RILAs, Social Media Influencers, and FINRA 2220

RILAs, Social Media Influencers, and FINRA 2220 Explore FINRA’s 2025 findings on RILAs, influencers, mobile apps, & AI. Discover compliance gaps and how Comma Compliance helps firms stay compliant. Apr 09, 2026 Apr 09, 2026 Jeremiah Church is a compliance nerd with over 20 years in Fintech and Compliance Software who believes complex problems should have simple fixes — and builds tech to make that happen. Jeremiah rilas-social-media-influencers-and-finra-2220

What is the difference between FINRA Rule 2210 and Rule 2220?

At a glance, FINRA Rule 2210 governs all communications with the public, whereas 2220 is a specialized rule that applies directly to options communications. This helps to add extra content and approval requirements specific to options products.

FINRA Rule 2210, or the Communications with the Public rule, describes 3 categories of written communications.

Correspondence
Retail Comms
Institutional Comms

(We go more in-depth with what to look out for if you’re a new firm in this blog on FINRA 2210.)

Rule 2220, the Options Communication Rule, oversees firms’ communications with the public when it comes to options. It’s like a niche-down version of 2210.

In its 2025 Annual Regulatory Oversight Report, FINRA highlighted several areas where firms continue to fall short in their communications and supervision practices. These deficiencies pose significant risks, potentially leading to financial penalties, reputational damage, and client mistrust.Overall, it showed that many retail communications about Registered Index-Linked Annuities (RILAs) poorly explain how the products & their key terms work, lack clear and prominent risk/fee disclosures, use exaggerated or misleading claims, and present improper hypothetical illustrations that go beyond simply showing how RILAs function. (A big no-no.)

What FINRA found in their 2025 Annual Regulatory Oversight Report

Let’s break down what FINRA found in a digestible way. FINRA discovered:

Inadequate Supervision of Firms’ Social Media Influencers.Firms either didn’t establish or didn’t enforce any systems to supervise influencer’s that were acting on the firm’s behalf. The example FINRA provided was that firms weren’t reviewing any of the influencers videos before they posted them on social media platforms. In other instances, they didn’t retain those videos - going back to the whole if it’s stated to the public, it needs to be archived.

False, Misleading, and Inaccurate Information in Mobile Apps:
- Misstating or failing to disclose the risk of loss associated with specific options transactions.
- Distributing false or misleading promotions via social media, such as those annoying push notifications on apps that made promissory claims. Others omitted material info.
- Within the mobile apps, firms failed to clearly and prominently disclose the risks associated with:
  - Options trading
  - Using margin
  - Crypto assets

Emerging Trend: Retail Communications Focused on RILAs

FINRA’s recent retail communications findings related to RILAs, include:
- Not explaining how RILAs actually work;
- Glossing over key RILA terminology (like cap rates or buffers).
- Not including risk disclosures
- Leaving out disclosures about fees or how they may change.
- Using exaggerated or misleading claims. For example, calling buffers “downside protection” in a way that over-hypes safety.
- Misusing hypothetical illustrations. FINRA found that firms showed future-looking performance, not the mechanics of how the product worked.

If you need a refresher on how RILAs work, you can access FINRAs Annuities Securities Products page.

Effective Practices suggestions:

FINRA also highlighted some “what good looks like” practices. Here’s the easy version:

Clear Procedures for Apps:

Firms need to have processes in place to ensure:

The info shown in the app is accurate, and
Any tools or features must comply with FINRA rules before being pushed to customers.

Mobile apps count as communications with the public, so everything in them must follow 2210 and any other applicable rules.

Better Oversight of Digital Comms

Firms should have reasonably designed, enforceable procedures for supervising all digital channels. That includes:

Monitoring New Tools & Features

Stay on top of new channels (like new social platforms, app features, or messaging tools) that reps or customers could use.

Tailored Supervision

Supervision shouldn’t be one-size-fits-all. Reviews should match the specific risks and features of each channel/app.

Rules for Video Content

Develop policies for live streams, recorded presentations, video blogs, etc. These must be reviewed and supervised like any other public appearance.

Training

Provide mandatory training before reps can access approved digital channels—covering what they can say, how they can say it, and which features are allowed.

Disciplinary Action

If reps violate communication rules, firms should:

Limit their access,
Require retraining, or
Block certain channels or features until compliance improves. (But, from a realistic perspective, banning apps doesn’t typically have the intended consequences.)

Using Generative AI (Gen AI) Technology:

FINRA also addressed the growing use of AI in communications. Firms should:

Review any AI-assisted content to make sure it follows all securities laws and FINRA rules. (Let’s be real, ChatGPT is our friendly neighborhood hallucinator when it comes to regulations and rules.)

Properly supervise AI chatbots used with investors and retain transcripts as required.

Be accurate when talking about AI tools. Don’t oversell what AI can do, and always balance benefits with risks. If you’re curious about Comma’s perspective on AI, you can reference our blog that Sasha wrote here - but suffice it to say we want to ensure that AI is used in a smart way. It’s called artificial intelligence, not artificial common sense.

Communications About Securities Lending Programs

When promoting things like fully paid securities lending programs, firms must clearly explain:

How the program works,
What customers earn,
Any fees or conditions, and
The actual terms of the income or sharing arrangement.

No vague or incomplete descriptions. Investors need to understand what they’re signing up for.

The themes in FINRA’s report paint a clear picture: investor communications are becoming more digital, more dynamic, and more complex and supervision has to evolve right alongside them. RILAs, influencers, mobile apps, and AI may seem like separate issues, but they all point to the same underlying challenge: firms need communication programs that are flexible, technology-aware, and built to scale.

That’s exactly where Comma Compliance comes in. We help firms modernize their communications oversight by combining practical compliance expertise with tools designed for the way people actually communicate today - across social platforms, apps, videos, and emerging AI technologies. Whether you’re refining your 2210/2220 processes, tightening your review workflow, or building policies for new digital channels, Comma provides the structure, support, and clarity you need to stay compliant without slowing down your business.

Jeremiah Church is a compliance nerd with over 20 years in Fintech and Compliance Software who believes complex problems should have simple fixes — and builds tech to make that happen.