Self-Regulatory Organization (SRO) Compliance

Self-regulatory organizations occupy a distinctive tier in the United States compliance landscape, operating as privately constituted bodies granted delegated authority to establish and enforce rules binding on their members. This page covers how SRO compliance functions, which industries rely on it, how member obligations differ from direct federal regulation, and where SRO frameworks intersect with statutory mandates. Understanding this layer of compliance is essential for financial firms, broker-dealers, securities exchanges, and other entities operating under dual regulatory structures.

Definition and scope

A self-regulatory organization is a non-governmental entity authorized by federal statute to regulate its own members through rule-making, examination, and disciplinary procedures. In the United States, SRO status is formally recognized under the Securities Exchange Act of 1934, Section 15A, which defines "registered securities association" requirements, and Section 6, which governs national securities exchanges. The U.S. Securities and Exchange Commission (SEC) oversees registered SROs and must approve their rules before those rules take effect (SEC, Self-Regulatory Organizations).

The largest and most prominent SRO in U.S. securities markets is the Financial Industry Regulatory Authority (FINRA), which regulates more than 3,400 broker-dealer firms and approximately 620,000 registered representatives as of figures published in FINRA's 2023 Annual Financial Report. The Municipal Securities Rulemaking Board (MSRB) functions as the SRO for municipal securities dealers and advisors. National securities exchanges such as the New York Stock Exchange (NYSE) and Nasdaq also carry SRO status and maintain their own listing standards and member rules.

SRO jurisdiction is bounded by subject matter and member status. A firm becomes subject to an SRO's rules by registering as a member — membership is often a precondition for conducting regulated business, making it effectively mandatory even though no federal statute directly compels registration with a given SRO. For context on how these obligations fit within broader financial compliance requirements, SRO membership creates an independent compliance layer on top of, not instead of, SEC or Commodity Futures Trading Commission (CFTC) obligations.

How it works

SRO compliance operates through four discrete structural phases:

1. Rule adoption: The SRO proposes rules through an internal process, submits them to the SEC (or applicable federal overseer), and the rules undergo a public comment period before SEC approval under 17 CFR Part 240, Rule 19b-4. Emergency rule changes may take effect immediately but require post-hoc SEC review.

2. Member registration and qualification: Firms and individuals register with the SRO, satisfy capital, qualification, and disclosure requirements, and complete required examinations. FINRA, for example, administers the Series 7 General Securities Representative Exam and more than 20 additional qualification exams.

3. Examination and surveillance: SROs conduct routine examinations of member firms, reviewing books, records, supervisory procedures, and trading practices. FINRA's examination program distinguishes between cycle examinations (scheduled based on firm risk profile) and cause examinations (triggered by complaints or detected irregularities). This mirrors broader compliance monitoring and testing frameworks common across regulated industries.

4. Enforcement and discipline: When violations are found, SROs initiate formal disciplinary proceedings. Sanctions include fines, suspensions, bars from the industry, and expulsion from membership. FINRA's sanction guidelines, published in its Sanction Guidelines, provide adjudicators with principal consideration factors and ranges by violation type. Final disciplinary decisions by FINRA are subject to SEC review and, thereafter, federal court appeal.

Common scenarios

SRO compliance issues arise in predictable categories across member firm operations:

Supervision failures represent one of the highest-frequency violation categories in FINRA enforcement. Member firms are required under FINRA Rule 3110 to establish and maintain a supervisory system reasonably designed to achieve compliance with applicable securities laws. Gaps in written supervisory procedures, unreviewed electronic communications, or inadequate branch office oversight routinely generate formal disciplinary actions.

Suitability and best interest obligations became more complex after the SEC's Regulation Best Interest (Reg BI) took effect in June 2020, establishing a care obligation, disclosure obligation, conflict-of-interest obligation, and compliance obligation for broker-dealers. FINRA's enforcement of Reg BI is layered over its own legacy suitability rule framework, creating a compliance environment where firms must satisfy both sets of standards simultaneously.

Continuing education requirements under FINRA Rule 1240 mandate that registered persons complete Regulatory Element training annually and that firms administer a Firm Element training program tailored to the firm's business activities and the roles of covered persons.

Municipal advisor compliance under MSRB Rule G-44 requires municipal advisors to establish supervisory and compliance policies — a direct analog to broker-dealer supervisory structures but tailored to municipal securities advisory activities.

Decision boundaries

Distinguishing SRO compliance obligations from direct federal regulatory obligations requires attention to jurisdictional scope and rule hierarchy.

SRO rule vs. federal statute: SRO rules cannot conflict with federal statutes or SEC regulations. Where a conflict exists, the statute or SEC rule governs. SRO rules may be, and often are, more restrictive than the federal baseline.

SRO vs. state regulation: SROs operate under federal law and generally preempt state securities regulation for covered activities under the National Securities Markets Improvement Act of 1996 (NSMIA). State-registered investment advisers, however, fall outside FINRA's jurisdiction entirely, meaning the SRO layer does not apply to that population.

Dual registration scenarios: A firm registered as both a broker-dealer and an investment adviser faces FINRA jurisdiction over its broker-dealer activities and SEC or state jurisdiction over its advisory activities, with no single SRO governing the combined entity as a whole. The compliance officer responsibilities in dual-registration contexts therefore require parallel program structures.

Exchange-listed company vs. exchange member: Companies listed on NYSE or Nasdaq must comply with listing standards (an SRO function) but are not "members" of the exchange in the same sense as broker-dealers. Listing standards govern corporate governance, audit committee composition, and disclosure timing; they do not subject listed companies to the full scope of member conduct rules.

References

• Securities Exchange Act of 1934, Sections 6 and 15A — GovInfo
• SEC — Self-Regulatory Organizations Overview
• FINRA — 2023 Annual Financial Report
• FINRA — Sanction Guidelines
• FINRA — Rule 3110 (Supervision)
• FINRA — Rule 1240 (Continuing Education)
• MSRB — Rule G-44 (Supervisory and Compliance Obligations)
• 17 CFR Part 240, Rule 19b-4 — eCFR
• SEC — Regulation Best Interest (Reg BI)
• Municipal Securities Rulemaking Board (MSRB)