Annual Entitlement User Accounts Certification Process
Some of the key responsibilities of an SAA are to ensure that access is appropriate and required as well as remove access for users who no longer need it—either because of changes in job duties or termination with the firm. One way to meet these responsibilities is to periodically review the firm's user accounts. The frequency of such reviews depends upon the size of an organization, user access requirements, staff turnover or security concerns. In addition to FINRA’s recommended periodic reviews, FINRA requires SAAs to complete an annual online user accounts certification process. This mandatory process enhances FINRA's overall program to protect the integrity and confidentiality of regulatory, proprietary and personal information maintained by FINRA.
Each year, FINRA designates a period during which SAAs of organizations with more than one user must certify their users’ access to comply with FINRA’s Entitlement User Accounts Certification Process. For 2018, the certification period commences on January 8, 2018, and concludes on February 8, 2018.
This certification process ensures that:
- Each user has a continuing need to access FINRA application(s) on the organization's behalf;
- Each user is entitled only to the applications and privileges needed to perform current job responsibilities; and
- Only those users who require access to sensitive data (e.g., Criminal History Record Information (CHRI), Social Security or tax identification numbers, dates of birth) are given access to this type of data. Otherwise, access must be removed; and
- Users who no longer require access have their accounts deleted.
If user accounts are not certified within the designated period, the capability to create, edit and clone accounts will be disabled for all administrators within the organization and will remain disabled until the SAA completes the certification process. In addition, action by the regulator may be taken to ensure compliance with the process. Finally, failure to comply with certification will result in all accounts associated with the organization to be suspended until certification is completed—this action requires an SAA to work with the FINRA Entitlement Group.
Refer to the following resources:
- Entitlement User Accounts Certification Process Quick Reference Guide
- FINRA Entitlement Program Frequently Asked Questions
- Super Account Administrator Reference Guide
Contact the FINRA Call Center:
- Broker-dealer firms: (301) 869-6699
- Funding Portals: (301) 590-6500
- Investment adviser firms: (240) 386-4848