July 1, 2025

Changes to FINRA Multi-Factor Authentication

SEC, ERA & State Registration Services
SEC, RIAs, Private Funds, compliance, coast to coast compliance, independent compliance consultant, compliance program review, annual compliance review, policies, investment advisers, broker dealers, division of enforcement, OCIE, security exchange act of 1943, investment advisers act of 1940, advisers act, New deal, investment adviser review, SEC registered investment advisers, form adv, IA annual requirements, Form ADV, Form CRS, Annual Updating Amendment, Form ADV Annual Updating Amendment, SEC Requirements, Annual requirements, SEC annual requirements, FINRA, IARD, regulation best interest, fair valuation rules, procedures, communications, electronic communications, penalties, FINRA, Multi-factor, duo, push key, security key, duo mobile passcode, duo verified push, Finra gateway, MFA

A message from the FINRA Entitlement Group:

FINRA is committed to protecting the integrity and confidentiality of the data and systems organizations use by implementing enhanced security features. As part of our continued efforts to protect against evolving phishing and cyberattacks and to reduce the risk of data breaches, FINRA is changing how FINRA Entitlement Program users authenticate their accounts.

Effective July 25, 2025, FINRA will retire three Multi-Factor Authentication options individuals currently use to verify account access:

  • phone calls (landline or cell);
  • text messages; and
  • fingerprint/facial recognition (Windows Hello/Touch ID).

On and after July 25, 2025, you must choose one of the following options:

  1. Duo Verified Push—receive authentication notifications on your smart phone or tablet;
  2. Security Key—use a supported USB Security Key to verify your account; or
  3. Duo Mobile Passcode—download the Duo application to receive authentication notifications directly on the app.  

If you are using a non-compliant MFA option, FINRA strongly encourages you to change your MFA option now to avoid any interruption to your access.

Important Information

  • If you are actively using a smartphone, tablet or Security Key and have not changed your MFA option from phone call (landline or cell), text message or fingerprint/facial recognition by July 25, 2025, you will be able to access Duo and change to a compliant MFA option before logging into the FINRA Gateway Systems.
  • If you do not have a smartphone, tablet or security key device and have not changed your MFA option from phone call, text message or fingerprint/facial recognition by July 25, 2025, you will not be able to access FINRA Gateway Systems until you re-enroll in Duo and select a compliant MFA option.
  • If you want to change your MFA option, log into FINRA Gateway, click ‘Continue to MFA’ select ‘Other Options’, select one of the compliant MFA options and follow the instructions.

For more information on how to change your MFA option, visit our MFA website.

HomeAboutServicesClientsResourcesBlogContactPrivacy Policy
(312) 219-2929
info@c2ccompliance.com
© 2025 Coast to Coast Compliance.