Security Manager Designation and Functions
In order to access NFA's Online Registration System (ORS), firms including sole proprietors will need to designate a Security Manager. The Security Manager will have complete authority and responsibility to establish and maintain security accounts for other users at the firm.
Login to ORS to:
- Designate a Security Manager;
- Establish or delete a user's security account;
- Assign or update the security levels for users; and
- Reset users' passwords.
ORS Security Information
ORS will assign a user name and temporary password for each user the Security Manager establishes. The Security Manager should provide this information to the user. The first time the user logs in, the user will be prompted to change their password.
On an ongoing basis, the Security Manager will administer user security accounts. For example, if the user forgets their password, the Security Manager can reset it or if a user leaves the firm, the Security Manager must delete the user's account.
NFA recommends that every firm designate more than one individual as a Security Manager. If the firm has only one Security Manager, and that person is unavailable or has left the firm, a listed principal must fax a signed letter on firm letterhead to NFA at 312-559-3537 or send an email to firstname.lastname@example.org naming the new Security Manager. NFA will contact the new Security Manager to assist them through the process of accessing ORS.
To access EasyFile, use ORS credentials. Below you will find the varying security levels available for NFA's EasyFile systems:
View—Enter financial data, but not submit the statement.
View and Update—Enter the financial data and submit the statement.
- 1-FR-IB filers: The individual submitting the statement must comply with CFTC Regulation 1.10(d)(4) and also meet the definition of a principal. Therefore, "Enter and Submit" security level should be assigned to one of the following:
- Sole proprietor of a sole proprietorship;
- General partner, if the firm is a partnership;
- Chief Executive Officer (CEO) or Chief Financial Officer (CFO) if the firm is a corporation or similar type of organization;
- The firm's CEO, CFO, manager, managing member or a vested member with management authority if the firm is a limited liability company, limited liability partnership or similar type of organization. Therefore, the person with Enter and Submit access would also meet the definition of a principal.
- Forex filers: The individual submitting the forex weekly reports must be a supervisory employee who is, or is under the ultimate supervision of, a listed principal who is also an NFA Associate. Financial Requirements Section 13 also requires that the person filing the report have the authority to bind the firm. This is not restricted to APs or principals. Therefore, the security level should not be restricted.
- Pool filers: The individual should be someone who is duly authorized to bind the CPO.
- CTA filers: The individual should be someone who is duly authorized to bind the CTA.
- SD filers: The individual must be a supervisory employee who is under the ultimate supervision of a listed principal.
- FB/FT filers: The individual will administer all security accounts.
- Disclosure Document system users: This user can file a disclosure document. The firm's Security Manager can assign access to anyone to submit and review information. Persons with EasyFile access do not automatically have access to the Disclosure Document system.
- Regulatory Filing System users: RFS filers designated to facilitate the submission of requested documents during an examination.
- Promotional Material Filing System users: This individual can file promotional material.