Financial Industry Regulatory Authority publishes 2025 Regulatory Oversight Report highlighting third-party risk, AI, extended hours trading and investment fraud

The Financial Industry Regulatory Authority has published its 2025 FINRA Regulatory Oversight Report, consolidating observations from its Member Supervision, Market Regulation and Enforcement programs to help member firms strengthen compliance. The report updates familiar focus areas such as cybersecurity and cyber-enabled fraud, communications with the public, and Regulation Best Interest and Form CRS, and adds new topics where FINRA has observed compliance gaps or emerging risks. Across 24 topics, the report links each area to relevant rules, summarizes noteworthy findings and effective practices observed during recent oversight activities, and points firms to additional resources. New content covers the third-party risk landscape amid increased cyberattacks and outages at vendors used by member firms; sales practice and Regulation Best Interest compliance for complex products such as registered index-linked annuities; extended hours trading including the overnight period of 8:00 p.m. to 4:00 a.m. ET; governance and risk considerations around artificial intelligence and generative AI tools; and an increase and evolution in investment fraud schemes where bad actors directly induce investors to move funds out of securities accounts. The report also addresses FINRA rules on the Remote Inspections Pilot Program and Residential Supervisory Location designation, and notes planned trade reporting enhancements to support reporting of fractional share quantities. FINRA said the report’s topics will be featured in related compliance and education resources during the year, including at the 2025 FINRA Annual Conference on May 13–15 in Washington, D.C.