SECURITIES REGULATION

SEC's Oversight of the Financial Industry Regulatory Authority

Report to Congressional Committees

November 2024

GAO-25-107723

United States Government Accountability Office

View GAO-25-107723. For more information, contact Michael E. Clements at (202) 512-8678 or ClementsM@gao.gov.

Highlights of GAO-25-107723, a report to congressional committees

November 2024

SECURITIES REGULATION

SEC’s Oversight of the Financial Industry Regulatory Authority

Why GAO Did This Study

FINRA, a self-regulatory organization, regulates more than 3,300 securities firms doing business with the public in the U.S. SEC oversees FINRA’s operations and programs.

Section 964 of the Dodd-Frank Wall Street Reform and Consumer Protection Act includes a provision for GAO to triennially report on specified aspects of SEC’s oversight of FINRA. GAO issued prior reports in May 2012 (GAO-12-625), April 2015 (GAO-15-376), July 2018 (GAO-18-522), and a sensitive report in July 2021 (GAO-21-576SU) that was followed by a public version in December 2021 (GAO-22-105367). 

This report examines the (1) extent to which SEC's oversight in fiscal years 2021–2023 included the areas specified in Section 964 and ways in which it incorporated changing risks, and (2) SEC’s steps to assess recent changes to its FINRA oversight.

GAO examined case files for SEC reviews of FINRA for fiscal years 2021–2023; reviewed SEC policies, procedures, and analyses; and interviewed SEC and FINRA staff.

What GAO Found

In fiscal years 2021–2023, the Securities and Exchange Commission (SEC) initiated 21 program inspections of the Financial Industry Regulatory Authority, Inc. (FINRA). These inspections covered eight of the 10 issue areas specified in Section 964 of the Dodd-Frank Wall Street Reform and Consumer Protection Act, including conflicts of interest management and transparency of governance. SEC covered the remaining two areas (former FINRA employees and advertising by FINRA members) in an inspection before 2021, and in a separate review in 2023, respectively. To identify changing risks and priorities for its inspections and examinations, SEC conducts annual planning that incorporates stakeholder input and assesses potential risks. SEC also identifies emerging risks through ongoing monitoring of FINRA, which includes its tips, complaints, and referrals process.

In 2022, SEC established new outcome-based performance measures and goals in response to a prior GAO recommendation. SEC reported meeting its performance goals. For example, SEC met its target for findings for which FINRA agreed to take corrective action.

This is a public version of a sensitive report GAO issued in July 2024. GAO omitted from this report information that SEC deemed sensitive.

 

 

 

 

Abbreviations
Dodd-Frank Act	Dodd-Frank Wall Street Reform and Consumer Protection Act
FINRA	Financial Industry Regulatory Authority, Inc.
FSIO	FINRA and Securities Industry Oversight
SEC	Securities and Exchange Commission
TRENDS	Tracking and Reporting Examination National Documentation System

November 12, 2024

The Honorable Sherrod Brown
Chairman
The Honorable Tim Scott
Ranking Member
Committee on Banking, Housing, and Urban Affairs
United States Senate

The Honorable Patrick McHenry
Chairman
The Honorable Maxine Waters
Ranking Member
Committee on Financial Services
House of Representatives

The securities industry is generally regulated by direct Securities and Exchange Commission (SEC) regulation and industry self-regulation with SEC oversight. Self-regulatory organizations, such as national securities exchanges and associations, perform much of the day-to-day oversight of the securities markets. SEC oversees self-regulatory organizations to ensure they carry out their regulatory responsibilities—for example, by conducting examinations to improve compliance, prevent fraud, monitor risk, and inform policy.

The Financial Industry Regulatory Authority, Inc. (FINRA) is a self-regulatory organization registered with SEC as a national securities association. It oversees all securities broker-dealers doing business with the public in the United States (more than 3,300 firms as of 2022).[1] FINRA writes rules to govern these firms and their representatives and examines for and enforces broker-dealer compliance with FINRA rules and federal securities laws. In addition, it conducts market surveillance on U.S.-listed equities and U.S.-listed options. Given the scope of FINRA’s regulatory responsibilities, ensuring that it carries out these responsibilities is critical to SEC’s mission to protect investors; maintain fair, orderly, and efficient markets; and facilitate capital formation.

Section 964 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) includes a provision for us to evaluate SEC’s oversight of national securities associations registered under Section 15A of the Securities Exchange Act of 1934, a provision that applies to FINRA.[2] Specifically, Section 964 identifies 10 areas of SEC’s oversight of FINRA for our review:[3]

1.     Governance of FINRA, including the identification and management of conflicts of interest.

2.     Examinations performed by FINRA, including the expertise of examiners.

3.     Executive compensation practices of FINRA.

4.     Arbitration services provided by FINRA.

5.     Reviews performed by FINRA of advertising by its members.

6.     Cooperation with and assistance to state securities regulators by FINRA.

7.     Use of funding to support FINRA’s mission, including the methods and sufficiency of funding, how FINRA invests funds pending use, and the impact of these aspects on FINRA’s regulatory enforcement.

8.     Policies on the employment of former employees of FINRA by regulated entities.

9.     Effectiveness of FINRA rules.

10.  Transparency of FINRA governance and activities.

Section 964 also specifies that we conduct the first of these reviews no later than 2 years after the enactment of the Dodd-Frank Act (which was in 2010) and every 3 years thereafter. We previously issued reports in 2012, 2015, 2018, and 2021.[4] The 2021 report reviewed SEC’s use of inspections and examinations to oversee FINRA.

This report examines the (1) extent to which SEC’s oversight has included the Section 964 areas since fiscal year 2021 and ways in which SEC incorporated changing risks into this oversight, and (2) steps SEC took to assess recent changes to its FINRA oversight.

This report is a public version of a sensitive report we issued on July 19, 2024.[5] The sensitive report’s first objective included information on specific examination and inspection topics. SEC deemed some of this information to be sensitive. Thus, this public report omits certain information related to SEC’s inspections and examinations of FINRA and the specific topics covered in those reviews. The sensitive report also included an objective describing specific findings from SEC inspections and examinations of FINRA, as well as information on the significance of those findings. SEC determined that such information is sensitive, and this report therefore omits it.

The sensitive report’s third objective included more detailed information on performance metrics and goals for SEC’s FINRA and Securities Industry Oversight (FSIO) program, which SEC determined to be sensitive information. Thus, some specific details about FSIO’s performance goals and metrics have been omitted from this public report. Finally, the sensitive report included an appendix describing the scope and findings of an inspection that SEC initiated in 2023. SEC determined that this information was sensitive, and this public report therefore omits that appendix. Although the information provided in this report is more limited, it uses the same methodology as the sensitive report for the objectives included.

To address our first objective, we reviewed case files for the 21 program inspections of FINRA that SEC initiated from fiscal years 2021 (when we completed our last review) through 2023.[6] The files we reviewed included materials such as scoping, planning, and closing memorandums; documentation of findings; and written correspondences between SEC and FINRA. To assess the extent to which these program inspections reflected the Section 964 areas, we reviewed SEC’s determinations of Section 964 coverage as recorded in its Tracking and Reporting Examination National Documentation System (TRENDS) database and confirmed the accuracy of those determinations in our independent review of the program inspection documentation.[7] We recorded and compared the results using a data collection instrument.

We also interviewed SEC and FINRA officials and reviewed documentation related to the annual priority planning process for program inspections conducted by FSIO. This documentation included FSIO’s risk-based planning framework, its strategic plans, and its inspections and oversight examinations plans.

To address our second objective, we reviewed documentation on policies and procedures FSIO implemented in fiscal year 2023 for categorizing and tracking findings from examinations and inspections. We also reviewed FSIO’s April 2024 analysis of its fiscal year 2023 findings and its new outcome-oriented performance measures and goals.[8] In addition, we interviewed SEC officials on FSIO’s development and implementation of its new policies and procedures, as well as its steps to assess selection and use of corrective action reviews (which follow up on previous findings).

We conducted this performance audit from July 2023 to July 2024 in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. We subsequently worked with SEC from July 2024 to November 2024 to prepare this public version of the original sensitive report. This public version also was prepared in accordance with those standards.

Background

SEC Oversight of FINRA

SEC oversees FINRA through its Division of Examinations and Division of Trading and Markets. The Division of Examinations administers SEC’s nationwide examination and inspection program for registered self-regulatory organizations, broker-dealers, transfer agents, clearing agencies, investment companies, and investment advisers. The Division of Trading and Markets monitors the securities market and provides oversight of the major securities market participants, including self-regulatory organizations (such as FINRA, credit rating agencies, and clearing agencies). Trading and Markets also oversees FINRA’s rulemaking process and reviews and approves or disapproves proposed FINRA rules on behalf of the Commission pursuant to delegated authority.[9]

Within the Division of Examinations, FSIO has responsibility for oversight of FINRA and of the Municipal Securities Rulemaking Board, a self-regulatory organization for the municipal securities market. The Division of Examinations’ mission is to improve compliance, prevent fraud, monitor risk, and inform policy.

FSIO’s oversight activities fall under six main categories:

·        Program inspections review FINRA operations and program areas. For example, fiscal year 2023 inspection topics included areas identified in Section 964 such as transparency and conflict of interest management.

·        Thematic oversight examinations review particular regulatory areas across a number of FINRA member firm examinations.

·        Broker-dealer oversight examinations review specific examinations that FINRA conducted of member firms. FSIO typically initiates an oversight examination based on a referral from the Division of Examinations’ Broker-Dealer and Exchange Examination Program. For example, this program may alert FSIO when an examination of a broker-dealer uncovers potential deficiencies FINRA did not identify during one of its own examinations. Other SEC offices or outside sources sometimes also make referrals.

·        Corrective action reviews are inspections intended to follow up on previously identified significant deficiencies and the status of FINRA’s corrective actions. FSIO has conducted corrective action reviews since fiscal year 2021. It initiates these reviews based on the findings’ level of significance and the appropriateness of a follow-up.

·        Tips, complaints, and referrals are allegations or statements of concern about suspected violations of securities laws or wrongdoing received by SEC. FSIO reviews those related to FINRA by evaluating facts and circumstances, conducting research, and assessing the underlying issue. The reviews may result in FINRA inspections or examinations or be used for inspection-planning purposes.

·        Monitoring meetings are held periodically with departments and program offices in FINRA. FSIO identifies specific topics for the meetings based on key risk areas. FSIO receives updates on the operations of the various FINRA programs and discusses with FINRA management current risks, known issues, and ongoing initiatives.

In addition, as part of its oversight function, SEC’s Division of Trading and Markets has a process for reviewing rules proposed by FINRA. During this process, SEC staff determine whether the proposed rule is consistent with the requirements of the Securities Exchange Act of 1934.

FSIO’s New Findings Categories and Performance Management

In December 2021, we recommended that SEC establish performance measures for FINRA oversight that reflect leading practices. We also recommended it develop policies and procedures for tracking, identifying, and communicating the significance of examination findings.[10] In June 2022, FSIO fully implemented these recommendations.

In doing so, FSIO began assigning each of its examination or inspection findings a level that indicates the significance of its impact. As of October 2022 (which was the beginning of fiscal year 2023), FSIO began using these levels in communications to FSIO management at the close of an examination or inspection. FSIO also has used the significance levels internally to track ongoing corrective actions and communicate to management, and as factors in its outcome-based performance measures.[11]

SEC’s Reviews of FINRA in Fiscal Years 2021–2023 Covered Areas Statutorily Specified in the Dodd-Frank Act

FSIO’s Oversight Activities Covered Areas Specified in the Dodd-Frank Act

We reviewed FSIO’s 21 program inspections of FINRA initiated in fiscal years 2021–­­­2023.[12] SEC is not required to cover each of the 10 issue areas listed in Section 964, but FSIO officials told us they try to address these areas and consider them during their annual priority planning process. We determined that FSIO covered eight of the 10 issue areas in those inspections (see fig. 1). FSIO covered one of the remaining Section 964 areas (employment of former FINRA employees) in an inspection initiated prior to fiscal year 2021 (and completed in fiscal year 2023).[13] It covered the other area (advertising by FINRA members) in a separate 2023 review.

SEC inspections most commonly addressed the Section 964 area relating to transparency of FINRA governance and activities (nine of 21 inspections).

Twelve of the 21 program inspections addressed multiple Section 964 areas. For example, one review covered four Section 964 areas: coordination with state securities administrators, funding, governance/conflicts of interest management, and transparency.

FSIO Has Incorporated Changing Risks into Its Oversight of FINRA

FSIO incorporates changing and emerging risks in its annual inspections and oversight examinations plan through its priority planning process and its ongoing monitoring of FINRA.

FSIO has used its priority planning process to identify risks and make decisions on the selection of topics for examinations and inspections in the upcoming fiscal year. FSIO leadership begins this process by soliciting input on potential priorities from other SEC divisions and offices, including the Trading and Markets and Enforcement divisions, other groups in the Division of Examinations, and FSIO staff and working groups. Based on input collected through this process, FSIO creates a final list of fiscal year priorities.

FSIO also incorporates changing and emerging risks into its oversight through its ongoing monitoring of FINRA, which includes responding to tips, complaints, and referrals.

To Assess Its Recent Changes, FSIO Analyzed Its FINRA Findings against New Performance Measures

To assess the use of its new significance levels for its FINRA inspection and examination findings, in April 2024 FSIO completed an analysis of its fiscal year 2023 findings and performance. The analysis compared those findings against FSIO’s new outcome-oriented performance measures and goals (see table 1).[14] In response to a GAO recommendation, in October 2022 FSIO implemented these measures and goals to improve and better assess its oversight of FINRA.[15]

Performance measures	Performance goals
Percentage of findings for which FINRA agreed to take corrective action to remedy or address findings at or above a specified significance level	Goal 1: FINRA agrees to take corrective action on a targeted percent of findings at or above a specified significance level.
Percentage of findings at or above a specified significance level for which FINRA implemented corrective action within a targeted time frame after committing to implement the corrective action.	Goal 2: FINRA implements corrective action on a targeted percent of findings at or above a specified significance level within a specified period of time from the date of FINRA’s response to the deficiency letter.
Percentage of inspections or oversight examinations initiated in response to FSIO’s risk-assessment process that resulted in findings at or above a specified significance level.	Goal 3: A targeted percent of inspections or oversight examinations identified through the risk-assessment process will result in findings at or above a specified significance level.

FINRA = Financial Industry Regulatory Authority, Inc.; FSIO = FINRA and Securities Industry Oversight

Source: Securities and Exchange Commission.  |  GAO‑25‑107723

The April 2024 analysis covered inspections and examinations for which FSIO sent a deficiency letter in fiscal year 2023.[16] The analysis reached the following conclusions:

·        FSIO met performance goals 1 and 3. FSIO’s analysis determined that FINRA agreed to remediate more than the targeted percent of findings for goal 1. Based on this, FSIO concluded that the target for goal 1 seemed appropriately set. FSIO’s analysis also showed that it met goal 3’s target for certain inspections and examinations resulting in findings. FSIO noted that staff would leverage additional data to inform the appropriateness of this goal’s target.

·        FSIO was unable to evaluate goal 2 because there were no findings at or above a specified significance level in fiscal year 2023. FSIO officials told us they expected such findings would be rare.

FSIO officials also said that once they have accumulated at least one more year of data, they plan to reassess the selection criteria for corrective action reviews, which include references to findings of a particular significance level.

FSIO officials noted that resource constraints are a factor determining how many reviews to conduct.

FSIO has taken steps designed to ensure its new significance levels for findings are applied consistently across examination teams. For instance, prior to implementing the significance levels, FSIO provided training to examiners on how to apply them. In addition, the examination team collectively discusses and assigns significance levels, according to officials, so that no single examiner makes a final determination.

Agency Comments and Our Evaluation

We provided a draft of this report to SEC for review and comment. In its written comments, reproduced in appendix I, SEC noted that it was pleased that the GAO report found that FSIO incorporated changing risks into its oversight of FINRA and that it analyzed FINRA findings against new performance measures. SEC also emailed comments that identified material that it determined to be nonpublic in three paragraphs of the draft report. We removed the sentences containing this material, which included details about FSIO’s priority planning process and its implementation of performance goals and measures.

If you or your staff have any questions about this report, please contact me at (202) 512-8678 or clementsm@gao.gov. GAO staff who made key contributions to this report are listed in appendix II.

Michael E. Clements
Director, Financial Markets and Community Investment

GAO Contact

Michael E. Clements at (202) 512-8678 or clementsm@gao.gov

Staff Acknowledgements

In addition to the contact named above, John Fisher (Assistant Director), Jason Wildhagen (Analyst in Charge), Harry Bernholz, Charlene Lindsay, Marc Molino, Barbara Roesmann, Jessica Sandler, and Farrah Stone made key contributions to this report.

GAO’s Mission

The Government Accountability Office, the audit, evaluation, and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO’s commitment to good government is reflected in its core values of accountability, integrity, and reliability.

Obtaining Copies of GAO Reports and Testimony

The fastest and easiest way to obtain copies of GAO documents at no cost is through our website. Each weekday afternoon, GAO posts on its website newly released reports, testimony, and correspondence. You can also subscribe to GAO’s email updates to receive notification of newly posted products.

Order by Phone

The price of each GAO publication reflects GAO’s actual cost of production and distribution and depends on the number of pages in the publication and whether the publication is printed in color or black and white. Pricing and ordering information is posted on GAO’s website, https://www.gao.gov/ordering.htm.

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.

Orders may be paid for using American Express, Discover Card, MasterCard, Visa, check, or money order. Call for additional information.

Connect with GAO

Connect with GAO on Facebook, Flickr, X, and YouTube.
Subscribe to our RSS Feeds or Email Updates. Listen to our Podcasts.
Visit GAO on the web at https://www.gao.gov.

To Report Fraud, Waste, and Abuse in Federal Programs

Contact FraudNet:

Website: https://www.gao.gov/about/what-gao-does/fraudnet

Automated answering system: (800) 424-5454 or (202) 512-7700

Congressional Relations

A. Nicole Clowers, Managing Director, ClowersA@gao.gov, (202) 512-4400, U.S. Government Accountability Office, 441 G Street NW, Room 7125, Washington, DC 20548

Public Affairs

Sarah Kaczmarek, Managing Director, KaczmarekS@gao.gov, (202) 512-4800, U.S. Government Accountability Office, 441 G Street NW, Room 7149
Washington, DC 20548

Strategic Planning and External Liaison

Stephen J. Sanford, Managing Director, spel@gao.gov, (202) 512-4707
U.S. Government Accountability Office, 441 G Street NW, Room 7814, Washington, DC 20548