Borrowing/Lending with Customers (FINRA 3240)

FINRA Rule 3240 generally prohibits registered representatives from borrowing money from or lending money to customers unless your firm’s written procedures allow it and the specific arrangement meets a narrow, rule-defined condition with required firm oversight and documentation (FINRA Rule 3240). To operationalize it, you need a clear pre-approval workflow, defined permissible scenarios, supervision under Rule 3110, and auditable records.

Key takeaways:

• Treat any rep–customer loan as prohibited unless it fits a defined exception and is approved under written procedures (FINRA Rule 3240).
• Build a single intake, review, decision, and monitoring process that ties directly to supervisory obligations (FINRA Rule 3110).
• Evidence quality is the difference between a “policy on paper” and a defensible control: approvals, rationale, and follow-up reviews.

The borrowing/lending with customers (finra 3240) requirement exists because personal loans between registered personnel and customers can create conflicts of interest, coercion risk, and suitability-like pressures that are hard to supervise after the fact. FINRA’s baseline expectation is straightforward: don’t allow it unless the firm has written procedures permitting it and the arrangement fits one of the rule’s specified conditions (FINRA Rule 3240). That makes this a “default deny” control area.

For a Compliance Officer, CCO, or GRC lead, the operational problem is repeatability. You need to (1) define what counts as borrowing/lending, (2) force requests into a controlled channel before money changes hands, (3) document why it is permissible under your procedures, and (4) supervise and retain evidence in a way that will stand up in an exam. The supervisory spine for all of this is your Rule 3110 program: written supervisory procedures (WSPs), designated reviewers, escalation triggers, and testing (FINRA Rule 3110).

This page gives requirement-level implementation guidance: who is covered, what controls to build, what artifacts to retain, and where exams usually get stuck.

Regulatory text

Rule requirement (operator version). FINRA Rule 3240 states: “No person associated with a member in any registered capacity may borrow money from or lend money to any customer unless the member's written procedures permit it and the arrangement meets one of the rule's specified conditions” (FINRA Rule 3240).

What that means you must do.

1. Write procedures that explicitly address rep–customer borrowing/lending. If your procedures are silent, the activity is effectively prohibited because the rule conditions include that the firm’s written procedures permit it (FINRA Rule 3240).
2. Define the permissible conditions and a decision process. The rule is framed as a prohibition with limited permitted scenarios; your WSPs must specify what those scenarios are at your firm and how approvals work (FINRA Rule 3240).
3. Supervise and evidence the control. Your WSPs, approvals, and ongoing supervision sit inside your broader supervisory system under FINRA Rule 3110 (FINRA Rule 3110).

Plain-English interpretation (what a rep can and cannot do)

• Default position: a registered person should not borrow from or lend to a customer.
• Only allowed if BOTH are true:
  1. your firm’s written procedures allow it; and
  2. the arrangement meets a condition specified by the rule (FINRA Rule 3240).
• Practical implication: “I didn’t know” is not a control. If reps can form customer relationships away from firm channels, you need detection plus an approval gate that is hard to bypass.

Who it applies to (entity and operational context)

Covered entities and people

• FINRA member broker-dealers must implement written procedures and supervision (FINRA Rule 3240; FINRA Rule 3110).
• Associated persons in any registered capacity are the individuals directly prohibited from borrowing/lending absent the rule’s requirements (FINRA Rule 3240).

Where it shows up operationally

• Advisory/rep-managed relationships with long-tenured customers
• Life events where customers offer or request financial help
• Messaging channels outside firm capture (text, personal email)
• Branch offices with high relationship concentration
• Representatives with outside business activity and overlapping personal networks

What you actually need to do (step-by-step)

Use this as your build sheet for the borrowing/lending with customers (finra 3240) requirement.

1) Make a policy decision: prohibit or permit-by-exception

• Option A: Prohibit all borrowing/lending with customers. This is simplest to administer and supervise. Your WSPs still need detection, escalation, and consequences for violations (FINRA Rule 3240; FINRA Rule 3110).
• Option B: Permit only under defined exceptions. If you allow exceptions, you must clearly define: eligible conditions, pre-approval steps, required documentation, and post-approval supervision (FINRA Rule 3240; FINRA Rule 3110).

Output: WSP section titled “Borrowing From or Lending to Customers (FINRA Rule 3240)” (FINRA Rule 3240).

2) Define what counts as “borrowing/lending” for your firm

Write plain definitions your reps and supervisors can apply:

• Loans (promissory note or informal IOU)
• Advances/repayments with an expectation of return
• “Temporary help” arrangements
• Personal guarantees, co-signing, or other credit support tied to the rep–customer relationship

Also define what is out of scope only if you can supervise it clearly; keep it tight so you don’t create loopholes (FINRA Rule 3240).

Output: Definitions section + examples/non-examples embedded in training and attestations (FINRA Rule 3110).

3) Build a mandatory pre-approval workflow (single front door)

You need a controlled intake channel that triggers before funds move.

Minimum workflow fields:

• Customer identity and account(s)
• Registered person identity
• Relationship context and how the customer is a “customer” of the firm
• Proposed terms (amount, repayment schedule, interest if any)
• Which rule-permitted condition is being relied on (mapped to your WSP language)
• Attestation: no funds have changed hands yet

Controls:

• Hard stop: “no pre-approval, no transaction.”
• Escalation: compliance review plus supervisor review; define who has approval authority (FINRA Rule 3110).
• Decision record: approve/deny with rationale and conditions.

Output: ticket/workflow record + approval memo or electronic approval trail (FINRA Rule 3240; FINRA Rule 3110).

4) Review and decision standards (what approvers must check)

Create a checklist that forces consistency:

• Does the request fit a permitted condition under your procedures (FINRA Rule 3240)?
• Conflicts: could this influence recommendations, account handling, or customer decisions?
• Vulnerable customer signals (financial distress, dependence on rep)
• Communications: ensure the customer did not feel pressured
• Supervision plan: what follow-up is required and who performs it (FINRA Rule 3110)

If denied, require:

• Written denial notice to the rep
• Remediation steps if money already changed hands (investigation + reporting path under your supervisory program) (FINRA Rule 3110)

5) Ongoing supervision after approval (if you permit exceptions)

Approvals are not the end of the control. Add post-approval monitoring requirements in WSPs:

• Periodic confirmation that repayment/terms are consistent with the approved arrangement
• Customer complaint monitoring triggers
• Outside communication reviews where applicable under your supervision program (FINRA Rule 3110)

Output: documented follow-up reviews with dates, reviewer, and outcome (FINRA Rule 3110).

6) Detection controls for “off-workflow” activity

Even strong procedures fail if you never detect violations. Practical detection options:

• Annual/periodic rep attestations specifically covering rep–customer loans
• Complaint and tip escalation scripts for supervisors
• Targeted branch audits focused on high-risk offices
• Surveillance for keywords in captured communications where your program supports it (FINRA Rule 3110)

Output: attestation logs, branch audit reports, exception tracking (FINRA Rule 3110).

Required evidence and artifacts to retain

Keep evidence in a form you can produce quickly for an exam.

Governance / design

• WSP section addressing FINRA Rule 3240 and how exceptions (if any) are handled (FINRA Rule 3240; FINRA Rule 3110)
• Role-based approval authority matrix (FINRA Rule 3110)
• Training materials and completion records covering the prohibition and escalation path (FINRA Rule 3110)

Operational / run evidence

• Pre-approval requests (complete intake)
• Approval/denial decision record with rationale
• Supporting documentation collected for the decision (as required by your WSPs) (FINRA Rule 3240)
• Post-approval monitoring notes and issue logs (FINRA Rule 3110)
• Rep attestations and any exception investigations (FINRA Rule 3110)

How Daydream fits (without adding complexity) Daydream is useful here as a control evidence system: you can standardize the intake checklist, route approvals, and keep a clean evidence packet per request aligned to FINRA Rule 3240 and supervisory expectations under Rule 3110 (FINRA Rule 3240; FINRA Rule 3110).

Common exam/audit questions and hangups

Expect reviewers to probe for proof that your program works in practice (FINRA Rule 3110):

• Show your WSP language that permits or prohibits borrowing/lending and describes the exception process (FINRA Rule 3240).
• How do you ensure reps seek approval before money changes hands?
• Who approves, and how do you document the rationale?
• How do you detect undisclosed arrangements?
• What happens when you find a violation? Walk through a real case file from intake to resolution (FINRA Rule 3110).

Hangups that slow exams:

• Approvals documented in email with missing facts
• No mapping of decisions to the “specified conditions” described in the rule and your procedures (FINRA Rule 3240)
• Inconsistent supervisor practices across branches (FINRA Rule 3110)

Frequent implementation mistakes (and how to avoid them)

1. WSPs say “prohibited” but staff can request “exceptions” informally.
   Fix: either formally allow exceptions with defined conditions and workflow, or enforce a true prohibition with investigation/remediation for any event (FINRA Rule 3240; FINRA Rule 3110).

2. No clear definition of “customer.”
   Fix: define “customer” for your firm’s business model and apply it consistently in intake.

3. Approval without a supervision plan.
   Fix: approvals should include follow-up steps and an owner under Rule 3110 supervision (FINRA Rule 3110).

4. Evidence scattered across systems.
   Fix: create a single case file per request. Daydream-style packaging (request + review + decision + monitoring) reduces exam friction.

Enforcement context and risk implications

You should treat violations as high-risk conduct even if your firm views this as “personal.” The risk profile includes conflicts of interest, customer harm, and supervisory breakdowns. FINRA Rule 3240 ties permissibility directly to written procedures and specified conditions, so gaps in WSPs and inconsistent approvals can quickly become a supervision finding under FINRA Rule 3110 (FINRA Rule 3240; FINRA Rule 3110).

A practical 30/60/90-day execution plan

No timeline claims here; use these as phased deliverables you can execute quickly.

First 30 days (stabilize)

• Decide: prohibit entirely or permit-by-exception, and document the decision in WSPs (FINRA Rule 3240; FINRA Rule 3110).
• Publish a rep bulletin: “no borrowing/lending with customers without written firm approval per WSPs” (FINRA Rule 3240).
• Stand up a basic intake mailbox/form and assign an approval owner (FINRA Rule 3110).
• Add a targeted rep attestation question to surface existing arrangements (FINRA Rule 3110).

Days 31–60 (operationalize)

• Convert intake into a structured workflow with mandatory fields and an approval checklist mapped to your WSPs (FINRA Rule 3240).
• Train supervisors and reps; include “what to do if money already moved” escalation steps (FINRA Rule 3110).
• Implement a case file standard: every request produces a complete evidence packet.

Days 61–90 (prove it works)

• Run a targeted supervisory review: sample requests/attestations, verify approvals, verify follow-up actions (FINRA Rule 3110).
• Fix gaps: tighten definitions, add required documents, clarify approval authority.
• Put the control into your ongoing supervisory testing calendar and track exceptions to closure (FINRA Rule 3110).

Frequently Asked Questions

Does FINRA Rule 3240 mean borrowing/lending with customers is always prohibited?

The rule is a prohibition with limited permitted scenarios. A rep may not borrow from or lend to a customer unless your written procedures permit it and the arrangement meets a specified condition (FINRA Rule 3240).

If we prohibit all rep–customer loans, do we still need procedures?

Yes. Your WSPs should clearly state the prohibition, define what counts as borrowing/lending, explain reporting and escalation, and describe supervisory follow-up under your supervision program (FINRA Rule 3240; FINRA Rule 3110).

What is the single most important operational control?

A mandatory pre-approval workflow that captures the facts, ties the request to your WSP-permitted conditions, and records a clear approval or denial with rationale (FINRA Rule 3240; FINRA Rule 3110).

How do we handle a situation where a rep already borrowed from or lent to a customer without approval?

Treat it as a supervisory event: open an investigation case file, document the facts, assess customer impact, apply internal disciplinary steps as appropriate, and document remediation and supervision enhancements (FINRA Rule 3110).

Can we rely on annual attestations alone to satisfy the requirement?

Attestations help detect undisclosed activity, but they do not replace pre-approval controls and documented decisions tied to your written procedures (FINRA Rule 3240; FINRA Rule 3110).

What should we show an examiner if asked for proof the control operates?

Produce your WSP section, training and attestations, and a set of complete case files showing intake, review, decision rationale, and any required follow-up supervision (FINRA Rule 3240; FINRA Rule 3110).