FINRA Rule 3280: Private Securities Transactions of an Associated Person

FINRA Rule 3280, “Private Securities Transactions of an Associated Person,” regulates how associated persons of FINRA member firms engage in Private Securities Transactions (PSTs). It outlines requirements for disclosure, approval, recordkeeping, and supervision.

Below is everything to know about FINRA Rule 3280.

What is FINRA Rule 3280?

FINRA Rule 3280 governs the requirements that associated persons of FINRA member firms must follow if they participate in private securities transactions (PSTs). The rule requires that associated persons provide written notice to their firms before participating in any PST. In the written notice, the associated person must describe in detail:

  • The proposed transaction
  • Their proposed role in the transaction
  • Whether any “selling compensation” from the transaction has been or may be received

If selling compensation is involved, the firm, upon receiving written notice, must approve or disapprove the person's participation in the proposed transaction in writing. Approved transactions must be recorded in the firm’s books and records and supervised as if executed on behalf of the firm.

If disapproved, the associated person must not participate in any manner.

For PSTs without compensation, a single written notice may be provided. Upon receipt, the firm must issue “prompt written acknowledgment” of the notice and may, at its discretion, “require the person to adhere to specified conditions in connection with his participation in the transaction.”

Key definitions under FINRA Rule 3280

Private securities transaction (PST)

A securities transaction outside the regular scope of an associated person’s employment. Excludes:

  • Transactions subject to Rule 3210
  • Family member transactions without compensation (as defined under FINRA Rule 5130)
  • Personal investment company or variable annuity transactions

Selling compensation

Includes any compensation connected to a securities transaction, such as:

  • Commissions
  • Finder’s fees
  • Securities or acquisition rights
  • Profit participation or tax benefits
  • Expense reimbursements

Who does FINRA Rule 3280 apply to?

FINRA Rule 3280 applies to all associated persons of FINRA member firms who participate in PSTs, including registered and non-registered individuals.

Best practices for FINRA Rule 3280 compliance

FINRA’s 2024 regulatory oversight report highlights numerous practices firms can use to mitigate PST risk:

  • Questionnaires: Require detailed, open-ended questionnaires with regular attestations at onboarding and periodically thereafter
  • Due diligence: Interview the registered person, review social media and other publicly available sources, to identify potential PSTs
  • Monitoring: Watch for performance or lifestyle changes indicating PST activity
  • Crypto-related activities: Screen for indicators of undisclosed crypto-related PSTs during reviews of electronic correspondence
  • Affiliate activities: Assess whether associated persons’ activities with affiliates, especially self-offerings, may implicate FINRA Rule 3280
  • Training: Conduct training on PST disclosure obligations during onboarding and periodically thereafter
  • Disciplinary actions: Enforce sanctions — including heightened supervision, fines, or termination — for failure to notify or get approval for PSTs

Related questions to consider:

FINRA’s 2024 regulatory oversight report additionally provides a checklist of questions for member firms to consider as they are implementing best practices:

  • What methods does the firm use to identify individuals involved in undisclosed PSTs?
  • Does the firm’s written supervisory procedures explicitly state when and how to notify the firm of a proposed PST?
  • Does the firm require associated persons to complete questionnaires and attestations regarding their potential involvement in PSTs? If yes, how often?
  • Does the firm consider the regulatory considerations and characteristics of crypto assets when reviewing crypto asset-related PSTs?
  • Does the firm record PSTs for compensation on its books and records, including PSTs involving new or unique products and services?
  • How does the firm supervise and document activities that are PSTs for compensation, including those involving crypto asset securities?
  • What training and guidance does the firm provide associated persons, during onboarding and periodically thereafter, regarding potential engagement in PSTs?

Penalties for FINRA Rule 3280 violations

Violations of FINRA Rule 3280 can result in serious consequences, including:

  • Significant monetary fines (amount varies depending on the sale value)
  • Suspension or expulsion from association with any FINRA member firm

What is the current status of FINRA Rule 3280?

In Regulatory Notice 25-05, FINRA said it is considering a proposed new rule to “streamline and reduce unnecessary burdens” concerning the existing requirements that address the outside activities of member firms’ associated persons.

According to FINRA, the proposed rule is the result of a retrospective review of FINRA Rule 3280 and FINRA Rule 3270, “Outside Business Activities of Registered Persons.” The new rule would replace both these rules with one consolidated rule “to enhance efficiency without compromising protections for investors and members relating to outside activities.”

The comment period ended May 13, 2025. The proposed rule is still under consideration by FINRA.

How Smarsh helps firms comply with FINRA Rule 3280

Smarsh offers a comprehensive communications platform that can help FINRA member firms fulfill their obligations under Rule 3280, including:

  • Capture and archive it all: Capture and store all firm-related communications securely, supporting timely audits and supervisory reviews.
  • AI-powered communications surveillance: Monitor email, chat, and other electronic communication platforms to detect patterns, red flags, and key terms associated with PSTs and selling compensation.
  • Custom alerts and reporting: Real-time alerts can be configured to flag high-risk keywords or anomalies in communication patterns.
  • Integrated workflow management: The Smarsh Platform supports compliance workflows, enabling easy documentation of approvals, acknowledgments, and supervisory oversight activities.

By leveraging the Smarsh Platform, firms can reduce regulatory risk, improve efficiency, and demonstrate proactive adherence to FINRA Rule 3280.

Related FINRA resources

  • Regulatory Notice 21-25: FINRA Continues to Encourage Firms to Notify FINRA if They Engage in Activities Related to Digital Assets
  • Regulatory Notice 18-08: FINRA Requests Comment on Proposed New Rule Governing Outside Business Activities and Private Securities Transactions

Resources related to proposed FINRA rule

  • Attachment A: Text of proposed rule change
  • Attachment B: Flowchart illustrating the proposed rule text
  • Attachment C: A series of hypothetical questions and answers indicating how Rules 3280 and 3270 currently apply compared to how the proposed changes would apply

Smarsh, Inc. assumes no liability for the accuracy or completeness of this information. Please consult with an attorney for specific information on specific rules and regulations and how they apply to your business.

  • Back to Regulations & Laws

Contact Us

Tell us about yourself, and we’ll be in touch right away.