FINRA AI Guidance and Communications Rules
FINRA did not write new rules for AI. The existing supervisory, communications, and recordkeeping rule book already applies — and FINRA's 2026 report confirms firms are not keeping up.
The Core FINRA AI Document — Regulatory Notice 24-09
On June 27, 2024, FINRA issued Regulatory Notice 24-09, titled "FINRA Reminds Member Firms of Their Supervisory Obligations Related to Their Use of Generative Artificial Intelligence and Large Language Models."
The Notice made one thing explicit — existing FINRA rules apply to AI just as to any other technology. No new AI-specific rules. No relief from existing supervisory, communications, recordkeeping, or suitability obligations when the work is done by AI. Firms must evaluate Gen AI tools prior to deploying them and ensure continued compliance across the deployment lifecycle.
Why FINRA Did Not Issue New Rules
The existing rule architecture is technology-neutral — and that is exactly why it bites
Supervision
Applies whether the supervised conduct involves humans or AI. The firm is responsible for both.
Why it matters: Chatbot interactions treated as correspondence subject to supervision and recordkeeping.
Communications With the Public
Governs the content of communications regardless of who or what produced them. AI-generated client communications must be fair, balanced, and based on principles of fair dealing.
Why it matters: Firms are responsible for all communications, including AI-generated.
General Books and Records
Captures all required communications, AI-generated or not. Parallel to SEC Rule 17a-4.
Why it matters: See /financial-services-industry/ai-recordkeeping-finance/.
Best Interest
Applies to recommendations whether they come from a registered representative or an AI-assisted tool the representative used.
Why it matters: Care obligation and conflict-of-interest obligation both apply to AI-assisted recommendations.
Rule 2210 — Communications With the Public
Rule 2210(d) requires that all retail communications be based on principles of fair dealing and good faith, be fair and balanced, and provide a sound basis for evaluating any security or service.
This standard applies identically whether content is human- or AI-generated. Under Notice 24-09, firms are responsible for all communications, including AI-generated communications — meaning hallucinated, misleading, or non-compliant AI output remains the firm's regulatory liability the moment it goes to a client.
Chatbots and Rule 3110
An individual chatbot interaction with a retail investor is generally treated as correspondence under Rule 3110
Each Session Is a Recordkeeping Object
Retained under Rule 4511, accessible for examination.
Why it matters: Bot transcripts must export into the firm's books-and-records system.
Supervisory Review Obligation Applies
Risk-based sampling, prohibited-content screens, escalation triggers — all the apparatus that exists for human correspondence applies here too.
Why it matters: Bot supervision needs the same surveillance plumbing as rep correspondence.
From Establishing Applicability to Flagging Operational Shortfalls
FINRA's 2025 and 2026 Annual Regulatory Oversight Reports trace the trajectory
What Firms Need to Demonstrate
Seven artifacts a FINRA examiner asking about AI will typically want
Written AI evaluation framework
How the firm evaluates AI tools before deployment, per Notice 24-09.
AI inventory
Every tool, every use case, every supervisory owner.
Communication supervision under 2210
Where AI-generated content enters the supervisory review queue, who approves, what audit trail exists.
Chatbot supervision under 3110
Retention plan, sampling methodology, prohibited-content screens.
Recordkeeping under 4511
AI prompts and responses retained per the rule's requirements.
Reg BI controls
Where AI assists in recommendations, how suitability and best-interest analysis is documented.
Vendor due diligence
Reg S-P alignment with AI vendors as service providers.
FINRA AI Guidance — FAQ
What is FINRA Regulatory Notice 24-09?
FINRA Regulatory Notice 24-09, issued June 27, 2024, reminds member firms that existing FINRA rules apply to AI tools just as to any other technology. There are no new AI-specific rules and no relief from existing supervisory, communications, recordkeeping, or suitability obligations. The Notice requires firms to evaluate Gen AI tools before deployment and ensure continued compliance across the lifecycle.
Does FINRA Rule 2210 apply to AI-generated client communications?
Yes. Rule 2210(d) requires all retail communications be fair, balanced, and based on principles of fair dealing — and Notice 24-09 makes clear that 'firms are responsible for all communications, including AI-generated communications.' AI-drafted client letters and market commentary must flow through the firm's existing 2210 pre-publication review.
Are chatbot interactions FINRA correspondence?
FINRA has stated that an individual chatbot interaction with a retail investor would generally be treated as correspondence under Rule 3110, subject to supervision and recordkeeping. Each chatbot session is a recordkeeping object under Rule 4511 and is subject to the firm's correspondence supervisory regime.
What does FINRA's 2026 Annual Regulatory Oversight Report say about AI?
The 2026 Annual Regulatory Oversight Report (December 2025) warned that 'member firms use of generative artificial intelligence is outpacing the controls, documentation and supervisory frameworks needed to manage the technology risks.' It identified summarization and information extraction as the most common GenAI use case and flagged gaps in documented procedures around when human review is required.
Related Resources
Continue across the silo or bridge to a core hub
SEC AI Enforcement
The Delphia line and the 2025–2026 exam priorities
Read article →AI Recordkeeping (17a-4 and 4511)
The technical retention layer Notice 24-09 references
Read article →Shadow AI in Financial Services
Why unsanctioned AI use creates the 2210 and 3110 supervisory gaps
Read article →AI Observability and Compliance
Audit logs and surveillance plumbing for 2210 and 3110 supervision
Read article →Governed AI Platform Checklist
Platform features that map to FINRA's 7-artifact exam expectation
Read article →Build a FINRA-Ready AI Supervisory Framework
Free Shadow AI Assessment audits your 2210 review queue, your 3110 chatbot supervision, your 4511 retention plan, and your Reg BI documentation for AI-assisted recommendations.