FINRA Updates

What We Heard at FINRA’s AI Panel: Clarity May Be Future State, But Expectations Are Already Here

May 16, 2025by Tiffany Magri
subscribe iconSUBSCRIBE TO BLOG

Subscribe to the Smarsh Blog Digest

Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

As generative AI adoption accelerates across financial services, regulators are still figuring out how to respond. At FINRA’s 2025 Annual Conference, the panel Artificial Intelligence: Opportunities and Use by Member Firms offered valuable insight into where regulatory thinking stands today — and where it may be headed. Here are four key observations compliance leaders should keep top of mind.

Why it matters

Generative AI use cases in financial services are increasing. While regulators concede that there are not hard and fast rules against these tools, they do offer guidelines that align with their long-established recordkeeping and supervisory requirements.

1. Clarify the recordkeeping risk: What FINRA isn’t saying yet

One of the panel’s most frequently raised questions was: Is AI-generated output considered a record? The answer remains uncertain. FINRA confirmed that its Office of General Counsel has submitted this question to the SEC, but no formal guidance has been issued.

In the meantime, FINRA expects firms to:

  • Assess how AI-generated content — such as client summaries, investment recommendations, or internal memo — fits into existing supervisory systems
  • Determine whether those outputs fall under books and records obligations
  • Document policies for AI tool usage, storage and oversight

2. Supervision requires visibility — even when AI is involved

FINRA emphasized that existing supervisory obligations under Rule 3110 still apply, even in AI-enhanced workflows. Supervision must be reasonable, which includes:

  • Pre-use testing and validation
  • Ongoing monitoring of tool behavior
  • Human oversight of AI-generated outputs

This raises an important consideration: How do you supervise content that is generated dynamically and may not be retained?

While the panel did not directly state this, it strongly implied a key takeaway: supervision depends on visibility, and that visibility often begins with capture. Firms using generative AI tools to support drafting, summarization, or performance messaging should consider whether outputs need to be retained to satisfy supervisory expectations.

3. AI tools don’t get a regulatory pass

Regulatory expectations are technology-agnostic. As emphasized in FINRA Regulatory Notice 24-09, compliance obligations apply based on how a tool is used — not what it is.

When generative AI is used in a manner that supports or influences regulated communications, supervision, or investment decisions, firms must apply relevant rules, including:

The tool may be new, but the expectations are not.

4. Don’t mistake regulatory patience for permanence

The panelists noted that regulators are still in an “education phase” when it comes to AI oversight. Enforcement isn’t the immediate priority, but that can change quickly.

Firms should take this moment to evaluate their generative AI use cases, implement controls, and consider capturing relevant outputs. As with the SEC’s off-channel communications enforcement wave, if generative AI creates a compliance blind spot, firms may be held accountable — even if the rules haven’t formally changed.

Looking ahead

If your firm is experimenting with tools like Microsoft Copilot or other generative AI applications, now is the time to ask:

  • What are we generating
  • How is it being used
  • Can we supervise it effectively?

Want to explore how other firms are approaching generative AI governance and capture? Download our guide on AI or watch our latest webinar to go deeper.

featured guide icon

FEATURED GUIDE

Financial Services and Generative AI: Navigating a New Era of Innovation

How financial services firms are embracing — and governing — generative AI

Get Guide

Share this post!

Tiffany Magri
Latest posts by Tiffany Magri (see all)
Smarsh Blog

Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.

CONTACT US

FEATURED CONTENT

Ready to enable compliant productivity?

Join the 6,500+ customers using Smarsh to drive their business forward.

watch it work
CONTACT SALES

More Resources

finra washingtonDC q4 2022 event 650x330
What We Heard at FINRA’s AI Panel: Clarity May Be Future State, But Expectations Are Already Here
by Tiffany Magri
on May 16, 2025
Read more
featured img government building sillo
Cloud Archiving for State and Local Agencies
by Bill Tolson
on May 13, 2025
Read more
gtm ai assistant sdc pr carousel 875x425
Smarsh Connect 2025: Big Ideas, Bold Moves, and “We Got You”
by Sonya Duffin
on April 24, 2025
Read more

Contact Us

Tell us about yourself, and we’ll be in touch right away.