Verification & Testing: Control 2.12 - Supervision and Oversight
Last Updated: January 2026
Manual Verification Steps
Test 1: Verify WSP Addendum
- Request WSP addendum for AI agents
- Verify coverage of supervision requirements
- EXPECTED: Documented procedures with approvals
Test 2: Test HITL Configuration
- Trigger high-risk agent response
- Verify review prompt appears
- EXPECTED: Supervisor review required before sending
Test 3: Test Review Queue
- Submit flagged response
- Check review queue in SharePoint
- Complete review and decision
- EXPECTED: End-to-end workflow functional
Test 4: Verify Supervision Evidence
- Request recent supervision log
- Verify reviewer decisions are documented
- EXPECTED: Complete audit trail
Test Cases
| Test ID | Scenario | Expected Result | Pass/Fail |
|---|---|---|---|
| TC-2.12-01 | WSP addendum exists | Documented and approved | |
| TC-2.12-02 | HITL triggers | Review required | |
| TC-2.12-03 | Review queue functions | Workflow completes | |
| TC-2.12-04 | Supervision logged | Decisions documented | |
| TC-2.12-05 | Principal qualified | Appropriate registrations |
Evidence Collection Checklist
- Document: WSP addendum
- Screenshot: HITL configuration in Copilot Studio
- Screenshot: Review queue in SharePoint
- Export: Supervision log (CSV)
- Document: Designated principal qualifications
Rule 3120 Annual Testing Checklist
Per FINRA Rule 3120, firms must test and verify supervisory control systems annually. For AI agent supervision, complete the following:
| Test Area | Test Procedure | Pass Criteria | Date Tested | Result |
|---|---|---|---|---|
| WSP Adherence | Review sample of agent approvals against documented WSP | All samples follow documented procedures | ||
| HITL Functionality | Trigger high-risk response, verify review prompt | Review queue receives item within 1 minute | ||
| Escalation Procedures | Simulate escalation scenario, trace routing | Escalation reaches designated principal within SLA | ||
| Review Queue SLA | Audit queue for reviews completed within SLA | >95% reviews completed within defined SLA | ||
| Sampling Protocol | Verify sampling rate matches policy | Actual rate within 10% of target | ||
| Supervisor Qualifications | Verify principal registrations current | All designees hold required Series licenses |
Annual Testing Attestation
## Rule 3120 Annual Testing Attestation - AI Agent Supervision
**Organization:** [Organization Name]
**Testing Period:** [Start Date] to [End Date]
**Tester:** [Name/Role]
**Date Completed:** [Date]
I attest that:
1. All test areas above have been tested per documented procedures
2. Test results have been documented and retained
3. Exceptions identified have been escalated per policy
4. Remediation plans are in place for any failed tests
**Test Summary:**
- Tests Passed: [X] / 6
- Exceptions Identified: [X]
- Remediation Required: [Yes/No]
**Signature:** _______________________
**Date:** _______________________
Attestation Statement Template
## Control 2.12 Attestation - Supervision and Oversight
**Organization:** [Organization Name]
**Control Owner:** [Name/Role]
**Date:** [Date]
I attest that:
1. WSP addendum for AI agents is documented and approved
2. HITL is configured for Zone 3 agents:
- Investment recommendations: [Review required]
- Account-specific advice: [Review required]
3. Sampling protocol is implemented:
- Zone 1: [X%]
- Zone 2: [X%]
- Zone 3: [X%]
4. Designated principals are qualified:
- [Name]: Series 24
5. Supervision evidence is retained per FINRA 4511
**Reviews This Period:** [Count]
**Approval Rate:** [X%]
**Signature:** _______________________
**Date:** _______________________
Back to Control 2.12 | Portal Walkthrough | PowerShell Setup | Troubleshooting