Security Manager

Security Manager Designation and Functions

In order to access NFA's Online Registration System (ORS) firms including sole proprietors will need to designate a Security Manager. Sole proprietors can only designate themselves as a Security Manager. The Security Manager will have complete authority and responsibility to establish and maintain security accounts for other users at the firm.

Login to ORS to:

• Designate a Security Manager;
• Establish or delete a user's security account;
• Assign or update users' security levels; and
• Reset users' passwords.

ORS Security Information

ORS will assign a user name and temporary password for each user the Security Manager establishes. The Security Manager should provide this information to the user. The first time the user logs in, the user will be prompted to change their password.

On an ongoing basis, the Security Manager will administer user security accounts. For example, if the user forgets their password, the Security Manager can reset it or if a user leaves the firm, the Security Manager must delete the user's account.

 

NFA recommends that every firm designate more than one individual as a Security Manager. If the firm has only one Security Manager and that person is unavailable or has left the firm, a listed principal must send an email to ethics@nfa.futures.org naming the new Security Manager. NFA will contact the new Security Manager to assist them through the process of accessing ORS.

EasyFile Access

To access EasyFile, use ORS credentials. Below are descriptions of the varying security levels available for NFA's EasyFile systems:

View—The individual may enter financial data but not submit the statement.

View and Update—The individual may enter the financial data and submit the statement.

• 1-FR-IB filers — The individual submitting the statement must comply with CFTC Regulation 1.10(d)(4) and also meet the definition of a principal. Therefore, "Enter and Submit" security level should be assigned to one of the following:
  • Sole proprietor of a sole proprietorship;
  • General partner, if the firm is a partnership;
  • Chief Executive Officer (CEO) or Chief Financial Officer (CFO) if the firm is a corporation or similar type of organization; or
  • The firm's CEO, CFO, manager, managing member or a vested member with management authority if the firm is a limited liability company, limited liability partnership or similar type of organization. Therefore, the person with Enter and Submit access would also meet the definition of a principal.
• Forex filers
  • The individual submitting the forex weekly reports must be a supervisory employee who is, or is under the ultimate supervision of, a listed principal who is also an NFA Associate. Financial Requirements Section 13 also requires the person filing the report to have the authority to bind the firm. This is not restricted to APs or principals. Therefore, the security level should not be restricted.
    • Pool filers: The individual should be someone who is duly authorized to bind the CPO.
    • CTA filers: The individual should be someone who is duly authorized to bind the CTA.
    • SD filers: The individual must be a supervisory employee who is under the ultimate supervision of a listed principal.
    • FB/FT filers: The individual will administer all security accounts.
• Disclosure Document system users:
  • This individual can file a disclosure document. The firm's Security Manager can assign access to anyone to submit and review information. Persons with EasyFile access do not automatically have access to the Disclosure Document system.
• Regulatory Filing System users:
  • This individual can facilitate the submission of requested documents during an examination.
• Promotional Material Filing System users:
  • This individual can file promotional material.