, a “prospectus” is the core offering disclosure document (preliminary and final forms), and prospectus status affects when it may be used and whether prospectus-delivery obligations are satisfied. By contrast, some communications are permitted but are not prospectuses.
A tombstone advertisement is a narrowly permitted notice that is limited to basic identifying information and does not meet prospectus-delivery requirements. However, a written marketing piece that goes beyond a tombstone—such as a “deal highlight sheet” with selected financial metrics and promotional content—can be treated as a free writing prospectus, which typically must meet required conditions (such as prescribed legends and SEC filing) and can create Securities Act liability exposure.
Supervision should focus on correctly classifying each item before approving its use and distribution.
Topic: Broker-Dealer Supervision
A new retail customer is approved for a margin account. Review the firm’s account-opening log.
Exhibit: Margin account opening log (snapshot)
| Item | Status/Time |
|---|---|
| Margin agreement (e-signed) | June 3, 2025 9:12 a.m. |
| Margin principal approval | June 3, 2025 10:05 a.m. |
| First margin purchase executed | June 4, 2025 11:18 a.m. |
| FINRA margin disclosure delivered | June 5, 2025 2:30 p.m. |
Which conclusion is best supported by the exhibit based on a principal’s Reg T/margin supervision responsibilities?
Best answer: D
Explanation: The first margin purchase occurred before the margin disclosure was delivered, indicating a control failure around required disclosures when extending credit.
Regulation T is intended to limit and govern broker-dealer extensions of credit in securities transactions, including margin credit, and firms must supervise those extensions with appropriate account-opening controls. The exhibit shows the customer’s first margin purchase occurred before the margin disclosure was delivered, so the principal should treat this as a disclosure/control breakdown tied to extending credit.
Regulation T addresses broker-dealer extensions of credit (including margin), aiming to curb excessive use of credit in the securities markets and to ensure credit is extended in a controlled, supervised manner. A principal supervising margin should ensure key preconditions are met before permitting margin trading, including proper approvals and required customer disclosures. Here, the account was approved and a margin purchase was executed on June 4, but the margin disclosure was not delivered until June 5. That sequence supports the conclusion that the firm allowed margin credit to be used before completing a required disclosure step, which should trigger remediation (delivery confirmation, documenting the exception, and tightening WSP controls).
Topic: Customer Activity Supervision
A firm wants to expand two convenience features for retail customers: (1) “hold mail” for up to 90 days while customers travel, and (2) standing instructions to disburse funds by check or wire based on a customer-signed authorization. Due to limited operations staffing, the branch proposes letting registered reps approve mail holds and retain authorization records in their own email folders.
Which option states the primary supervisory risk/tradeoff with this setup?
Best answer: C
Explanation: Holding mail and decentralizing disbursement authorizations weakens independent customer review and documentation, increasing misappropriation risk.
Mail holds reduce a key control: customers’ timely receipt of confirmations and statements that can reveal unauthorized trading or account changes. Separately, weak retention of negotiable-instrument/disbursement authorizations undermines the firm’s ability to evidence customer instructions. Together, the design increases the risk that misconduct or errors go undetected and that the firm cannot demonstrate proper authorization.
The core supervisory concept is that customer mailings (statements/confirmations) and clear, retrievable records of customer authorization for checks/wires are key detective and evidentiary controls. If a rep can both initiate activity and control whether the customer receives mail, unauthorized trading, address changes, or disbursements may be concealed longer. If authorization records for negotiable instruments are kept in a rep’s inbox (rather than retained centrally and reviewable), the firm may be unable to prove the customer approved the transaction, increasing exposure to misappropriation and supervisory findings. The main tradeoff is customer convenience versus losing independent customer visibility and a reliable audit trail, not market-structure or settlement mechanics.
Topic: Trading Supervision
Under Regulation NMS, a “trade-through” is best defined as which of the following?
Best answer: D
Explanation: A trade-through occurs when a trade executes at an inferior price to a protected quotation on another trading center.
Reg NMS order protection is aimed at preventing executions at prices inferior to protected quotations. A trade-through describes the prohibited outcome: executing at a worse price than a protected quote available on another trading center, absent an applicable exception.
The Order Protection Rule concept is that displayed, immediately accessible “protected quotations” on exchanges (and the association) should not be bypassed by executing at an inferior price on another trading center. A “trade-through” is the execution that occurs at a price worse than a protected quotation, which drives firms’ routing and execution controls.
From a principal/supervisory perspective, firms should have WSPs and surveillance reasonably designed to:
Limit order display obligations support this framework by helping ensure eligible limit interest is displayed and contributes to accessible quotations that routing logic must respect.
Topic: Broker-Dealer Supervision
A broker-dealer maintains a written document that (1) assigns supervisory responsibility by activity, (2) specifies required reviews and approvals before and after transactions, (3) describes the controls used to monitor for red flags, (4) requires documentation that the reviews occurred, and (5) provides escalation steps when issues are identified. Which term best matches this function?
Best answer: B
Explanation: WSPs are the firm’s written, role-based instructions for supervision, approvals, monitoring, documentation, and escalation.
The description matches the core purpose of written supervisory procedures: to translate a firm’s supervisory system into written, activity-specific instructions. WSPs identify who supervises what, what approvals/reviews must occur, what controls are used, what evidence must be kept, and how exceptions are escalated. That combination distinguishes WSPs from other required written programs.
Written supervisory procedures are the firm’s written roadmap for how supervision is actually carried out. They should be reasonably designed for the firm’s business and clearly allocate responsibility so supervisors know which activities they must review, what approvals are required, and how surveillance or other monitoring is performed. Just as important, WSPs typically require supervisors to create and retain evidence of the review/approval (so the firm can demonstrate the supervision occurred) and to follow defined escalation paths when red flags or exceptions arise. In contrast, other written programs (like BCP, AML, or personal trading policies) each cover a narrower purpose and do not serve as the firm’s overall activity-by-activity supervisory instruction set.
Topic: Customer Activity Supervision
A broker-dealer’s internal audit found possible mutual fund breakpoint misses (failure to apply rights of accumulation/letters of intent) and inconsistent share class selection. The firm can implement only one new supervisory control this quarter.
Control 1: Update WSPs to require reps to review the fund’s breakpoint schedule and document share class rationale, supported by annual training and rep attestations.
Control 2: Run monthly transaction-level exception reports that (a) aggregate mutual fund purchases across related accounts/households to test breakpoint eligibility and (b) flag sales where a lower-cost eligible share class appears available for the account type. A principal must review, document disposition, and coordinate customer remediation when needed.
Which control best fits the goal of detecting and correcting breakpoint-related and share class sales issues?
Best answer: B
Explanation: Transaction-level exception testing with principal review is designed to identify affected customers and drive documented remediation.
Breakpoint and share class supervision is strongest when the firm can detect specific affected transactions and then correct customer impact. A periodic exception-report program that aggregates related accounts and flags anomalies provides actionable, documentable supervisory follow-up. It also supports consistent remediation (e.g., reimbursements and corrected disclosures) when problems are found.
For breakpoint and share class sales, principals need controls that do more than restate policy—they must test actual sales outcomes and produce an audit trail of follow-up. A monthly exception-report process can (1) aggregate purchases across related accounts/households to catch missed rights of accumulation/letters of intent and (2) highlight potentially higher-cost share class sales when a lower-cost eligible class appears available for the account type. The principal’s documented review (clear/reject/escalate), investigation of root cause, and coordination of customer remediation are what turn surveillance into “detect and correct” supervision. Training and WSP language are helpful but typically won’t identify which customers were impacted or ensure timely restitution.
Topic: Broker-Dealer Supervision
A new General Securities Principal is helping the CCO support the firm’s annual compliance and supervisory certification. They are choosing between two evidence packages:
Which package best fits the purpose of annual compliance and supervisory certifications?
Best answer: B
Explanation: Annual certifications are best supported by documented reviews/testing of supervisory controls and evidence that exceptions were identified and remediated.
Annual compliance and supervisory certifications are intended to evidence that the firm has a reasonably designed supervisory control framework and that it is being reviewed and tested. Objective documentation—risk-based reviews, test results, identified exceptions, and remediation—best supports that conclusion. Mere attestations without validation generally do not demonstrate effective oversight.
Annual compliance and supervisory certifications are meant to document senior-level accountability for a firm’s supervisory and compliance program and to demonstrate that the firm actually reviews the effectiveness of its controls—not just that written procedures exist. The strongest support is objective, repeatable evidence showing that the firm assessed risks, performed supervisory control testing or reviews, identified exceptions, and documented follow-up and remediation.
Package 2 aligns with this purpose because it ties the certification to a risk assessment, testing/monitoring outputs, and issue management. A collection of manager attestations alone is typically insufficient because it lacks validation and does not show the firm evaluated whether controls are working as designed.
Topic: Customer Activity Supervision
A firm’s retail representatives routinely use personal text messages to discuss account recommendations and trade instructions with customers. The firm’s WSPs do not address texting, and the firm has no system to capture or retain these messages.
During a FINRA exam, the firm is asked to produce a sample of these customer communications for the review period but cannot. What is the most likely outcome?
Best answer: B
Explanation: Failing to capture and retain business-related customer communications prevents the firm from evidencing supervision and complying with recordkeeping obligations.
Business-related communications with customers must be captured and retained in a manner that can be produced to regulators. If the firm cannot produce texts used for recommendations and instructions, it cannot demonstrate adequate supervision or compliance with recordkeeping obligations. That typically results in exam findings and remedial undertakings, and can drive broader regulatory scrutiny.
Firms are expected to maintain records of business-related communications with the public, regardless of whether the message is sent by email, IM, or text. Those records support day-to-day supervision (surveillance, investigations, complaint handling) and allow regulators to test controls and reconstruct what was communicated to customers.
When a firm does not capture and retain off-channel texts used for recommendations or trade instructions, it creates two predictable consequences:
A policy change alone is not an adequate “fix” for missing historical records that were required to be retained.
Topic: Broker-Dealer Supervision
A broker-dealer replaces its electronic order management system (OMS). To speed rollout, the trading supervisor allows the vendor’s support team to use one shared administrator login for all post-implementation “tuning,” and the firm does not retain system logs showing who changed order-routing parameters or when the changes occurred.
If the firm is later questioned by regulators about a week of unusual executions and customer complaints, what is the most likely outcome of this control failure?
Best answer: B
Explanation: Shared admin access and missing change/audit logs can prevent the firm from reconstructing events and demonstrating effective supervisory controls.
Technology controls must support auditability and supervision. Using a shared administrator ID and failing to retain change logs undermines accountability and prevents the firm from reconstructing who changed routing settings and when. When questioned about unusual executions, the firm’s inability to produce an audit trail creates a high risk of supervisory-control and recordkeeping findings.
A core supervisory requirement is that firm systems support controlled access and a reliable audit trail so activity and system changes can be attributed to specific individuals and reviewed. In this scenario, a shared administrator login and missing logs for changes to order-routing parameters eliminate user-level accountability and make it difficult (or impossible) to investigate the cause of the executions, test whether controls operated, or demonstrate that supervisors reasonably monitored and approved changes.
Firms are generally expected to have high-level controls such as:
Without these, regulators can cite failures in supervisory controls and records/auditability, especially when customer harm indicators (complaints, unusual execution quality) arise. Contracting with a vendor does not transfer the firm’s supervisory responsibility.
Topic: Broker-Dealer Supervision
You supervise the firm’s monthly FOCUS filing process under the WSPs. One business day before the filing is due, your review finds the net capital workpaper does not reconcile to the general ledger because a bank balance feed failed to update, and the variance could change the reported net capital.
What is the best next supervisory step?
Best answer: C
Explanation: If data affecting net capital may be wrong, the filing should be held for reconciliation, documented review, and escalation to the FINOP before submission.
A principal must supervise financial reporting to ensure filings are accurate and supported by evidence, not just timely. When a discrepancy could affect a key financial metric like net capital, the appropriate workflow is to escalate to the FINOP, reconcile to books and records, and document the review and corrections before submitting. Timeliness is important, but it does not override accuracy and required supervisory controls.
Broker-dealer financial reporting supervision focuses on having controls that produce accurate, complete, and timely regulatory submissions (for example, FOCUS filings) and documented evidence that those controls were performed. Here, the variance stems from a failed data feed and could change reported net capital, so it is not appropriate to “push through” a filing based on assumptions or unsupported explanations.
A sound next-step sequence is:
Key takeaway: timeliness matters, but the supervisor’s primary duty is preventing inaccurate regulatory filings through documented review, escalation, and remediation.
Topic: Investment Banking Supervision
A member firm is advising Issuer A on a planned tender offer for Target T that has not been publicly announced. The investment banking team “wall-crossed” several internal employees, but a research analyst was mistakenly included on an internal deal email. The next day, Compliance receives an exception report showing the analyst purchased Target T stock in a personal account.
As the supervising principal, what is the best next step?
Best answer: A
Explanation: The priority is to preserve evidence, investigate potential misuse of MNPI, and prevent further trading/communications through prompt escalation and restrictions.
A potential MNPI breach around an unannounced tender offer requires immediate supervisory escalation and controls to prevent further harm. The firm should promptly involve Legal/Compliance, preserve relevant communications, and put the issuer on a restricted list (and related controls) while investigating the trade. Actions that rely on a verbal denial, allow publication, or delay restrictions are not an appropriate first step.
In M&A and tender offer activity, the key supervisory risks are misuse of MNPI, improper communications (including with Research), and trading while in possession of confidential deal information. When an exception report shows personal trading in a security tied to a nonpublic transaction and there is evidence of an information-barrier failure (the mistaken email), the principal’s best next step is to escalate and lock down controls while the facts are gathered.
Appropriate immediate actions typically include:
The key takeaway is to prevent additional trading/communications and investigate with documented escalation, rather than relying on informal explanations or delayed controls.
Topic: Broker-Dealer Supervision
An associated person notifies the firm that (1) she will be a passive, unpaid board member of a local charity, and (2) she wants to introduce several firm customers to a friend’s startup that is selling promissory notes in a private offering, for which she would receive a 2% “finder’s fee” paid by the issuer. The firm would not participate in the offering.
Which statement by the supervising principal is NOT accurate?
Best answer: A
Explanation: Disclosure alone does not eliminate the firm’s duty to require notice, decide whether to approve, and supervise a private securities transaction.
Receiving a finder’s fee tied to customer investments is a private securities transaction, which triggers firm notice, approval, and supervision requirements. A customer disclosure that the firm is not involved does not replace the principal’s obligation to evaluate, approve or prohibit, and supervise the activity. The charity board role is an outside business activity that still requires disclosure and conflicts oversight.
Outside business activities (OBAs) involve roles or jobs outside the broker-dealer and are reviewed primarily for conflicts, time demands, and customer confusion; they generally require prior notice to the firm and appropriate conditions or monitoring. A private securities transaction (PST) occurs when an associated person participates in a securities transaction outside the firm, especially when there is selling activity or transaction-based compensation.
Here, introducing firm customers to a note offering and being paid a 2% finder’s fee is PST activity. The firm must require written notice, decide whether to approve or prohibit it, and if approved, supervise it as firm business (including appropriate recordkeeping and controls). Customer disclosure that “the firm isn’t involved” does not remove the firm’s supervisory responsibilities.
The key takeaway is that compensation tied to securities sales drives PST treatment and heightened supervision expectations.
Topic: Registration and Personnel Supervision
You are the Series 24 principal reviewing a registered rep applicant’s pre-hire file before approving the Form U4 submission and allowing the rep to begin soliciting retail clients.
Exhibit: Pre-hire disclosure summary (CRD + credit report)
| Item | Date | Status/Notes |
|---|---|---|
| Form U5 | Nov 2024 | “Permitted to resign while under internal review regarding excessive trading/suitability.” |
| Customer arbitration | Aug 2025 | Allegation: unsuitable variable annuity; claimed damages $85,000; pending. |
| Federal tax lien | May 2020 | $12,400; satisfied in full. |
Based on the exhibit, what is the most appropriate supervisory action?
Best answer: C
Explanation: A recent U5 internal review for sales-practice issues and a pending customer arbitration are clear red flags requiring escalation, verification, and potentially heightened supervision before client contact.
The U5 indicates the applicant left a prior firm while under internal review for excessive trading/suitability, and there is a pending customer arbitration alleging unsuitable recommendations. Those items are sales-practice red flags that require escalation and additional due diligence before approving registration and permitting client contact. The satisfied tax lien may warrant review, but it is not the primary supervisory concern here.
Principals must do more than “check the box” when an applicant’s history suggests potential sales-practice risk. A Form U5 stating the rep was permitted to resign while under internal review for excessive trading/suitability, combined with a pending customer arbitration alleging an unsuitable variable annuity, signals heightened risk that should be escalated and investigated before the rep is approved to solicit clients.
Appropriate supervisory steps typically include:
A satisfied tax lien is not automatically disqualifying, but it can be considered in the overall risk assessment.
Topic: Broker-Dealer Supervision
A member firm has signed a definitive agreement under which an outside investor group will acquire a controlling voting interest and will replace the CEO and a majority of the board at closing. The firm expects to continue the same product lines and customers. As the designated principal coordinating the transition, which statement is INCORRECT?
Best answer: A
Explanation: A change in control can require regulatory notice and/or prior approval even if the firm’s business lines remain the same.
A control change is a material membership event that principals must treat as a regulatory process, not just a corporate transaction. Even if day-to-day products and customers remain unchanged, the firm may need to provide notice and obtain approval before the new owners/control persons take over. The principal’s role is to coordinate filings, timing, and supervisory readiness for the post-change structure.
Changes in ownership or control can trigger a regulatory notice and, in some cases, a requirement to obtain approval before the change becomes effective. A principal coordinating the transition should assume the analysis is driven by who will control the member (voting power, governance, and senior management), not only by whether the firm’s products or customer base change.
In practice, this means the firm should:
The key takeaway is that “no business change” does not eliminate obligations tied to ownership/control changes.
Topic: Customer Activity Supervision
For broker-dealer supervision of associated persons’ social media, which statement correctly distinguishes static content from interactive content for approval and review purposes?
Best answer: D
Explanation: Static posts are treated like retail communications needing pre-use principal approval, while interactive exchanges are typically supervised through procedures and post-use monitoring.
Static social media content is generally treated like a retail communication because it remains posted and is reusable, so it typically requires principal approval before first use. Interactive content is more like real-time conversation, so firms supervise it through WSPs, training, monitoring, and post-use review rather than mandatory pre-approval. Both forms still require appropriate supervision and retention under the firm’s controls.
The key supervisory distinction is whether the communication is “static” (stays posted until changed) or “interactive” (real-time, conversational back-and-forth). Because static content functions like an advertisement that can be repeatedly viewed, firms generally must have a registered principal approve it before it is first used. Interactive content is typically supervised through written procedures reasonably designed to achieve compliance—such as surveillance, sampling/post-use reviews, lexicon alerts, and escalation—rather than a universal pre-use approval requirement. Regardless of type, the firm must retain required records and ensure communications are fair and balanced and not misleading. The core takeaway is pre-use approval is generally tied to static, reusable communications, while interactive communications rely more on ongoing supervision and post-use controls.
Topic: Broker-Dealer Supervision
A retail customer sends a message through the firm’s secure online portal stating: “Your representative said this note was principal-protected. I lost money and I want to be made whole.” The customer asks for a call back.
As the supervising principal, which action best complies with broad supervisory standards for capturing, triaging, and documenting complaints?
Best answer: C
Explanation: A written allegation of a sales-practice issue with a demand to be made whole should be logged, classified, investigated, and documented for potential reporting and corrective action.
The firm should capture and log the portal message as a written customer complaint because it alleges a sales-practice issue and seeks to be made whole. Proper triage requires routing it to supervision/compliance for review and investigation rather than informal handling by the registered representative. Documenting the complaint classification is important because it affects internal escalation, trend analysis, potential regulatory reporting, and remediation decisions.
A core supervisory expectation is that customer complaints are captured consistently, evaluated promptly, and documented in a way that supports escalation and oversight. A written message (including via a firm portal) alleging misrepresentation or unsuitable sales practices is a complaint that should be logged and classified, then routed for supervisory review and investigation with records preserved.
How the firm classifies the complaint matters because it typically determines:
Informal resolution by the representative may occur only after the firm has captured, triaged, and supervised the matter.
Topic: Customer Activity Supervision
A registered representative asks the principal to approve a $15,000 payment to an online newsletter to publish a “special report” highlighting a thinly traded microcap that the firm makes a market in and currently holds in inventory. The rep says the newsletter will run the piece within 24 hours but “doesn’t label sponsored content or disclose compensation.” The firm also has an active investment banking relationship with the issuer.
Which is the best supervisory response?
Best answer: A
Explanation: Paying for undisclosed promotional coverage is a market-manipulation red flag that requires immediate escalation and controls before any communication or trading continues.
An undisclosed payment for a publication that could move a thinly traded stock is a significant manipulation and communications risk, especially where the firm is a market maker and has an investment banking relationship. The appropriate principal action is to stop the activity and escalate to Compliance/Legal for review, require clear compensation disclosure if any piece is ever used, and implement trading controls (e.g., restricted/watch) while concerns are evaluated.
When a broker-dealer (or its associated persons) pays for publicity intended to influence interest in a security, it creates heightened risks of misleading communications and potential market manipulation. Those risks are amplified when the security is thinly traded and the firm has conflicts such as market making inventory and an investment banking relationship.
At a high level, the principal should respond by:
A simple principal “advertising approval” or customer-facing disclosure alone does not address the undisclosed-pay structure and manipulation concerns.
Topic: Customer Activity Supervision
A BD’s WSPs define communication categories as follows: retail communication is distributed to more than 25 retail investors in any 30-calendar-day period; correspondence is distributed to 25 or fewer retail investors; institutional communication is distributed only to institutional investors.
Marketing plans to email the same product piece during the next 30 days to 12 existing retail customers, 16 retail prospects, and 40 institutional contacts. What supervision/approval is required before first use?
Best answer: B
Explanation: Because 28 retail recipients are planned in 30 days, it is retail communication requiring registered principal approval before use.
The planned distribution includes 12 + 16 = 28 retail recipients within 30 days. Under the stated WSP definitions, exceeding 25 retail recipients makes the piece a retail communication, which requires registered principal approval prior to first use. The presence of institutional recipients does not reduce the retail communication obligations when the same piece is sent to retail at retail-communication scale.
The supervisory decision turns on counting how many retail investors will receive the communication within a 30-day period under the firm’s stated thresholds. Here, the email list includes both retail and institutional recipients, but the classification is driven by the retail distribution when the same piece is used.
Retail communications generally require a registered principal’s approval prior to first use, whereas correspondence and institutional communications are typically supervised through documented, risk-based review procedures that do not necessarily require pre-use principal approval. Key takeaway: first determine the category by the retail count, then apply the higher pre-use approval standard when it becomes retail communication.
Topic: Investment Banking Supervision
Your firm is a co-manager in an upcoming IPO and wants the research department to email a full initiating coverage report on the issuer to all retail and institutional clients one week before the roadshow to “build interest.” As the supervising principal, which primary risk/limitation is most important to address in this setup?
Best answer: C
Explanation: Because the firm is participating in the IPO, distributing research broadly right before the roadshow raises restricted-period/market-conditioning concerns that require tight timing and audience controls.
When a broker-dealer is participating in an offering, research distribution becomes a high-risk activity because it can be treated as marketing that conditions the market for the deal. The principal’s key tradeoff is supporting sales while controlling timing and limiting distribution so research is not effectively used as pre-offering solicitation.
The core supervisory issue is that, during an IPO where the firm is in the syndicate, research dissemination can function like sales material and improperly “condition” the market for the securities being offered. A principal should focus first on controls around whether research may be published/distributed at that point in the offering and, if permitted, how distribution is limited (who receives it and when), along with required internal approvals and documentation. The practical tradeoff is that earlier, broader distribution may help generate interest, but it materially increases the risk of violating restricted-period expectations and undermining research independence. Controls commonly include a defined restricted period, pre-use supervisory review, distribution list controls (retail vs. institutional), and clear separation from investment banking marketing activity.
Topic: Trading Supervision
Which statement is most accurate regarding trade comparison/confirmation and resolving mismatches and DKs at a broker-dealer?
Best answer: D
Explanation: A DK is an exception that requires timely research and corrective action (correct/resubmit or cancel), not passive aging to settlement.
Trade comparison is the process of matching the two sides of a trade (often through a clearing utility) so the transaction can clear and settle. A DK is an exception indicating the contra party does not recognize the trade, requiring the firm to research the cause and take corrective action. Supervisory focus is on timely exception review, documentation, and remediation to prevent failed trades.
Trade comparison/confirmation is designed to align trade details (e.g., side, quantity, price, symbol/CUSIP, capacity, and settlement terms) between the parties so the trade can clear and settle. When a mismatch occurs, or a contra party issues a DK (“don’t know”), the firm should treat it as an exception: review exception reports, investigate promptly (ticket, time stamp, recordings, allocations, give-ups), and resolve by correcting and resubmitting matched details or canceling/breaking the trade if it was entered in error.
The key supervisory expectation is active monitoring and timely remediation of comparison exceptions, not treating customer confirmations or settlement-day processes as substitutes for trade comparison and DK resolution.
Topic: Customer Activity Supervision
A broker-dealer has become subject to FINRA’s tape-recording requirement due to its recent hiring history. The supervisor is choosing between two WSP designs for customer telephone calls.
Design 1: All registered persons must use firm-approved recorded lines (including approved mobile voice). The firm records all inbound/outbound customer calls, supervisors review a documented risk-based sample each month, and recordings are retained for at least 3 years with the first 2 years readily accessible.
Design 2: Registered persons record calls only when they believe a “recommendation” is being discussed. Recordings are stored on the rep’s device for 12 months, and supervisors access them only after a complaint.
Which design best fits the tape-recording requirement and related monitoring/retention expectations?
Best answer: D
Explanation: Taping programs are expected to record covered customer calls, include ongoing supervisory review, and retain recordings for the required period in a retrievable manner.
A taping firm’s controls should reliably capture covered customer telephone communications, not rely on a rep’s judgment about when to record. The program must also include supervisory monitoring (with documented review) and retention of recordings for the required period in a readily retrievable format.
For firms subject to FINRA’s tape-recording requirement, supervision is not satisfied by ad hoc or selective recording based on a registered person’s discretion. The firm must implement controls that reasonably ensure covered inbound and outbound customer calls are recorded on firm-controlled systems, with surveillance designed to detect potential rule violations. Just recording is not enough—WSPs should require periodic supervisory review (typically a documented sample using a risk-based approach) and retention of the recordings for the applicable retention period in a manner that can be promptly produced. A design that stores recordings on a rep’s device and reviews only after complaints is both unreliable for capture and inconsistent with proactive monitoring expectations.
Topic: Trading Supervision
A broker-dealer’s trading supervision WSP requires all order entry and routing systems (including vendor OMS/EMS) to synchronize to a firm-approved time source, document periodic clock-synchronization testing, and retain the test results. This control most directly supports which CAT objective/obligation?
Best answer: A
Explanation: CAT requires firms to synchronize business clocks and retain related records so reported order events can be accurately time-sequenced for surveillance.
CAT is designed to let regulators reconstruct the lifecycle of orders and trades across markets and firms. To make that reconstruction reliable, firms must use synchronized business clocks and maintain records showing the synchronization/testing. The described WSP control is therefore aimed at meeting CAT clock synchronization and related recordkeeping obligations tied to CAT reporting timestamps.
CAT’s high-level purpose is to enhance regulators’ ability to surveil markets by enabling reconstruction of the order lifecycle across broker-dealers, exchanges, and ATSs using standardized, time-sequenced event data. To support that, firms have core obligations to (1) report required order and trade events with accurate timestamps, (2) synchronize business clocks used to create those timestamps, and (3) keep records demonstrating synchronization and the firm’s compliance. A WSP that mandates a firm-approved time source, periodic synchronization testing, and retention of test results is a direct supervisory control for CAT clock synchronization and associated recordkeeping so CAT-reported events can be correctly ordered and analyzed.
Topic: Broker-Dealer Supervision
A broker-dealer launches an automated cash-sweep program that moves retail customers’ free credit balances each night into an affiliated bank account. Treasury proposes using the pooled sweep cash to cover the firm’s short-term operating funding needs, with the intent to replace the funds before the market opens.
As the General Securities Principal, which supervisory action best aligns with customer-protection expectations for cash management and helps prevent misuse of customer assets?
Best answer: D
Explanation: Customer free credit balances must be controlled and segregated so they are not used as a source of firm financing, supported by reconciliation and independent testing.
Using customer free credit balances as operating funding creates a high supervisory risk because it treats customer assets as a firm financing source. The best control is to enforce segregation and purpose limitations on customer cash, backed by timely reconciliations and escalation for exceptions. This design reduces commingling risk and helps ensure customers can receive funds promptly when due.
Customer-protection expectations require firms to safeguard customer cash and prevent it from being used to finance the broker-dealer’s business. A sweep structure can be permissible operationally, but supervision must ensure customer cash remains available for customers and is not commingled or pledged for firm purposes.
Strong controls typically include:
A key takeaway is that “we’ll replace it by morning” does not eliminate the misuse-of-customer-assets risk.
Topic: Customer Activity Supervision
Which statement is most accurate about a principal’s response to surveillance red flags for excessive or rapid in-and-out trading in a retail account?
Best answer: C
Explanation: Red flags require an independent, documented supervisory investigation with escalation and remediation when concerns are substantiated.
Surveillance indicators of churning, concentration, or rapid in-and-out trading are red flags that require a reasonable, independent principal review. The principal should examine the account’s objectives and risk tolerance, the trading history and cost/commission impact, and relevant rep-customer communications. The firm must document conclusions and escalate and remediate when concerns are supported.
The core supervisory concept is that “red flags” from exception reports are not self-clearing; they trigger a reasonable, risk-based investigation. For excessive trading or in-and-out activity, a principal typically evaluates whether the activity aligns with the customer’s investment profile and whether the pattern suggests churning or unsuitable strategy.
A practical investigation workflow is:
Relying only on a rep’s assurance or waiting for a complaint fails the duty to supervise when objective indicators show heightened risk.
Topic: Trading Supervision
In general, when a security is subject to a regulatory trading halt or a Limit Up–Limit Down (LULD) volatility pause, which statement best describes how a broker-dealer must handle its quotes and customer orders?
Best answer: A
Explanation: During a halt/pause, firms must remove actionable quotes and ensure systems do not execute or route orders until the security reopens.
A trading halt or LULD pause requires the firm to stop actionable trading activity in the affected security. Supervisory controls should ensure quotes are withdrawn and that order handling systems do not execute or route orders during the halt. Customer orders may be held (subject to firm policy and customer instructions) and processed only after trading resumes.
The core concept is that a regulatory halt or LULD volatility pause temporarily stops trading in the security, so a broker-dealer must not display actionable quotes or effect transactions while the halt is in place. From a supervisory standpoint, WSPs and market access controls should require prompt quote withdrawal (including market-maker quotes) and automated blocks that prevent routing to venues or executing internally during the halt. Customer orders already on hand are generally treated as resting/held during the halt (unless the customer cancels or the firm’s policy requires cancellation), and they may be eligible to be routed/executed only once trading officially resumes. The key control objective is to prevent executions or published quotes that would violate the halt/pause conditions.
Topic: Investment Banking Supervision
Your firm is the lead manager on an upcoming follow-on offering for a listed issuer. Investment banking learns (from the issuer) nonpublic information about the expected offering size and that quarterly results will likely miss consensus. The equity trading desk asks the investment banking team for this “deal color” so it can adjust market-making inventory and quotes, and research asks for the same information to “avoid being wrong” in a pending report.
As the General Securities Principal, what is the single best supervisory action that satisfies these constraints while protecting market integrity?
Best answer: A
Explanation: Information barriers require keeping investment banking MNPI from research and trading unless Compliance approves and documents a wall-crossing with appropriate trading/research restrictions.
The firm has potential MNPI from investment banking that cannot be used to influence trading or research. The best supervisory decision is to enforce information barriers by restricting dissemination and trading, and to permit any exceptions only through a controlled, documented Compliance-led wall-crossing process with appropriate restrictions.
Information barriers are designed to prevent material nonpublic information (MNPI) obtained in investment banking from being used by research or trading, which supports market integrity and reduces insider-trading and manipulation risk. Here, the deal size and likely earnings miss are potential MNPI, and both the trading desk and research are requesting it for purposes that could affect quotes, inventory, and published opinions.
A principal’s best action is to:
The key takeaway is that process and controls—not “verbal only” sharing or “business purpose” justifications—are what make the barrier effective.
Topic: Broker-Dealer Supervision
A broker-dealer is reorganizing and consolidating its books-and-records function after a reduction in force. To cut costs quickly, the firm plans to (1) name one departing operations manager as the sole “custodian of records” for the next 60 days, (2) give that person the only administrator credentials for the electronic archive, and (3) delay documenting a transition plan until after the reorganization is complete.
Which option best states the primary risk/tradeoff the principal must address before approving this setup?
Best answer: D
Explanation: Making one departing person the single control point can leave the firm unable to retrieve and produce required records on demand.
Even if recordkeeping is centralized or supported by vendors, the broker-dealer must maintain continuous control and the ability to promptly retrieve and produce required records. Concentrating access and knowledge in a single departing employee creates a single point of failure. The key tradeoff is short-term cost savings versus continuity, access controls, and demonstrable custodianship through personnel changes.
Custodianship of books and records means the firm must be able to preserve, retrieve, and promptly produce required records under its supervision, even when personnel change or functions are reorganized. Naming a “custodian” is not just a title—access, authority, documentation, and backup coverage must be built into the process.
Here, the setup creates a single point of failure by giving one departing employee the only administrator credentials and delaying a documented transition plan. A principal should require controls such as shared/role-based admin access, documented handoff procedures, and testing that records can be retrieved and produced without reliance on one individual. The key takeaway is that responsibility for compliant recordkeeping cannot be effectively “parked” with a departing person.
Topic: Broker-Dealer Supervision
Which statement best describes a broker-dealer’s short interest reporting expectation and why accurate reporting supports market integrity?
Best answer: C
Explanation: Short interest reporting is a periodic, security-level submission of aggregate short positions that promotes transparency and supports regulatory monitoring for abusive activity.
Short interest reporting is a periodic submission of a firm’s aggregate short positions by security (typically reported industrywide on a regular cycle, often twice monthly). Accurate short interest data improves market transparency and helps regulators and market participants assess short positioning. It also supports surveillance for manipulative trading and other market integrity concerns.
Short interest reporting refers to a broker-dealer reporting its aggregate short positions in a given security as of specified reporting dates through established industry reporting channels. The resulting published short interest statistics provide transparency about the level of short positioning in the market. From a supervisory perspective, accuracy matters because regulators use the data for surveillance and to investigate potential manipulative activity (for example, improper short selling strategies), and the market relies on it to form informed views about supply/demand dynamics. Firms should have controls to ensure positions are captured consistently across customer and proprietary accounts, reconciled to books and records, and submitted timely and accurately. The key takeaway is that short interest reporting is position-based and periodic, not trade-by-trade execution reporting or a locate/borrow report.
Topic: Registration and Personnel Supervision
A firm discovers that several registered representatives missed their Regulatory Element due date and were placed into an “inactive” status by FINRA. The General Securities Principal is comparing two WSP control designs to prevent any inactive rep from soliciting or effecting securities transactions.
Which control design best addresses this risk?
Best answer: D
Explanation: Regulatory Element completion is tracked in FINRA’s CE system, and an inactive rep must be blocked from performing registered functions until the status is restored.
The Regulatory Element is a FINRA-administered CE requirement that is tracked through FINRA’s CE/CRD systems, and failure to complete it results in an inactive registration status. A principal’s key supervisory control is to monitor that status and prevent an inactive individual from performing registered functions until the requirement is satisfied. A firm-element-only approach does not address the decisive risk in the scenario.
Continuing education has two parts: the Regulatory Element and the Firm Element. The Regulatory Element is administered by FINRA and tracked through FINRA’s systems (e.g., CRD/CE status). If a registered person does not complete it by the due date, their registration becomes inactive and they cannot perform, or be compensated for, activities requiring registration until the deficiency is cured.
A principal should therefore design controls that:
Firm Element training is designed and tracked by the broker-dealer and is not a substitute for verifying Regulatory Element completion.
Topic: Customer Activity Supervision
A registered representative submits a request to (1) change a long-standing individual brokerage account to a transfer-on-death (TOD) registration naming the customer’s niece as beneficiary and (2) add the niece as the account’s agent with limited trading authorization. The request was emailed from the niece, and the attached scanned forms show a signature that does not match the firm’s signature card on file.
As the assigned principal, what is the single BEST supervisory action before the firm processes the requested changes?
Best answer: B
Explanation: Because ownership/authority changes and a signature discrepancy are red flags, the principal must verify customer intent and require complete, properly executed documentation before approval.
Changes to account ownership/registration and to who has authority to trade require reliable, properly executed documentation and principal oversight. When the request is initiated by a third party and the signature does not match the firm’s records, the principal should treat it as a potential unauthorized change. The best action is to independently verify the customer’s instructions and obtain complete documentation before processing.
A principal must supervise account maintenance to ensure changes to registration (e.g., adding a TOD beneficiary) and changes to authority (e.g., adding an agent via a trading authorization or power of attorney) are supported by properly executed documents and are consistent with the customer’s verified instructions. Here, the request comes from the niece (a third party) and the signature on the scanned forms does not match the firm’s records—both are red flags for an unauthorized change. The appropriate supervisory response is to pause processing and independently confirm the customer’s intent using trusted contact information already on file, then collect and review the required paperwork (and any firm-required identity/authority documentation) before approving and updating the account records. The key takeaway is independent customer verification plus complete documentation for ownership/authority changes.
Topic: Broker-Dealer Supervision
A firm receives a FINRA Rule 8210 request seeking emails and business-related text messages for three registered reps covering the past 12 months. The principal reviews the firm’s WSP excerpt below.
Exhibit: WSP excerpt — Regulatory requests / legal holds
Based on the exhibit, what supervisory action is supported as the appropriate initial response?
Best answer: B
Explanation: The WSP requires a legal hold notice and suspension of auto-deletion once a regulatory request is received.
A regulatory records request is a stated legal-hold trigger in the WSP. The supported response is to immediately issue a legal hold identifying custodians and sources and to stop any routine deletion processes affecting potentially responsive ESI. This ensures preservation while the firm collects and produces the requested records.
When a broker-dealer receives a regulatory request for records, supervision must shift from routine retention to preservation. The exhibit makes the trigger explicit (receipt of a FINRA/SEC records request) and requires two immediate preservation controls: (1) sending a legal hold notice that defines custodians, date range, and record types, and (2) directing IT to suspend auto-deletion/retention purges for the identified systems (including email and messaging archives). Firms should preserve potentially responsive information in place and maintain it until Legal/CCO releases the hold after the matter concludes. The key takeaway is that a legal hold stops ordinary destruction workflows that could otherwise delete relevant records.
Topic: Customer Activity Supervision
An investment banking desk wants to copy two pages from the firm’s already-published equity research report (including the rating and price target) into an issuer pitch book and a client email to help win an underwriting mandate. The research analyst will not attend the pitch meeting, and banking asks for a “same-day” turnaround with minimal edits.
As the supervising principal, which primary risk/tradeoff must your controls address most directly?
Best answer: B
Explanation: Using research content in a pitch/email can turn it into marketing communications and create real or perceived investment-banking influence, requiring controls and disclosures to preserve research integrity.
When research content is repackaged to support investment banking and sales efforts, the key supervisory tradeoff is speed versus controls that preserve research independence and ensure the communication is properly reviewed, labeled, and disclosed. The principal must prevent real or perceived investment-banking influence and avoid presenting research excerpts in a misleading, out-of-context way.
The core issue is the boundary between “research” and “marketing” and the conflict controls that protect research from investment banking and sales pressure. Even if the content was already published, copying excerpts into an issuer pitch book or client email can change the purpose and audience, making it a marketing communication rather than a standalone research report. That raises the highest-risk supervisory concern: research independence (and the appearance of promised favorable coverage) plus the need for appropriate review and disclosures so the message is not misleading.
Practical controls typically include:
Operational delays are secondary to avoiding undisclosed influence and misleading repurposing.
Topic: Broker-Dealer Supervision
A branch supervisor reviewing daily activity sees an 82-year-old customer liquidate 120,000 of blue-chip stock and request three same-day wires to a newly added bank account in a foreign country that is not in the customer s name. The registered representative says the instructions came by email and is pressuring operations to release the wires before the market close, but the customer cannot be reached using the email thread. Under the firm s WSPs, disbursements may be temporarily restricted when there are fraud/AML red flags and the firm must document the review and any escalation.
What is the single best next supervisory action?
Best answer: B
Explanation: It preserves funds and evidence while initiating documented triage, independent verification, and formal AML/compliance escalation under the WSPs.
The activity presents multiple red flags (elderly customer, rapid liquidation, third-party foreign wires, email-only instructions). The supervisor s best response is to triage by restricting the disbursements, independently verifying the customer s intent using a trusted channel, and escalating to AML/compliance with thorough documentation. This satisfies the WSP requirement to protect the customer while an investigation is performed.
When red flags arise, a principal should follow a documented workflow that both protects the customer and preserves evidence for a defensible review. Here, the combination of rapid liquidation and wires to a new, third-party foreign account based on an email instruction warrants a temporary restriction and escalation.
A high-level workflow is:
Releasing funds based on the email or relying on the representative to fix documentation fails to address the immediate risk and independence requirements.
Topic: Investment Banking Supervision
Your firm is a member of the underwriting syndicate for an upcoming IPO. Marketing proposes a short “tombstone-style” post on social media that lists the issuer name, security type, and the syndicate, and also says: “Don’t miss this exciting growth story—request your allocation today.” As the investment banking principal approving communications, which change best keeps the post compliant as a public notice that is not treated like an offering solicitation?
Best answer: B
Explanation: A compliant tombstone is limited to identifying information and includes a clear statement that the offering is made only by the prospectus.
A tombstone-style public notice is intended to be a limited, factual identification of the offering and participants, not sales copy. To stay in that lane, the communication should avoid hype and any call-to-action to buy, and it should include a clear legend that the offering is made only by the prospectus and how to obtain it.
Supervisory review of offering communications focuses on whether the content functions as a solicitation versus a limited public notice. A tombstone-style notice should stick to basic identifying information (for example, issuer, type of security, underwriters, and where the prospectus can be obtained) and should not include promotional statements, forecasts, “reasons to buy,” or language urging immediate action. When a message adds hype like “exciting growth story” or a call-to-action such as “request your allocation today,” it starts to look like selling and increases the risk it will be treated as impermissible offering promotion. The best supervisory control is to strip persuasive language and include a clear prospectus legend so investors are directed to the statutory disclosure document.
Topic: Broker-Dealer Supervision
A broker-dealer’s WSPs require that any change to trading-system code (including order-routing logic) be submitted through a ticketing tool, reviewed and approved by a designated supervisor who is not the developer, tested in a non-production environment, and then promoted to production with a record of the approver, date/time, and version.
Which systems and technology control function is the firm describing?
Best answer: C
Explanation: It describes controlled system changes with testing, approvals, and documented version history before production deployment.
The described process is a change management control designed to prevent unauthorized or untested system changes from affecting trading. Requiring independent review/approval, pre-production testing, and documented promotion to production are core SDLC elements that support supervision and auditability.
Change management (often part of SDLC controls) is a supervisory technology control that governs how production systems are modified. In the scenario, the firm uses ticketing, segregation of duties (developer vs. approver), testing in a non-production environment, and documented approvals/versioning before deployment. These elements help reduce operational and compliance risk by ensuring changes are authorized, tested, traceable, and reviewable during internal testing and regulatory examinations. Access reviews focus on who can use systems, audit-trail retention focuses on capturing business activity, and BCP/DR focuses on resilience and recovery rather than controlling day-to-day code releases. The key takeaway is that controlled, documented releases are change management.
Topic: Registration and Personnel Supervision
During a principal’s review of an applicant’s Form U4 and background information, which item is most clearly a “red flag” that should be escalated for additional verification and possible heightened supervision?
Best answer: A
Explanation: Multiple recent sales-practice complaints indicate potential ongoing conduct risk and warrant escalation, verification, and consideration of heightened supervision.
A pattern of recent customer complaints—especially those alleging sales-practice misconduct—is a strong indicator of potential repeat behavior and supervisory risk. A Series 24 principal is expected to treat this as a hiring red flag, escalate it for corroboration, and consider conditions such as heightened supervision before or after onboarding.
In hiring and registration, principals must look for indicators that an applicant may pose an elevated compliance or conduct risk. A cluster or pattern of recent customer complaints alleging sales-practice issues (for example, unsuitable recommendations, misrepresentations, or unauthorized trading) is a classic red flag because it can signal systemic behavior rather than an isolated event.
When this type of red flag appears, appropriate supervision typically includes:
By contrast, non-securities minor matters or well-documented benign explanations generally do not, by themselves, trigger heightened supervisory measures.
Topic: Broker-Dealer Supervision
A broker-dealer had a small loss from an operations employee who falsified wires. The firm’s Series 24 principal is updating the operational risk program and wants to rely more heavily on the firm’s fidelity bond to reduce exposure, while keeping additional control changes minimal due to budget constraints.
Which statement describes the primary risk/limitation the principal should focus on when using a fidelity bond in this way?
Best answer: A
Explanation: Fidelity bonds are insurance against certain dishonest acts, but they do not replace internal controls and may not fully reimburse all losses.
A fidelity bond is an operational risk tool that helps a broker-dealer absorb certain losses caused by employee dishonesty, such as theft or forgery. The key tradeoff is that it is risk transfer, not risk prevention, and coverage is subject to policy terms (limits, deductibles, and exclusions). Supervisory controls and monitoring still must address the root cause and reduce the likelihood of recurrence.
Fidelity bonds fit into operational risk management as insurance that can help offset losses from specified dishonest or fraudulent acts (often involving employees), but they are not a control framework. In this scenario, the principal’s goal (reduce exposure with minimal additional controls) creates a critical limitation: even with a bond in place, the firm can still suffer losses that are not covered or are only partially covered due to policy terms.
Effective supervision treats the bond as one layer in a broader program:
The key takeaway is that a fidelity bond can reduce severity of certain events, but it does not reduce event likelihood and will not eliminate all operational loss exposure.
Topic: Customer Activity Supervision
A broker-dealer’s AML program requires that, at least annually, a qualified party who is not involved in the day-to-day operation of the AML program evaluates the firm’s AML procedures, documents findings, and reports results to senior management. Which AML program component does this requirement describe?
Best answer: C
Explanation: This describes periodic, documented review by an independent party to assess AML program effectiveness and report findings.
The described requirement is the AML program’s independent testing component. It focuses on an objective, periodic assessment of whether AML policies, procedures, and controls are reasonably designed and working as intended, with documented results escalated to management.
AML rules require firms to maintain an AML program with core components, including independent testing. Independent testing means a qualified person or group—internal (but not involved in AML execution) or external—periodically evaluates the AML program’s design and implementation, documents the review, and reports findings to appropriate management for remediation and oversight. This is distinct from the AML officer role (ongoing administration), training (educating personnel on responsibilities and red flags), and CIP (identity verification at account opening). The key feature in the scenario is independence from day-to-day AML operations combined with periodic, documented evaluation and reporting.
Topic: Investment Banking Supervision
In a research analyst’s public appearance (for example, a TV interview or webinar) discussing a subject company, which statement best describes the required conflict disclosures and how a principal supervises compliance?
Best answer: A
Explanation: Public appearances require timely disclosure of material conflicts, and principals must have and enforce WSPs to ensure and document consistent compliance.
Research analysts must provide conflict disclosures when they make public appearances about a subject company, not just in written research. The firm’s supervisory obligation is to maintain and enforce written procedures that reasonably ensure those disclosures are made consistently, with oversight and documentation.
A “public appearance” by a research analyst is treated as a research communication for conflict-disclosure purposes. The analyst must disclose material conflicts relevant to the subject company (covering both the analyst and the firm) in a timely manner in the same medium so the audience can evaluate potential bias.
A principal supervises this by implementing and enforcing WSPs reasonably designed to ensure consistent compliance, such as pre-appearance guidance/training, required disclosure scripts or legends, post-event attestations, and periodic surveillance/testing with appropriate recordkeeping and escalation when disclosures are missed. Key takeaway: disclosures are appearance-specific and must be supervised like other research-related communications.
Topic: Trading Supervision
A firm’s equity trade reporting exception report shows that over the past week, a desk reported a recurring group of OTC trades several minutes after execution. Traders say they “got busy” after a recent workflow change, and there is no documented system outage.
As the trading supervisor, what is the best next step?
Best answer: D
Explanation: A principal should first confirm the late reports against execution records, determine whether the cause is process or system-related, document corrective actions, and implement/testing ongoing controls.
Timely transaction reporting is a core market integrity control because trade reports drive public transparency and regulatory surveillance. A principal’s first supervisory step is to verify the late-reporting exceptions against reliable execution records, determine whether the cause is a process failure or system issue, and document corrective action. After remediation, the firm should enhance monitoring/testing and assess whether escalation or self-reporting is warranted based on the facts.
Transaction reports are expected to be submitted promptly (typically within very short timeframes) because they support accurate price/volume dissemination and regulator surveillance. Late reporting can distort the market’s view of trading activity and undermines the audit trail used to detect manipulative trading, best-execution problems, or reporting abuses.
Given repeated late reports with no outage documentation, the supervisor should follow a control-driven sequence:
Premature closure or “fix-forward only” responses fail to address regulatory risk and control effectiveness.
Topic: Customer Activity Supervision
A broker-dealer is revising its WSPs for supervising customer communications. The firm uses (1) a standardized outbound telemarketing script to solicit retail prospects, (2) a template email campaign sent to thousands of retail customers, (3) one-to-one emails from registered reps to fewer than 25 retail customers in a 30-day period, and (4) an institutional slide deck used only with institutional investors.
Which supervisory approach is NOT appropriate?
Best answer: C
Explanation: Retail telemarketing scripts must be principal-approved before first use; recording and later sampling is not a substitute.
Standardized retail telemarketing scripts are treated as retail communications and generally require registered principal approval before being used. Recording calls and performing later sampling may supplement supervision, but it does not replace the required pre-use approval for the script itself. The other items described can be supervised through appropriate pre-use approval or risk-based post-review, depending on their communication category.
The key supervisory decision is whether the communication is one that requires principal pre-approval before first use versus one that may be supervised through risk-based post-review and surveillance. Standardized scripts used to solicit retail prospects are retail communications and are subject to pre-use approval by an appropriately registered principal; firms cannot substitute “we record everything and review later” for that initial approval.
By contrast, a template mass email to retail customers is also retail communication and should be pre-approved. One-to-one communications to a limited number of retail recipients (correspondence) and institutional communications typically do not require principal pre-approval, but they still require supervision under WSPs, including review and retention using a risk-based approach. The takeaway is that post-review controls are common for correspondence and institutional materials, but retail scripts and retail campaigns generally require pre-use principal approval.
Topic: Investment Banking Supervision
When a broker-dealer is participating in an offering, which supervisory control best describes how a principal should oversee the timing and audience for distributing a related research report?
Best answer: A
Explanation: A research principal must control pre-distribution approval and prevent selective or improperly timed dissemination that could condition the market during an offering.
During an offering, research distribution must be supervised to avoid improper promotion and selective dissemination. The key control is principal review/approval before release and procedures that govern when the report may be released and to whom, consistent with applicable offering-related limitations. Disclosures alone do not address timing and audience restrictions.
The core supervisory concept is that research is not just “marketing”; it is a regulated communication that must be controlled to prevent selective dissemination and improperly timed research that could be used to condition the market during an offering. A research principal’s supervision therefore focuses on (1) pre-distribution review/approval of the research report under the firm’s research procedures and (2) distribution controls that ensure the report is released only when permitted and is not provided selectively to a favored subset of clients or to support the underwriting effort. Typical controls include distribution lists/entitlement controls, controls over drafts, and documentation of approvals and release timing. The key takeaway is that supervision is about approval plus controlled, compliant distribution—not relying on disclosures or using investment banking to circulate drafts.
Topic: Broker-Dealer Supervision
Which statement is most accurate about a broker-dealer’s personal trading controls designed to reduce the risk of misuse of material nonpublic information (MNPI)?
Best answer: B
Explanation: Combining reporting, restricted/watch lists, pre-clearance/blackouts, and surveillance creates both preventive blocks and detective monitoring that reduce MNPI misuse risk.
A reasonable MNPI-risk control framework uses both prevention and detection. Restricted/watch lists and pre-clearance/blackouts help prevent trading in names where the firm may have MNPI, while routine transaction/holdings reporting and surveillance help detect problematic patterns and support escalation and remediation. This combination is stronger than relying on a single control or employee self-reporting.
Personal trading supervision is designed to prevent and detect employee trading that could be influenced by MNPI the firm receives through investment banking, research, syndicate, sales/trading, or customer activity. A high-level, risk-based framework typically includes:
Relying on only one element (like a restricted list or employee attestations) leaves gaps in both prevention and detection.
Topic: Customer Activity Supervision
A firm’s surveillance flags that a representative recommended a variable annuity exchange to a retail customer (age 67) and entered “income needs” as the rationale. The customer later complained the rep never discussed surrender charges, a new 7-year surrender period, or higher fees, and the customer’s file lacks notes comparing the old and new annuity features. As the assigned Series 24 principal, what is the best next step to supervise this recommendation under Reg BI and suitability expectations?
Best answer: C
Explanation: A principal should first gather and assess evidence of a best-interest basis for the exchange, then document conclusions and take remediation/escalation steps as warranted.
The principal’s next step is to complete a documented supervisory review focused on whether the exchange recommendation had a reasonable, best-interest basis for this customer. That requires collecting missing comparison information, confirming what was discussed with the customer, and evaluating costs, surrender periods, and benefits. Only after those facts are established should the principal remediate, impose restrictions, or escalate as appropriate.
Reg BI (and suitability concepts embedded in supervisory systems) requires firms to supervise recommendations so they are in the retail customer’s best interest and supported by a reasonable basis, including consideration of costs and reasonably available alternatives. Annuity exchanges are a common heightened-risk area because they can add surrender periods and fees, so principals should not “clear” an alert based only on signed forms.
A sound next-step workflow is:
Premature refunds or external reporting before completing the internal fact-finding can be inappropriate and may miss the root supervisory issue.
Use the Series 24 Practice Test page for the full Securities Prep route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Review weak areas with the Series 24 Cheat Sheet , then continue with the complete Securities Prep route from the FINRA Series 24 Practice Test page.