Most broker-dealers and dual-registrant banks didn't wait for regulatory clarity before deploying AI. They started with productivity tools, moved to customer-facing applications, and are now sitting in examinations where FINRA staff are asking questions the firm's compliance team hasn't fully answered. That's where examination findings come from.
FINRA has been deliberate about this. Rather than writing new AI-specific rules, the organization has made clear that existing rules apply to AI-assisted workflows the same way they apply to human-executed ones. FINRA Rule 3110 requires firms to supervise the activities of their associated persons. When an AI tool produces a customer communication, generates a trade recommendation, or assists with a suitability analysis, the supervision obligation extends to that output.
FINRA Regulatory Notice 24-09 does not create new rules. It maps existing obligations onto AI use cases: supervision under Rule 3110, books and records under Rules 4511 and 4512, communications with the public under Rule 2210, and suitability and best interest obligations under Regulation Best Interest. If your firm cannot demonstrate how these rules are satisfied when AI is in the workflow, the examination conversation will be difficult.
The Supervision Problem Cloud AI Creates
FINRA Rule 3110 requires firms to establish and maintain a system to supervise the activities of each associated person. For AI-assisted workflows, supervision requires that someone at the firm can review what the AI produced, understand how it produced it, and determine whether the output was appropriate. That review has to be documented.
Cloud-based AI creates a supervision gap at the point where the output is generated. The model is a black box running on external infrastructure. Firms can review the output, but not the reasoning, the source data the system used, or how the model weighted inputs in that specific interaction. For FINRA staff asking how a firm supervised an AI-generated suitability analysis, "we reviewed the final output" isn't a satisfying answer.
When AI runs inside the firm's own network, the reasoning process is logged and available for review. Compliance staff can see what source documents the system referenced, what the query was, what the output was. A cloud-based tool's output log doesn't give you that.
Books and Records: The Recordkeeping Exposure Most Firms Miss
FINRA Rules 4511 and 4512, along with SEC Rule 17a-4, require broker-dealers to preserve business-related communications in a format that is non-rewriteable and non-erasable. This requirement extends to electronic communications, including communications generated or assisted by AI.
If an AI tool generates a customer communication, that communication is a business record. If the AI tool's output influenced a trade or recommendation, the interaction that produced that output may itself be a record the firm is required to preserve. Cloud AI vendors differ significantly in how they handle retention, whether interaction logs are available to the firm, how long data is stored, and whether the storage format satisfies SEC Rule 17a-4's technical requirements.
The recordkeeping question has two parts. First: is the output being retained? Second: is the interaction that produced it being retained in a compliant format? Most firms can answer the first question. Far fewer have answered the second.
An AI system deployed inside the firm's network generates records that flow into the firm's existing recordkeeping infrastructure. The interaction log, the source documents referenced, and the output produced are all captured in the firm's own environment under the firm's own retention controls. There is no third-party vendor whose data retention policies determine whether the firm's records are compliant.
Regulation Best Interest and AI-Assisted Recommendations
Regulation Best Interest requires broker-dealers to act in the best interest of retail customers when making recommendations. When AI assists in generating or screening investment recommendations, the Reg BI obligation travels with the output. The firm cannot delegate its best interest obligation to an algorithm, and it cannot satisfy an examiner by pointing to the model's training data as a substitute for documented suitability analysis.
Any AI tool in the recommendation workflow needs to produce output that's explainable and traceable to the customer's documented profile. Generic model output that can't be tied to the specific customer's situation is a supervisory problem, not just a quality one.
Based on FINRA's published examination findings and Regulatory Notice 24-09, examination staff are focused on four areas: whether firms have written supervisory procedures that specifically address AI use cases; whether AI-generated communications are being retained as required; whether firms can demonstrate that AI outputs are reviewed by qualified personnel before acting on them; and whether customer data processed by AI tools is subject to appropriate access and security controls. Firms that cannot produce documented answers to all four will face findings.
Customer Data and Third-Party Risk
FINRA's third-party risk framework, combined with the SEC's expectations under Regulation S-P, requires firms to evaluate the data security practices of vendors who access customer information. Cloud AI tools that process customer queries are, by definition, receiving customer data. That creates a vendor risk management obligation that many firms have not fully addressed for their AI tools.
The due diligence required includes assessing data encryption, access controls, breach notification procedures, and data use policies. Cloud AI vendors use customer interaction data in ways that vary significantly by vendor and contract terms. Some use interaction data for model training. Some retain data for extended periods. Some provide inadequate contractual protection for non-public personal information under Regulation S-P.
When AI processes customer data inside the firm's network, the vendor risk management question changes materially. The firm's own security controls apply. Customer data does not reach a third-party processor. Regulation S-P's safeguards requirements are satisfied by the firm's existing information security program rather than by a vendor's contractual representations.
The Written Supervisory Procedure Gap
FINRA Rule 3110 requires firms to maintain written supervisory procedures. Those procedures need to reflect actual firm practices. If the firm is using AI tools in its workflows and the WSPs do not address how those tools are supervised, the firm has a documentation deficiency that examiners will find.
Updating WSPs for AI is mostly a process design problem. Someone needs to define who reviews AI outputs, what the review looks like, how exceptions are escalated, and what records are kept. That process needs to be in the WSPs, tested periodically, and actually enforced. Firms that can show a working supervisory workflow for AI are in a much better position at examination than firms still treating AI as outside the scope of that framework.
What a Defensible AI Deployment Looks Like Under FINRA Rules
A FINRA-defensible AI deployment for a broker-dealer or dual-registrant bank has four properties. The AI operates within documented supervisory procedures that get reviewed and updated. Every interaction is logged in enough detail to satisfy recordkeeping requirements. Customer data is handled under controls that satisfy Regulation S-P. And AI outputs that affect customers or recommendations are reviewed by qualified personnel before anyone acts on them.
None of this requires new regulations. Existing rules apply; FINRA's been clear about that. The question is whether a firm has worked through what those rules mean for AI before an examiner asks, or is figuring it out mid-exam. One of those situations is much more manageable than the other.
Walk into your next FINRA examination with answers ready.
Cognetryx deploys AI inside your firm's network with full audit logging, documented supervisory controls, and data handling that satisfies Regulation S-P by architecture. We can walk your compliance team through what an examiner would ask and what the system produces in response.
Book a Free AI Strategy Assessment →