Section 3 Understanding Trading, Customer Accounts and Prohibited Activities

Suitability and Communications

20 min read · Lesson 8 of 10

About This Lesson

Suitability and communications rules are where a registered rep's day-to-day obligations live. The SIE tests the technical rules here, and also the spirit behind them.

What you'll cover

  • Reg BI's four obligations: Disclosure, Care, Conflict of Interest, and Compliance
  • Form CRS: what it contains and when it must be delivered (and re-delivered)
  • What actually counts as a recommendation under Reg BI
  • The investment-profile factors a firm must understand before recommending
  • The three communications categories: retail, correspondence, and institutional
  • Telephone solicitation rules: the 31-day registry check and the 8 AM to 9 PM window

Reg BI is heavily tested, and the most-missed twist is that "Fiduciary" is not one of the four obligations. The four are Disclosure, Care, Conflict of Interest, and Compliance; the fiduciary standard belongs to investment advisers, not broker-dealers.

In this chapter ~20 min · 7 concept checks
Section 1 of 4 ~5 min · 1 concept check

Know Your Customer and Suitability

Before a firm can judge whether an investment fits a customer, it has to actually know that customer. Two layers sit underneath every recommendation.

FINRA Rule 2090 (Know Your Customer) requires a firm to use reasonable diligence to learn the essential facts about each customer, who they are, their financial situation, and their objectives, and to keep that information current.

Knowing the customer is what makes a suitable, best-interest recommendation possible. The firm builds an investment profile from a set of factors and weighs any recommendation against that whole picture rather than any single number. The factors that make up the profile are below.

Investment Profile Factors: What You Must Know About Your Customer

Under Reg BI, a firm must have a reasonable basis to believe a recommendation is in the customer's best interest based on their full investment profile:

FactorWhy It Matters
AgeAffects time horizon and risk tolerance (retirees need more stability)
Investment objectivesGrowth, income, preservation, speculation, determines product type
Risk toleranceHow much volatility/loss the customer can handle psychologically and financially
Time horizonShort-term needs ≠ long-term investments
Liquidity needsIf customer needs cash soon, illiquid products (DPPs, annuities) are unsuitable
Financial situationIncome, net worth, existing holdings, tax situation
Investment experienceSophisticated products inappropriate for novice investors
Other investmentsConcentration risk, don't recommend more of what they already hold heavily
🎯 Scenario: Suitability Analysis
Scenario Walkthrough
👤 Client: Patricia Reeves, 72, Retired High School Teacher
Patricia visits your office seeking advice for her $200,000 retirement savings: her primary income source alongside Social Security. She mentions wanting "better returns" because a friend told her about high-yield bond funds. She has no investment experience and says she "can't afford to lose this money."
Step 1 of 4
✅ Scenario Complete
  • Reg BI (June 2020) requires broker-dealers to act in the customer's best interest, stronger than the old suitability standard.
  • Evaluate the whole customer profile: objectives, risk tolerance, time horizon, liquidity needs, financial situation, and experience.
  • Compensation cannot drive recommendations. Placing your financial interest ahead of the client's violates Reg BI.
  • What a client wants isn't always what's suitable. The rep has a duty to recommend what's appropriate for the client's actual profile.
Concept Check

Under FINRA Rule 2090 (Know Your Customer), a broker-dealer must:

FINRA Rule 2090 requires broker-dealers to use reasonable diligence to know the essential facts about every customer, including their identity, financial situation, and investment objectives.
Section 2 of 4 ~7 min · 3 concept checks

Regulation Best Interest

🌎 Why This Matters
Regulation Best Interest (Reg BI) took effect in June 2020, raising the bar for every recommendation a broker-dealer makes. It was the SEC's answer to years of debate about whether brokers should be held to the same standard as fiduciary investment advisers. Whether you agree with how it landed or not, Reg BI now governs every client interaction you'll have, and it's heavily tested on the SIE.

Reg BI took effect in June 2020 and raised the bar above the old "suitability" standard: a broker-dealer must act in the best interest of a retail customer at the time it makes a recommendation. The rule breaks into four obligations, and the SIE expects all four by name.

1. Disclosure Obligation

Give the customer Form CRS and disclose the material facts about the relationship, the services offered, the fees, and any conflicts of interest, before or at the time of the recommendation.

2. Care Obligation

Use reasonable diligence, care, and skill. The firm weighs the potential risks, rewards, and costs against the customer's profile, considers whether a less costly or less risky alternative would do, and concludes the recommendation is in the customer's best interest, not merely "suitable."

3. Conflict of Interest Obligation

Maintain written policies to identify, disclose, and mitigate or eliminate conflicts, with specific attention to incentive compensation that could push a rep toward recommendations that are not in the customer's interest.

4. Compliance Obligation

Maintain written policies and procedures reasonably designed to achieve compliance with Reg BI as a whole.

One distinction the exam loves: this is not the fiduciary standard. That standard applies to investment advisers under the Advisers Act of 1940; broker-dealers answer to Reg BI.

Form CRS, the Client Relationship Summary, is the disclosure document the Disclosure Obligation centers on.

  • It runs a maximum of 2 pages for a standalone broker-dealer (up to 4 pages for a dual-registered firm that is also an investment adviser).
  • It is written in plain language, in a question-and-answer format.
  • It describes the services offered, the fees and costs, conflicts of interest, the legal standard of conduct, and any disciplinary history, and it links to Investor.gov.

Timing is the testable part. Form CRS goes to a retail investor at the beginning of the relationship (before or at the time of a recommendation), and again when the customer opens a new account, when the firm recommends an account-type change (say, brokerage to advisory), or on request.

Every Reg BI obligation hinges on one trigger: a recommendation. A conversation that never rises to a recommendation does not require Form CRS, the Care Obligation, or the rest. The line between education and recommendation is one of the most-tested, and most-missed, distinctions on the exam.

The test: specific, tailored, call to action

A communication is a recommendation when it is a specific, tailored call to action aimed at a particular customer, something a reasonable person would read as a suggestion to take (or avoid) a specific investment action, shaped to that customer's situation rather than offered as general information. Miss any one of the three (specific, tailored, call to action) and it usually is not a recommendation.

These are recommendations

  • "Based on your retirement timeline, you should buy this bond fund."
  • A hold recommendation. Telling a customer to keep something they already own counts, "doing nothing" is still advice if you advised it. Students miss this one constantly.
  • "Let's convert your brokerage account to a managed advisory account." An account-type-change recommendation triggers Reg BI and a re-delivery of Form CRS.
  • "You should roll your 401(k) into an IRA." A rollover recommendation is a Reg BI recommendation.

These are not

  • General education: explaining how a Roth IRA differs from a Traditional IRA, or how bond prices move with rates.
  • General market commentary: "The Fed raised rates this morning."
  • Unsolicited orders: if the customer directs the trade themselves, executing it is not a recommendation.
  • Product menus: listing the funds available without steering toward any one of them.

Watch for the trap where a rep calls something education but is really steering one customer toward one action. The label does not matter, that is still a recommendation.

Concept Check

Which of the following is NOT one of the four obligations under Regulation Best Interest (Reg BI)?

The four obligations under Reg BI are: Disclosure, Care, Conflict of Interest, and Compliance. "Fiduciary" is NOT one of them, the fiduciary standard applies to investment advisers under the Investment Advisers Act of 1940, not to broker-dealers under Reg BI.
Concept Check

A registered representative makes a recommendation that is in the customer's best interest but also happens to benefit the rep through higher compensation. Under Regulation Best Interest:

Under Reg BI's Conflict of Interest Obligation, firms must identify, disclose, and mitigate (or eliminate) conflicts of interest. A conflict does not automatically make a recommendation impermissible, the firm must have policies to address it. If the recommendation is genuinely in the customer's best interest AND the conflict is properly disclosed and managed, it can be permissible.
Section 3 of 4 ~4 min · 2 concept checks

Communications with the Public

FINRA Rule 2210 sorts every firm communication into three categories, each with its own approval and filing rules. The dividing line between the first two is a head count of retail investors in any 30-day period.

TypeDefinitionPre-Use ApprovalFINRA Filing
Retail Communication Distributed to more than 25 retail investors in any 30-day period Required by a registered principal before use Within 10 business days of first use (some types require pre-filing)
Correspondence Distributed to 25 or fewer retail investors in any 30-day period May be reviewed after the fact per firm procedures Only on FINRA request
Institutional Communication Distributed only to institutional investors Not required (but the firm must supervise) Only on FINRA request

So exactly 25 retail investors is correspondence; it takes 26 or more to make it a retail communication. Whatever the category, the content standards are the same:

  • Fair, balanced, and not misleading, with a sound basis for evaluating the facts.
  • No projecting future performance and no guaranteeing results.
  • Risks disclosed prominently whenever returns are discussed.
  • Social-media posts count as communications and follow the same rules.

Do-not-call rules

Cold-calling is hedged with timing and list rules. A firm must keep its own internal do-not-call list, must check the National Do-Not-Call Registry at least every 31 days before cold-calling, and may only call consumers between 8:00 AM and 9:00 PM in the consumer's local time zone.

Exceptions, when a call is still allowed

Even a number on a do-not-call list can be called when there is an existing business relationship (within 18 months of the customer's last transaction, or 3 months of an inquiry), when the customer has given written permission, or when the caller is a tax-exempt nonprofit.

Regulation S-AM

Separately, Reg S-AM gives customers a reasonable chance to opt out of marketing solicitations that are based on information a firm receives from its affiliates.

Concept Check

A firm sends a research report to 30 retail investors. Under FINRA Rule 2210, this is classified as:

Any written communication distributed to more than 25 retail investors within a 30-calendar-day period is classified as retail communication. It requires pre-use approval by a registered principal and must be filed with FINRA within 10 business days of first use.
Concept Check

An investor calls a registered representative at 9:30 PM on a weekday. Under FINRA telephone solicitation rules, may the rep make cold calls at this time?

FINRA/FTC telephone solicitation rules prohibit cold calls to residential consumers outside of 8:00 AM to 9:00 PM in the consumer's time zone. 9:30 PM is after the 9:00 PM cutoff. Note that existing customers may be called based on the business relationship exception, but new cold-call solicitations are restricted to the 8 AM to 9 PM window.
Section 4 of 4 ~4 min · 1 concept check

AI and Firm Supervision

✅ Updated for 2026
This lesson reflects the latest FINRA rule changes, including the new $300 gift limit (Rule 3220, effective March 30, 2026), AI supervision guidance (Regulatory Notice 24-09), and Reg S-P 2024 amendments. Our content is current as of March 2026.

FINRA's rules are technology-neutral: they apply the same whether a firm relies on human judgment, a spreadsheet, or an AI model. As firms adopt AI, the SIE has begun testing familiar supervision concepts wrapped in an AI scenario.

Regulatory Notice 24-09 made the point explicitly, existing rules already cover AI and generative AI. There are no separate "AI rules." A few principles follow from that:

  • Supervision (Rule 3110): a firm's supervisory system has to be reasonably designed for its business, so a firm using AI tools must govern, test, and monitor them.
  • Communications: anything an AI produces and sends to customers is still subject to Rule 2210, fair, balanced, not misleading, and reviewed under the same procedures as human-written content.
  • Third-party tools: using a vendor's AI does not outsource the compliance obligation; the firm stays responsible for supervising it.
  • Recordkeeping: AI-generated business communications must be captured and retained like any other.
  • "AI washing": overstating a firm's use of AI (claiming decisions are "AI-powered" when they are not) is an anti-fraud violation, and the SEC has brought cases over it.

AI also widens the cybersecurity threat surface, deepfakes that impersonate staff or clients, synthetic identities used to open fraudulent accounts, and more convincing AI-driven phishing, so firms' security programs have to keep pace.

AI on the SIE, What to Expect

Don't expect questions about AI technology. Expect questions that test existing supervision and communications rules using AI as the scenario wrapper. For example:

"A firm uses an AI tool to draft personalized investment recommendations that are automatically emailed to clients. Under FINRA rules, these communications must meet which content standards?"

The answer applies the same Rule 2210 communications framework you already know, the AI part is just the context, not a new rule. Think: same rules, modern scenario.
Concept Check

A FINRA member firm uses a generative AI tool to automatically draft personalized research summaries that are emailed directly to retail customers. Under FINRA rules, these communications:

FINRA's rules are technology-neutral. AI-generated content sent to customers is subject to the same Rule 2210 (Communications with the Public) requirements as any other communication, it must be fair, balanced, and not misleading, and must be reviewed and approved under the firm's supervisory procedures. The method of creation (human or AI) does not change the regulatory obligation.
Summary Recap & exam traps

Chapter Essentials

Everything starts with knowing the customer. Rule 2090 (KYC) requires a firm to learn the essential facts about each customer, and Regulation Best Interest requires it to act in the customer's best interest at the time of a recommendation. Reg BI has four obligations, Disclosure, Care, Conflict of Interest, and Compliance, and "Fiduciary" is deliberately not among them (that standard belongs to investment advisers). The Disclosure Obligation runs on Form CRS: a 2-page (4 for dual-registrants) plain-language Q&A delivered at the start of the relationship and again on an account-type change. These duties only fire when there is a recommendation, defined as something specific, tailored, and a call to action; general education and unsolicited orders are not recommendations, but a hold recommendation is.

On the communications side, Rule 2210 sets three categories by a 30-day retail head count: retail communication (more than 25 retail investors, principal pre-approval, filed with FINRA within 10 business days), correspondence (25 or fewer), and institutional (institutional investors only). All must be fair, balanced, and not misleading, with no guarantees of performance. Cold-calling requires checking the National Do-Not-Call Registry every 31 days and calling only between 8 AM and 9 PM local time. And because FINRA's rules are technology-neutral, AI-generated content is supervised under the very same rules, there is no AI exemption.

Interactive: Suitability Matchmaker

Match investor profiles to suitable products, the same logic tested on the SIE.

Open Tool →
How to Pass the SIE Exam on Your First Try

The study plan, mindset, and proven tactics that first-time passers use.

Read Article →
Exam Traps to Watch

The reliable gotchas in this chapter:

"Fiduciary" is not a Reg BI obligation. The four are Disclosure, Care, Conflict of Interest, and Compliance. The fiduciary standard applies to investment advisers under the Advisers Act, not to broker-dealers.

Retail communication is more than 25 retail investors, not "25 or more." Exactly 25 is correspondence; it takes 26 to cross into retail. Retail communications need principal pre-approval and a FINRA filing within 10 business days.

A hold is a recommendation. Advising a customer to keep what they own triggers Reg BI just like a buy or sell. Specific plus tailored plus a call to action equals a recommendation, regardless of whether anyone trades.

An unsolicited order is not a recommendation. If the customer originates the trade, executing it does not trigger the Care Obligation. Education and product menus are not recommendations either.

Cold-call timing is 8 AM to 9 PM in the consumer's time zone, with the registry checked every 31 days. Watch for distractors like 10 PM or the caller's own time zone.

AI gets no special rule. FINRA is technology-neutral: AI-generated customer communications are reviewed under Rule 2210 exactly like human-written ones. "Generated by technology" is never an exemption.
Previous Next
Practice what you just learned

Test yourself with exam-style questions on this topic.

Practice Questions