FINRA's supervision rule establishes the supervisory system. The supervisory-control rule adds another layer: it requires the firm to test whether that system is actually working. Think of it as the "supervision of supervision."
Designated Principal
- Each firm must designate one or more principals who are specifically identified to FINRA
- These designated principals are responsible for establishing, maintaining, and enforcing a system of supervisory control policies and procedures
- This is a distinct role from the day-to-day supervisory principals under the general supervision rule
Exam Tip: Gotchas
The designated principal under the supervisory-control rule is a specific role identified to FINRA, not just any principal. The exam may test whether you know this is a distinct designation from routine supervisory principals.
Testing and Verification
The designated principal(s) must:
- Test and verify that the firm's supervisory procedures are reasonably designed to achieve compliance
- Where testing reveals gaps, create additional or amend existing supervisory procedures
- This is an active, ongoing obligation, not a one-time review
Exam Tip: Gotchas
The supervision rule = establish the supervisory system; the supervisory-control rule = test whether it works. The exam loves this distinction. Having procedures on paper (compliant with the supervision rule) is not the same as verifying they are effective (the supervisory-control test).
Annual Report to Senior Management
The designated principal(s) must submit a report to the firm's senior management at least annually. The report must include:
- A description of the firm's supervisory control system
- A summary of test results and significant identified exceptions
- Any additional or amended supervisory procedures created in response to the test results
Exam Tip: Gotchas
The annual report goes to the firm's senior management, not to FINRA directly. This is a common trap on the exam.
Enhanced Reporting for Large Firms
Firms with $200 million or more in gross revenue (per Financial and Operational Combined Uniform Single (FOCUS) report from the prior calendar year) must include additional content in the annual report:
| Standard Report (All Firms) | Additional Content ($200M+ Firms) |
|---|---|
| Description of supervisory control system | Tabulation of customer complaints and internal investigations reported to FINRA |
| Summary of test results and exceptions | Discussion of compliance efforts across six areas |
| Amended supervisory procedures |
The six compliance areas for large firm reporting:
- Trading and market activities
- Investment banking
- Antifraud and sales practices
- Finance and operations
- Supervision
- Anti-money laundering
Exam Tip: Gotchas
The $200 million threshold is based on the prior calendar year FOCUS report, not the current year. Also, the supervisory-control rule tests the supervisory SYSTEM, not individual trades or accounts. A firm can be supervision-rule compliant (has written procedures) but still violate the supervisory-control rule if it never tests whether those procedures actually work.