FINRA Rule 3110: Supervision Requirements & 2026 Updates

FINRA Rule 3110: Supervision Requirements & 2026 Updates Understand FINRA Rule 3110 with plain-language guidance on WSPs, inspections, and 2025 remote supervision updates — plus compliance best practices. Apr 03, 2026 Apr 03, 2026 Jeremiah Church is a compliance nerd with over 20 years in Fintech and Compliance Software who believes complex problems should have simple fixes — and builds tech to make that happen. Jeremiah finra-rule-3110-simplified

FINRA Rule 3110 Explained - A Practical Guide for Compliance Leads

You know what’snot my idea of a good time?

Trying to decode FINRA rules.

It’s easy to get lost in the fine print. So let’s break down what FINRA’s Rule 3110 actually means—without the legal headache. And let’s also figure out how to make sure you’re not just nodding at the rule but actually abiding by it.

If you’re responsible for supervision, Rule 3110 is your everyday rule book. Below, we translate the rule into tasks: build and maintain WSPs, assign qualified supervisors, review communications and trades, and inspect offices on the right cadence. We also cover the latest changes: what the Remote Inspections Pilot (3110.18) allows so you can update procedures and evidence your decisions. Start with the quick “What’s new” box, then dive into the section-by-section guide.

If you’re in financial services, you already know compliance isn’t just about checking boxes. It’s about avoiding fines, protecting your reputation, and keeping your name out of the headlines. And FINRA Rule 3110? That’s the one that keeps firms honest when it comes to supervision.

Here’s what it really means—minus the legalese (okay, maybe just a dash for flavor).

What is FINRA Rule 3110?

FINRA Rule 3110 requires broker-dealers to establish and maintain a supervisory system with Written Supervisory Procedures (WSPs) designed to ensure compliance with federal securities laws and FINRA regulations. At its core, the rule is about accountability: every firm must have a structured system to supervise its people and prevent compliance lapses

Think of it as a playbook that keeps operations aligned and reduces the risk of anyone freelancing their way into a regulatory mess.

Key Components of FINRA Rule 3110

Let’s break down the key pieces of the rule:

Written Supervisory Procedures (WSPs) Under FINRA 3110

These are the “how-to” guides your firm uses to keep people on track. Think of them as your compliance GPS—if they’re out of date or unclear, someone’s getting lost.

“Establish, maintain, and enforce written procedures… reasonably designed to achieve compliance.” — Rule 3110(b)(1)

Firms are also required to inspect and review business operations regularly to catch risks before they snowball. That means:

Annual reviews across the firm
Branch office inspections at least every three years—or more often if needed

Tip: How to Pick Your Branch Inspection Timeline

FINRA doesn’t just want you to inspect. It wants you to think about why you’re inspecting at a certain cadence. What to consider:

**Complexity of business**E.g. basic ETFs vs running complex derivatives trades
**Volume of activity**Is this a quiet office, or are you doing millions in trades weekly?
**Number of reps**More people = more potential issues = more oversight needed.
**History of issues**Any red flags, complaints, or past violations? Bump up the frequency.

And don’t forget—you’ve got to document all of this. FINRA doesn’t care if you’ve got an entire firm made up of people with eidetic memory. Document it.

Who’s Watching Who?

You’ve got to clearly designate supervisors—and they’ve got to be qualified. No one gets to supervise just because they’ve been around a while.

Also, Rule 3110 has something to say about independence:

“…prohibiting associated persons from supervising their own activities.” — Rule 3110(b)(6)(C)(i)

Rule 3110 flat-out bans people from supervising themselves. (That means no self-review, and no weird org charts where someone reports to the person they’re supervising. Sounds obvious—but in smaller firms, it can get complicated.

**Tip: What to Do If You Can’t Avoid Overlap**

If you absolutely can’t avoid a self-supervision setup, document it like your audit depends on it. Because it kind of does.

Make sure you spell out:

The size of your firm (e.g., you’re lean)
Why the overlap is necessary (exec wears many hats)
How you’re mitigating the conflict (outside consultants, extra oversight)\

Pro tip: Don’t just say “we’re small.” Say how you’re still keeping supervision effective and compliant. That’s what FINRA’s really looking for.

Review Everything: Inspection & Review Requirements in Rule 3110

Emails? Texts? No, that’s not a fax from 1998… Your rep just confirmed a deal via LinkedIn DMs. Are you covered?

If it’s business-related, it better be reviewed. Regularly.

And “reviewing everything” means more than just glancing at an inbox. It includes:

*Business emails and internal messages
*
Text messages and messaging apps (WhatsApp, iMessage, LinkedIn, etc.)
Forms and documents (yes, even physical ones)
Marketing materials—from social posts to mailers to PDFs
Client communications of any kind, wherever they happen

That’s where modern archiving tech (👋 you know, like CC) becomes a lifesaver. Your tools should cover the apps your team actually uses—and let you flag and review anything that could cause a problem.

Because reviewing isn’t about busywork—it’s how you catch issues before they catch up with you.

FINRA wants you watching for sketchy trades.

Your firm needs a process in place to catch trades that might involve things like insider trading or market manipulation—and not just in client accounts.

What kinds of accounts need to be monitored?

Your firm’s own accounts
Accounts where your employees have a stake or make trading decisions
Accounts tied to employees’ family members
Any other accounts you’re required to track under FINRA Rule 3210 (Yes, another rule…)

If something looks off? Investigate it. Fast.If a trade raises a red flag, you’re expected to look into it right away—don’t let it sit.

If you’re in investment banking, you’ve got reporting homework:

Every quarter, report any internal investigations that were opened
Within 5 business days of wrapping an investigation where a rule was broken, send a report to FINRA (including what happened, who was involved, what action you took, and if you referred it out to a regulator)

Tip: 📄 **What Your Report Should Include**When you complete an internal investigation and determine there was a violation, you’ve got five business days to send a detailed report to FINRA. That report should cover:

✅ A summary of *what happened
*
👤 Who was involved (names, accounts, roles—yes, even family members)
📆 When the investigation started and ended
📊 Which securities and trades were under review
🧾 What you did about it (disciplinary actions, process changes)
📤 And whether you reported it to other regulators (SEC, SROs, etc.)

Documentation or It Didn’t Happen

If you can’t show it, you didn’t do it. FINRA Rule 3110 demands detailed records of reviews and supervisory actions. That means archiving isn’t just nice to have—it’s mission-critical.

So if your system isn’t built to document, track, and store that information… you’re flying blind.

Why FINRA Rule 3110 Matters More Than Ever

Back when supervision meant checking the fax machine, life was simpler. But today, your team is texting on iPhones, closing deals on WhatsApp, and following up via LinkedIn.

FINRA Rule 3110 doesn’t care where the conversation happens—if it’s business-related, it needs to be captured, reviewed, and archived.

That’s why firms are rethinking their compliance stack—because outdated processes just can’t keep up.

What’s new for FINRA 3110?

Remote Inspections Pilot Program (Rule 3110.18)

FINRA Rule 3110.18 creates a voluntary Remote Inspections Pilot Program running July 1, 2024–June 30, 2027 that lets eligible firms satisfy Rule 3110(c)(1)(A)–(C) without on-site visits if they document a risk assessment and adopt written supervisory procedures for remote inspections, while firms not in the pilot must continue on-site inspections. (This is essentially a continuation of rule 3110.17, the COVID remote-inspection relief, which ended in June 2024.)

Putting It All Together

Rule 3110 isn’t trying to make your life harder—it’s trying to keep your firm out of trouble before it happens. That means building supervision systems that actually work in the real world—where reps use phones, not faxes, and messages that get lost in the abyss.

If your compliance process feels like the tail wagging the dog—overcomplicated, reactive, or duct-taped together—it’s time to rethink the tools you’re using.

Start by asking:

Are we supervising the channels our team actually uses?
Can we prove we’re reviewing and documenting key activity?
Do we have clear ownership for supervision (with no self-review loopholes)?

You don’t need to boil the ocean—just get the fundamentals right. We can help with that. And we’ll even keep the legalese to a minimum.

TL;DR

If you remember one thing about FINRA Rule 3110, make it this:

“Supervise smartly, document everything, and don’t let anything fall through the cracks.”

We help make that happen—without slowing your team down.

About the Author:

_Jeremiah Church has over 20 years of experience in compliance and financial technology, helping Fortune 500 banks and broker-dealers meet FINRA requirements. At Fiserv, one of the world’s largest financial services technology providers, he led a team responsible for online banking stability, supporting over 70 million users. He also managed core product development at VERO Inc., a FinTech serving credit unions and mid-sized banks. He is the founder of Comma Compliance._

Last updated: September, 2025. Reviewed periodically for accuracy as FINRA guidance evolves.

Resources:

FINRA Rule 3110 – full text

FINRA Rule 3110.18 – Remote Inspections Pilot overview

Jeremiah Church is a compliance nerd with over 20 years in Fintech and Compliance Software who believes complex problems should have simple fixes — and builds tech to make that happen.