Compliance Briefing — FINRA Regulatory Notice 20-08 on pandemic business continuity

FINRA issued Regulatory Notice 20-08 outlining expectations for member firms’ pandemic business continuity plans, supervisory controls, and remote work supervision during COVID-19. Broker-dealers must document how they maintain critical operations, supervise displaced personnel, and satisfy regulatory obligations while invoking BCPs.

Zeph Tech Research Lead

Research lead, Zeph Tech

1 publication timestamps supporting this briefing. Source data (JSON)

Executive briefing: FINRA reminded broker-dealers to activate and document business continuity plans for COVID-19 disruptions. The notice addresses remote supervision, branch inspection postponements, and communications surveillance when staff work from alternative locations.

Why it matters

Supervisory obligations: Firms remain responsible for supervising associated persons even when employees work remotely.
Regulatory relief conditions: FINRA allows temporary relief for branch inspections and Form U4 amendments but expects firms to document their reliance.
Customer protection: Continuity plans must safeguard customer access, fund transfers, and records during pandemic operations.

Operator actions

Document BCP activation: Record when BCPs are invoked, affected offices, and interim supervisory arrangements.
Remote supervision controls: Ensure trade surveillance, electronic communications review, and exception reporting remain active for displaced staff.
Deferred inspections: Track branches relying on inspection relief and schedule follow-up examinations once on-site visits resume.

Timeline plotting source publication cadence sized by credibility. — 1 publication timestamps supporting this briefing. Source data (JSON)

Horizontal bar chart of credibility scores per cited source. — Credibility scores for every source cited in this briefing. Source data (JSON)

Visit pillar hub

Latest guides

Third-Party Risk Oversight Playbook — Zeph Tech
Operationalize OCC, Federal Reserve, EBA, and MAS outsourcing expectations with lifecycle controls, continuous monitoring, and board reporting.
Compliance Operations Control Room — Zeph Tech
Implement cross-border compliance operations that satisfy Sarbanes-Oxley, DOJ guidance, EU DORA, and MAS TRM requirements with verifiable evidence flows.
SOX Modernization Control Playbook — Zeph Tech
Modernize Sarbanes-Oxley (SOX) compliance by aligning PCAOB AS 2201, SEC management guidance, and COSO 2013 controls with data-driven testing, automation, and board reporting.

Why it matters

Operator actions

Related briefings

HHS issues limited HIPAA waiver during COVID-19 emergency

Compliance Briefing — FinCEN outlines BSA expectations during COVID-19 disruptions

Compliance Briefing — HHS OCR eases HIPAA enforcement for telehealth

PCI SSC permits remote assessments during COVID-19 disruptions

EDPB outlines GDPR rules for COVID-19 data processing

Continue in the Compliance pillar

Latest guides