Every year, FINRA publishes its examination priorities letter. Most compliance officers read it once, flag it for the file, and move on. That's a mistake. In our experience working with mid-size broker-dealers and investment advisers, the firms that treat that letter as a live preparation checklist finish examinations faster, with fewer follow-up document requests, and almost no deficiency findings. The ones that treat it as background reading spend the week before an examination scrambling.
This guide walks through how to extract a real preparation workflow from FINRA's examination framework, what documentation examiners typically request across the areas they focus on most, and a 90-day timeline for getting your house in order before an examination cycle begins.
Here's the thing: FINRA's annual examination priorities letter is not an academic document. It is, functionally, a study guide. When FINRA says examiners will focus on a particular area, that means examiners will arrive at your firm expecting to see documented supervisory systems, evidence of reviews, and written supervisory procedures (WSPs) that are current and actually followed.
The most productive thing you can do after the letter drops is build a matrix: left column lists each priority area FINRA named, right column lists the specific documentation you would need to produce if an examiner walked in today. Not what you plan to have. What you have right now. That gap between the two columns is your preparation list.
Recent FINRA examination priorities have consistently emphasized a handful of areas. None are surprises. All require documentation that takes more than a day to assemble if you haven't been maintaining it continuously.
Cybersecurity has been in the examination priorities letter for several years running. Examiners typically look for a written information security program, evidence that it was tested in the past 12 months (penetration test or vulnerability assessment), and documented procedures for responding to a security incident. What they commonly request: the incident response plan itself, logs showing who reviewed it and when, and any vendor due diligence records for technology providers with access to customer data.
Common deficiency: the firm has a security policy document, but there is no evidence of annual review, no sign-off by a responsible principal, and no training records showing staff were informed of the policy. Policy without evidence of implementation is the pattern examiners flag most often.
Anti-money laundering programs are a perennial priority. FINRA examiners focus on whether the firm's AML program is reasonably designed for the firm's specific business model, not a generic template downloaded five years ago. They look at: suspicious activity reporting (SAR) decisions and documentation, customer identification program (CIP) procedures, and whether the independent annual AML test was actually independent and actually occurred.
In our tracking, the most common deficiency in AML examinations is not a missing procedure. It's a procedure that doesn't match what the firm actually does. The written program says one thing; the transaction monitoring alert workflow does something else. That disconnect is easy for an examiner to find and hard to explain away.
Order routing practices and best execution reviews have received heightened examiner attention. Firms are expected to conduct regular best execution reviews across the security types and venues they use, with documented conclusions. Not a form with blanks filled in. Documented conclusions that explain why the routing decisions made served customer interests.
Examiners typically request: best execution committee meeting minutes, order routing reports, and any analysis of payment for order flow (PFOF) arrangements if applicable. If your firm has not run a formal best execution review in the past 12 months, that should move to the top of your preparation list.
Supervision of digital communications, social media, and electronic records has been a consistent focus area. Examiners want to see that the firm has a process for reviewing communications, that the process is documented in the WSPs, and that there is evidence it is actually being followed. They commonly request supervisory review logs, records of any flagged communications, and the training materials used to inform registered representatives of their obligations.
Short fragments matter here. Missing logs. Incomplete review records. Undocumented approvals. Those are the patterns that drive deficiency findings in this area. Not bad content, usually. Missing documentation of the review process.
OBA and private securities transaction supervision requires a documented review and approval process. Examiners look for written requests from associated persons, documented firm review, written approvals or denials, and ongoing supervision where approval was granted. The deficiency pattern is predictable: disclosures were received but there's no evidence of a substantive review or a formal approval decision.
For firms with margin or options business, examiners focus on whether supervision is commensurate with the risks, whether suitability or appropriateness standards are being applied, and whether the firm is catching outliers. They commonly request exception reports, supervisory review records, and evidence that escalations were handled appropriately. Approximately 40% of options-related deficiency findings in recent FINRA examination findings reports relate to documentation of the options account approval process. That's a specific, addressable problem.
FINRA publishes an annual report on examination and risk monitoring findings. It's underused. The firms we've worked with that read the findings report as a forward-looking document, not a retrospective one, have consistently had fewer surprises in their own examinations.
The logic is simple: if FINRA found a pattern of deficiencies at other firms in a particular area, examiners arriving at your firm will be primed to look for the same pattern. The findings report is telling you where to pre-empt the question. If the report says firms are failing to document their supervisory review of social media posts, your preparation list should include a review of your own social media supervision documentation before the examiner asks for it.
Fact: firms that conduct a systematic review against published examination findings before their examination cycle begin reduce document request response times by a measurable margin. The reason is simply that the documents are already located, organized, and current, rather than being assembled under time pressure.
This is the framework we walk firms through when an examination cycle is approaching. Adjust timing based on your firm's size and the scope of the expected examination.
| Phase | Days | Focus |
|---|---|---|
| Diagnostic | Days 1-30 | Pull current WSPs for every priority area. Identify gaps between written procedures and actual practice. Run a mock document request against each priority area. |
| Remediation | Days 31-60 | Update outdated WSPs with principal sign-off. Conduct any overdue reviews (best execution, AML test). Locate and organize documentation that exists but is not centralized. |
| Pre-examination | Days 61-90 | Run a full document inventory against the FINRA examination priorities letter. Assign ownership for each document category. Brief relevant staff on examination protocols. |
The diagnostic phase is where most firms discover that the gap isn't knowledge or intention. It's documentation. The firm has been running an AML review process, but the records are in three different systems and no one has mapped them to the written program in two years. That's a fixable problem. But it takes more than a day to fix.
Regulatory intelligence tools change where attention goes in this process, not whether the process is necessary. If your firm is monitoring FINRA rule updates, risk alerts, and examination findings in a structured way, the diagnostic phase in that 90-day timeline shrinks considerably. You already know which WSPs haven't been updated since a rule change, because the system flagged the gap when the rule changed, not when an examiner asked about it.
Honestly, the biggest efficiency gain isn't in the pre-examination sprint. It's in the maintenance work between examinations. Firms that maintain continuous alignment between their written procedures and current FINRA requirements don't face 90-day preparation timelines. They face 2-week document assembly timelines. That's the actual gap examination preparation technology closes for mid-size firms.
Practical note: the firms that handle FINRA examinations most smoothly aren't the ones with the most sophisticated compliance programs. They're the ones whose documentation is current, organized, and maintained by a defined owner. Examiners know the difference between a program that was built for the examination and one that was built to run the business.
If your firm hasn't reviewed its WSPs against the most recent FINRA examination priorities letter, that review is your starting point. Not a policy refresh project. Not a new technology implementation. A line-by-line check of whether your current documentation would answer the questions an examiner is likely to ask, in the areas FINRA has said examiners will focus on.
Simple as that. Then you'll know what you're actually preparing for.
Ruleward tracks FINRA rule updates, risk alerts, and examination findings in one place, so compliance officers at mid-size firms can spend less time monitoring and more time preparing. Request a demo to see how it works.