The FCA recently advised of incoming changes to how firms access FCA systems.

In order to protect firms’ data, the FCA are to implement multi factor authentication (MFA). This will replace the current method used by firms to log into the FCA systems. Multi-factor authentication ensures only you access your accounts.

Currently firms have a digital passcode, and this will be removed. Instead, firms will need to log in using a One Time Passcode (OTP). Firms will have the option of using the Salesforce One Time Passcode Authenticator App. The FCA states that this will be the preferred option as they believe it to be the most secure.

Alternatively, firms will be able to use SMS or calls to a direct land line … for security reasons this will only be permitted where the line is a direct land line and not a switchboard.

The new process will go live on 20th January 2023 for four key systems with a further system going live on 16th February 2023 as shown below.

You’ll need to enter a one-time passcode each time you log into:

• Connect – from 20 January 2023
• Reg Data – from 20 January 2023
• Online Invoicing (Fees Portal) – from 20 January 2023
• Shared Intelligence Service (SIS) – from 20 January 2023
• Electronic Submission System (ESS) – from 16 February 2023

Once the changes come in, the firm can skip registration for up to 2 months but after this time, it will be mandatory. The FCA states that firms don’t need to take any action now but that ‘turning on multi-factor authentication will be quick and easy’. You can find further information to help you understand the new process here.