Summary
FINRA is alerting firms to a recently identified vulnerability in Apache Log4J software, which is an open-source, Java-based logging utility widely used by enterprise applications and cloud services. The “Log4Shell” vulnerability presents risk for member firms because they may be using this software in internal applications, or the software may be embedded in third-party software
ul.rulebook{list-style-type:none;padding-left:0px;}
ul.rulebook ul.rulebook{list-style-type:none;padding-left:30px;}
ul.rulebook ul.rulebook ul.rulebook{list-style-type:none;padding-left:60px;}
ul.rulebook ul.rulebook ul.rulebook ul.rulebook{list-style-type:none;padding-left:90px;}
ul.rulebook li{margin-top:20px;text-transform:uppercase;font-weight:400}
#tab-links, .book{display:none;}
6100.
Summary
FINRA has received reports about increasing numbers and sophistication of ransomware incidents. Ransomware typically involves bad actors gaining unauthorized access to firm systems and encrypting or otherwise accessing sensitive firm data or customer information, then holding that hijacked data for ransom. Some ransomware attacks have become significant threats that include theft of data
As previously communicated, beginning Monday, January 13, 2025, FINRA will require Multi Factor Authentication (MFA) for access to all production API reference data files. This is the final reminder clients will receive regarding this change.Beginning on January 13, 2025, FINRA will no longer support the use of digital certificates to access the Reference data API and only MFA access will be
SEC Approves Amendment To Section 65 Of Uniform Practice Code
On November 30, 1994, the SEC approved an amendment to Section 65 of the Uniform Practice Code relating to customer account transfers. The NASD filed the amendments along with other amendments to the NASD's rules designed to implement the SEC's mandate to move to T+3 settlement of securities transactions. Although the SEC
Posted: April 12, 2019
Holiday Reminder
The TRF Systems will be closed on Friday, April 19, 2019. As stated in the data feed interface specifications, FINRA may send out unmarked test data via its data feeds on market holidays. Direct data feed subscribers, including recipients of TRF data, should take the necessary precautions to prevent data corruption. Thank you for your attention to this
Beginning Monday, May 19, 2025, FINRA will introduce the MOLD/UDP 64 protocol to the TRACE Securitized Products Data feeds – SPDS and SPDS-144A.TRACE data feed clients must adhere to the new protocol, new IP Addresses and feed changes by this date. FINRA has updated the SPDS and SPDS-144A specifications, IP address configurations and the MOLD/UDP 64
Frequently Asked Questions (FAQs) about the logistical aspects of the Remote Inspections Pilot Program, including the opt-in process.
The Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision program highlights recent reports of a CrowdStrike service outage affecting Microsoft operating systems. FINRA continues to monitor the outage.
As part of its Transparency Services improvement initiative, FINRA will re-platform the TRACE Corporate and Agency product to a new Linux-based operating system. The implementation date for this initiative is Monday, October 21, 2024. On October 21, 2024, FINRA will introduce a new protocol to the TRACE Corporate and Agency Data feeds – ATDS, BTDS, and BTDS-144A. TRACE data feed clients
