FINRA Entitlement Program: Entitlement Reference Guide

This user guide is designed to assist Account Administrators (AAs) and Super Account Administrators (SAAs) in navigating through the Account Management System of the FINRA Entitlement Program.

NOTE: Please see the FINRA Entitlement Program Super Account Administrator user guide for functionality that is specific for SAAs.

Super Account Administrator & Account Administrator’s Roles & Responsibilities

A Super Account Administrator is responsible for the following *:

  • Self-entitle for their own “User” privileges.
  • Create and update accounts for AA’s.
  • Create and update accounts for users.
  • Perform password administration, such as unlocking accounts, and resetting passwords.
  • Provide and update privileges (entitlement) for AA’s and individual users.
  • Disable and/or delete accounts when necessary.
  • Delete an account immediately when the individual no longer is with the firm.
  • Certify accounts for authorized access on an annual basis.

*Not applicable to certain organizations as designated by FINRA

An Account Administrator is responsible for the following:

  • Create accounts for individuals.
  • Perform password administration, such as unlocking accounts, and resetting passwords for individual users.
  • Verify accounts periodically for authorized access.
  • Provide and update privileges (entitlement) for individual users.
  • Disable and/or delete user accounts when necessary.
  • Delete an account immediately when the individual is no longer with the organization.

An Account Administrator CANNOT:

  • Change or reset another Account Administrator’s password.
  • Change or setup their own account privileges (entitlement) or another Account Administrator’s account.
  • Activate or change their own account or another Account Administrator’s account.

NOTE: An AA who needs assistance and is with an organization that has an SAA should contact their SAA. An AA who needs assistance and is with an organization that does not have an SAA should contact the FINRA Gateway Call Center.

Password Information

Passwords must:

  • Be 12-32 characters in length
  • Include characters from at least three of the following four categories:
    • Uppercase alphabet characters (A-Z)
    • Lowercase alphabet characters (a-z)
    • Numeric characters
    • Special characters (all special characters are permitted including a space)
  • Not reuse a user’s 10 most recent passwords
  • Not include your first, middle or last name
  • Not include your user ID
  • Not include profanity, words of a vulgar nature, or any commonly used words identified by information security professionals

NOTE:  User IDs and temporary passwords can be systematically generated.

Password Security Information:

  • All initial passwords require the user to create a new password with initial log in.
  • Passwords are valid for 180 days.
  • If the 180 days has elapsed, a user cannot log into Account Management without changing his/her password. The system will prompt the user to enter a new password.
  • A user can change his/her password at any time by clicking Change Password/Change Account Profile under Admin Tools on the Web CRD and IARD site maps.
  • A user cannot reuse a password used within the last ten password changes.
  • Users who forget their password can click on the Forgot Password? link on the login screen to request a new password. The user will be prompted to enter their User ID and security response before a new password will be emailed.
  • Five incorrect password attempts within 1 hour will result in a locked account. The account will auto-unlock after 1 hour. Accounts can be unlocked sooner than 1 hour if users contact their SAA or AA. If it is an SAA account, he/she needs to contact the FINRA Gateway Call Center.
  • Users who have five incorrect security response attempts need to contact their SAA or AA for a reset; or if it is an SAA account, he/she needs to contact the FINRA Gateway Call Center.

How to Access the Account Management Functionality

The Account Management functionality can be accessed several ways:

NOTE: This guide will provide the steps for you to access Account Management via Firm Gateway and Account Management directly.

Accessing Your AA Account using FINRA Firm Gateway

When you receive your User ID and initial password from the SAA, you must first log into the application, change your password and establish your security information.

Step 1: Access the address for Firm Gateway: https://firms.finra.org

Step 2: Enter your User ID in the User ID field, read the FINRA Terms and Conditions and click I Agree.

Firm Gateway Login Screen with Terms and Conditions

NOTES:

  • Clicking I Disagree prevents you from accessing the application.
  • If you do not know your User ID or Password, click the Forgot User ID or Password hyperlink. Select the appropriate User ID or Password radio button, enter the required information and click Submit. An email with your User ID or a temporary password will be sent to you.
  • To improve application security, FINRA has shortened the time before users are automatically logged off due to inactivity to 30 minutes. Please make sure to save your work frequently to avoid lost work due to a system timeout.

Step 3: Enter the password provided by the SAA in the Password field and click Continue.

Image of Password Field and Continue Button

Step 4: Enter your User ID, Current Password, New Password twice and click Continue.

Firm Gateway Password Reset Screen

Step 5: Click Continue on the Password Reset Completed screen.

Firm Gateway Password Reset Successful Screen

Step 6: Enter your newly created Password and click Continue.

Image of Password Field and Continue Button

Step 7: Select your Security Information questions, provide the appropriate Answers and click Save.

Screen of the Firm Gateway Security Questions and Answers

NOTES:

  • Each set of questions has a drop-down list that can be used to select your question. Once you have selected the question, provide the appropriate answer.
  • If you are using your personal computer and you trust the device/computer, you can click the Remember this computer checkbox. If you leave the checkbox unmarked, you will be presented with a security question with each login.
  • Upon completion of password reset and security information, the Firm Gateway or the Funding Portal Gateway home screen appears. Your account is now active and you can navigate through the application as needed. You can begin creating user accounts for users at your organization who require entitlement to FINRA.

Display of the Firm Gateway home page after successful login

OR

Display of the Funding Portal home page after successful login

ADDITIONAL NOTES:

  • Once you have saved your security information, you will periodically be presented with a security question when you login. Or, if you have not selected the Remember this computer checkbox, you will be presented with a security question with each login.
  • Five incorrect entries of your password will lock your account. You will need to contact your SAA or wait an hour for your account to auto-unlock.
  • View FINRA Entitlement Program Frequently Asked Questions

How to Access Account Management using FINRA Firm Gateway or Funding Portal Gateway

As an Account Administrator, you are responsible for managing the accounts of users at your organization who require entitlement to FINRA regulatory systems.

Step 1: Access the appropriate Gateway site and click the User Administration tab on the top Menu.

Firm Gateway home page with user administration menu highlighted

OR

Funding Portal Gateway home page with user administration menu highlighted

Result: The Account Management: Start New Search screen opens.

Account Management: Start New Search screen

Accessing Your AA Account using the Account Management URL Address (firms and regulators)

When you receive your User ID and initial password, you must first log into the application, change your password, and establish your security information.

Step 1: Access Account Management at: https://accountmgmt.finra.org/ewsadmin2/index.jsp

See Accessing Your AA Account using FINRA Firm Gateway and follow Steps 2 - 7.

User Account Management login screen

NOTES:

  • Clicking I Disagree prevents you from accessing the application.
  • If you do not know your User ID or Password, click the Forgot User ID or Password hyperlink. Select the appropriate User ID or Password radio button, enter the required information and click Submit. An email with a your User ID or a temporary password will be sent to you.
  • Upon completion of password reset and security information, the Account Management: Home screen appears. Your account is now active and you can navigate through the application as needed. You can begin creating user accounts for users at your organization who require entitlement to FINRA (see ADDITIONAL NOTES in the Accessing Your AA Account using FINRA Firm Gateway section).
  • To improve application security, FINRA has shortened the time before users are automatically logged off due to inactivity to 30 minutes. Please make sure to save your work frequently to avoid lost work due to a system timeout.

User account management home screen and welcome message

How to Create a User Account

As an AA or SAA, you are responsible for managing the accounts of users at your organization.

Step 1: Access Account Management (see Accessing Your AA Account using FINRA Firm Gateway or Accessing Your AA Account using the Account Management URL Address).

Result: The Start New Search screen appears. It is recommended you search the system first to verify that the individual does not already have an account with your organization.

Account management start new search screen

Step 2: Click Create New Account from the navigation panel.

Result: The Create New Account screen displays.

Account management create new account screen

Step 3: Enter the appropriate information into the fields in the User Profile, Account Profile, FINRA Information, and Application Entitlements sections of the Create New Account screen.

NOTES:

  • All fields marked with an asterisk (*) are required to create a new user account. To systematically generate a User ID, enter the user’s first and last names into the appropriate fields and click the Generate a new User ID hyperlink. To systematically generate a password, click the Generate a password hyperlink.
  • A new account automatically defaults to an Initial Account Status of Active, meaning the user can access the appropriate application as soon as they are provided with the User ID and Password. If the status is changed to Disable, the user cannot access the application until you activate it.

The application(s) and privileges for which you are an Account Administrator are listed below the User Profile, Account Profile, and FINRA Information sections of the Create New Account screen.

You can grant User entitlement for any privilege for which you are entitled as an Account Administrator. Selecting User allows the user access to a specific functionality of the applicable application needed to perform their job.

Privileges are organized in a hierarchy, and referred to as “parent” privileges and “child” privileges. If you wish to give a user entitlement to a “child” privilege, you should also give him/her entitlement to the “parent” of that privilege.

For example, the View Organization Information privilege is a child of the Organization parent privilege, which is also a child privilege of the CRD parent privilege. To entitle a user at your organization with the ability to have View Organization Information, you would select CRD User, Organization: User, and View Organization Information: User.

If you select User for a “child” privilege and forget to select User for the “parent” privilege(s) for that “child,” the system will automatically choose User for the “parent” privilege(s) when you save the privileges.

Step 4: Select User for all privileges the user needs to perform his/her job responsibilities and click the Save button to create the new user account.

Screen showing user's account privileges.

NOTES:

  • To add all privileges for an application, click the Select All hyperlink.
  • If you are an Account Administrator for other applications, the other applications and corresponding privileges will appear on this page. Each application has its own section within this page.

Result: The new user account is now ready.

Step 5: Take note of the User ID and temporary Password that you will need to provide to the user. If providing by email, it is recommended that the User ID and temporary password be sent in separate emails for information security purposes. He/she can now access the entitled system(s).

NOTES:

  • Use the Paste Special command after copying the User ID and password so that the information will be visible. When the new user logs into the entitled system for the first time with the User ID and password you have provided, they will immediately be directed to change their password and select a Security Question and enter a Security Response.
  • The date and time the account was created displays in the Account Created on field, and the User ID of the person who created the account displays in the Account Created by field. If the account was created by an FINRA Administrator it will display “FINRA”.

Account Management: Account Saved screen

How to Search for and View a User Account

As an Account Administrator, you are responsible for managing your users’ accounts. You must first search for the accounts you need to edit or delete.

Step 1: Access Account Management (see Accessing Your AA Account using FINRA Firm Gateway or Accessing Your AA Account using the Account Management URL Address).

Result: The Account Management: Start New Search screen displays.

Account management start new search screen

Step 2: Enter the appropriate information to search for the user.

Result: The Search Results screen displays.

Account management search results page

Step 3: Click the hyperlink in the User ID column to view the user’s account.

Tips for Performing a Search

  • To view a list of users in your organization for a specific application, check the box next to the appropriate application and click the Search button.
  • To view a list of all users at your organization, leave all fields blanks and click the Search button. NOTE: if your organization has a large number of entitled users, the search may take time.
  • You can use asterisks (*) as wildcards to assist your search. For example, if you want to search for all users at your organization whose first names start with A, type A* in the First Name field and click the Search button.
  • If your search displays more than one result, you can sort your search results by clicking the column titles. For example, if you want to sort the list alphabetically by last name, you would click the Last Name hyperlink.
  • You can view up to 10 users at a time. If there are more results, click the Next button to display the next set of 10.

How to Clone a User Account

Cloning an account is the process of creating a new user account by duplicating an existing user’s account. This enables the new user to be entitled to the same participating FINRA Entitlement applications and privileges as the existing user is entitled.

Cloning saves time when you have several users at your organization who use the same applications and privileges. You can access an existing user’s account and clone that user (i.e., copy that user’s privileges) for each individual who requires the same applications and privileges. You can also add or modify any applications or privileges to the new user’s account during the cloning process.

Step 1: Search for and view the user’s account you want to clone (see How to Search for and View a User Account).

Example: This user, John Doe, has User for CRD, Organization, View Organization Information, and Firm Queues and no privileges for Organization Non-Filing Information, Maintain Contact (BD ONLY) and Maintain Firm Notifications.

Account management view account screen

Step 2: Click Clone Account from the navigation panel.

Result: A new user account opens with the User Profile, Account Profile or FINRA Information fields blank, and the same privileges that “John Doe” had, i.e., User for CRD, Organization, View Organization Information and Firm Queues and no privileges for Organization Non-Filing Information, Maintain Contact (BD ONLY) and Maintain Firm Notifications.

Step 3: Enter the appropriate information into the User Profile, Account Profile, and FINRA Information fields. All fields marked with an asterisk (*) must be completed to create a new user account. To systematically generate a User ID, enter the user’s first and last names into the appropriate fields and click the generate a new User ID hyperlink.

To systematically generate a password, click the generate a password hyperlink.

Step 4: To add an additional application(s) and/or privileges to a user’s account, click User.

OR

Step 4a: To remove a privilege that a user no longer needs click ‘User’. This will uncheck the box next to the privilege that is not needed

Step 5: Click the Save button.

Account management clone account page

NOTE: “Firm” and “Other” Organization classes do not have the ability to clone a File Transfer Protocol/Internet File Transfer (FTP/IFT) account. Only the FINRA Entitlement Group can create FTP/IFT accounts.

How to Change a User’s Password and Account Status

If a user has problems logging into his/her account, it may be because:

  • He/she has forgotten the password or the password has expired.
  • He/she has unsuccessfully entered his/her password more than five times in the past hour and has been locked out.
  • He/she has unsuccessfully entered his/her security questions more than five times and has been locked out.
  • He/she has been disabled intentionally, either by a firm Account Administrator or by the FINRA Entitlement Group.

Step 1: Search for the user’s account (see How to Search for and View a User Account)

Step 2: View and evaluate the user’s Account Status

Step 3: Click the User ID hyperlink to access user’s Account Management: View Account screen.

Account management search results page

Account Status Recommended Action:
Active Advise the user to click the Forgot Password? hyperlink located on the login screen. You also have the option to reset the user’s password (see How to Change a User’s Password and Account Status).
Password Lockout Reset the user’s password and reactivate the account (see How to Reset a User’s Account due to Security Questions Lockout).
Security Questions Lockout Change the Account Status to Activate and Reset the Security Questions.

Note: Users who forget their security information and are locked out, need to re-establish their security information (see How to Change Your Security Questions and Answers).
Disabled by non-FINRA Account Administrator Check with the Super Account Administrator or Account Administrators at your firm to confirm that you should reactivate this account. If allowed, reactivate the account (see How to Change a User’s Password and Account Status). You may wish to change the user’s password at this time as well.
Disabled by FINRA Administrator Contact the FINRA Gateway Call Center at (301) 590-6500 for more information on why this account has been disabled.

NOTE: You can view and evaluate the status of the User’s Account Profile.

Account management view account page

Step 4: Select Change Password from the navigation bar.

Step 5: Enter a new password for the user, or click Generate a password to systematically generate a new password for the user. Click the Save button.

NOTE: The password generated is a temporary password; the user will have to change the password the next time they log into the application. Changing a user’s password does not automatically reactivate the account.

Account Management Change Password

Step 6: Select Change Account Status from the navigation panel.

Step 7: Click Account Status: Activate and select Save.

Result: The user’s account has been reactivated. Provide the user with his/her new temporary password.

Account management change account status dialog box

NOTE: You can also unlock a user’s account via the Edit Account functionality. Select Activate from the drop-down menu in the Change Account section.

FINRA Security Questions Feature

The first time a user logs onto a FINRA Entitlement application/system (e.g., Web CRD, IARD, Report Center, etc.) the user will be required to select three security questions and provide responses to each question. On subsequent logins, a user may be asked to provide the responses to the security questions he/she selected in order to further verify the user’s identity. This security feature is similar to those used by financial websites as an additional safeguard against unauthorized access.

Once users have saved their security information, they will be periodically presented with a security question. Or if they have not clicked the Remember this computer checkbox, they will be presented with a security question each time they login.

As the AA or SAA, you may need to assist your users if the following occurs:

  • Five incorrect responses to security questions will lock their accounts. They will need to contact an SAA or AA.
  • Five incorrect entries of their password will lock their account. They will need to contact an SAA or AA.
  • View FINRA Entitlement Program Frequently Asked Questions

Account profile, account status password lockout

(Example of Password Lockout on the Account Management/View Account screen)

How to Reset a User’s Account due to Security Questions Lockout

If a user locks their account due to five incorrect responses to their security questions it is suggested that you Unlock the account and reset the Security Questions. Resetting the Security Questions forces the user to select and respond to a new set of security questions.

Step 1: Search for and view the user’s account (see How to Search for and View a User Account).

NOTE: The Account Status should read: Security Question Lockout.

Account management search results

Step 2: Click on the User ID hyperlink.

NOTE: The Account Status should read: Security Question Lockout.

Account profile with security question lockout status

Step 3: Click Change Account Status from the navigation panel.

Account management change account status with security question lockout status

Step 4: Click Account Status: Activate.

Step 5: Click Security Questions: Reset.

Step 6: Select Save.

NOTES:

  • The Account Status Changed screen no longer displays the New Security Questions because you have indicated that they must be reset.
  • Upon completion of these steps, the user can log in with their original password, but will need to select a new set of security questions and answers.

Account management view account screen with active account status

New Security Questions have been removed.

NOTE: You can also unlock a user’s account via the Edit Account functionality. Select Activate from the drop-down menu in the Change Account Status section. You will not have access to reset the Security Question from this screen.

How to Change Your Security Questions and Answers

The Security Questions and Answers can be change by clicking the Edit Security Questions checkbox that is located on the Password screen.

OR

Step 1: Access Account Management (see Accessing Your AA Account using FINRA Firm Gateway or Accessing Your AA Account using the Account Management URL Address).

Step 2: Select My Account from the header section of the screen.

Account management header with my account highlighted

Result: The My Account: Account Information screen appears.

My account account information screen

Step 3: Select Change Security Questions located on the navigation bar located on the left side of the screen.

Result: The My Account: Security Questions and Answers screen appears.

My Account: Security Questions and Answers screen

Step 4: Change your Security Questions and Answers as desired and click Save.

How to Edit a User Account

Step 1: Search for and view the user’s account (see How to Search for and View a User Account).

Step 2: Click Edit Account from the navigation panel.

Step 3: Update any necessary information in the User Profile and/or FINRA Information fields.

OR

Step 3a: To disable or reactivate a user’s account, click the drop-down arrow in the Change Account Status field and change the status to Disable or Activate, as appropriate.

OR

Step 3b: To add a privilege to a user’s account click User next to the appropriate privilege.

OR

Step 3c: To remove a privilege that a user no longer needs click ‘User’. This will uncheck the box next to the privilege that is no longer needed.

Step 4: Click Save.

NOTE: You cannot edit the User ID or Legacy User ID fields. You can only see and edit the applications and privileges for which you are an entitled Account Administrator. Also, you cannot edit any information for another Account Administrator's account.

Account management edit account screen

How to Delete a User Account

If a user is no longer employed at your firm, or if a user no longer needs access to any participating FINRA Entitlement applications, the Account Administrator can delete the user’s account. As an Account Administrator, it is your responsibility to perform regular housekeeping on your firm’s users, by periodically reviewing accounts to determine which accounts should be deleted.

Step 1: Search for and view the user’s account (see Accessing Your AA Account using FINRA Firm Gateway or Accessing Your AA Account using the Account Management URL Address).

Step 2: Click Delete Account from the navigation panel.

Result: A warning message displays reminding you that the individual’s data will be permanently deleted and the user will not be able to access any participating FINRA applications.

Step 3: Click the Delete button.

Result: A confirmation message displays letting you know that the account has been deleted.

Account management delete account screen

IMPORTANT TIPS WHEN DELETING USER ACCOUNTS

  • It is important not to delete a user in error, because the user will lose access to all participating FINRA Entitlement applications.
  • If you delete a user in error, create a new account for the user and entitle him/her to any applications and privileges he/she needs.
  • If a user is entitled to more than one application (e.g., Web CRD, IARD, and FINRA Report Center) and he/she no longer needs access to one of those applications, DO NOT delete the user’s account. Instead, remove all privileges for an application, by clicking the Unselect All hyperlink.

How to Find the Super Account Administrator or Account Administrator

All users can view a list of their firm’s Super Account Administrator, Account Administrators and the list of all FINRA applications available to your organization.

Step 1: Access the FINRA Firm Gateway site and click My Account located at the top of the screen.

Firm Gateway top navigation menu with my account highlighted

OR

Funding portal gateway top navigation menu with my account highlighted

Result: The My Account: Account Information displays.

My account information with applications and administrators highlighted

Step 2: Click Applications & Administrators from the navigation panel.

Result: The My Account: Applications & Administrators screen displays.

My account applications and administrators

  • The SAA's information appears at the top of the screen beneath My Account: Applications & Administrators.
  • The AA’s information appears in the last column of the table.
  • Green check marks indicate the applications for which you are entitled. The red circles indicate the applications for which you are not entitled.

How to Log Out

Select Log Out from the top right portion of the screen.

Account management screen with log out menu item highlighted

The Logout Successful screen will display. To log back in, select the Click to Login again button. Follow the prompts to log back in.

Account management log out success screen

ADDITIONAL NOTES:

  • When you log out, your browser could contain a memory of the account information viewed during your session. For added security, we recommend that you close your browser window.

  • If you are inactive for 27 minutes, you will get several prompts to Continue Session. If you don’t select Continue Session at the end of 30 minutes, you will be logged off. If you select Continue Session, the clock will be reset for another 30-minute session.

Account management timeout dialog box

Example of the 27 minute timeout prompt.

Questions for Technical Support? Call the FINRA Gateway Call Center at (301) 590-6500 8 a.m. through 8 p.m., ET, Monday-Friday.