Regulations Mandating Two-Factor Protection

Overview: 

Regulators in certain jurisdictions have imposed requirements that brokerage clients use Two-Factor Authentication when accessing their account. These requirements currently impact residents of Hong Kong and India with details provided below.

Hong Kong-based accounts

On 27 Oct 2017, the Securities & Futures Commission of Hong Kong (SFC) issued revised guidelines aimed at reducing the information security risks associated with internet trading.  All registered and licensed persons engaged in internet trading are required to comply. The Hong Kong Monteary Authority (HKMA) simultaneously issued a circular on the same day requiring all registered institutions to implement the requirements listed in the guidelines.

Per article 1.1 of the SFC guidelines, all clients are required to be enrolled in Two-Factor Authentication. As a result, we are no longer able to provide Hong Kong accounts with the ability to opt out of the Secure Login System.

 

India-based accounts

On March 25, 2014 the National Stock Exchange of India (NSEI) issued a circular with new requirements for stock brokers that operate in India. Per regulation 3b, all brokers must implement Two-Factor Authentication for Indian clients. As a result, we are no longer able to provide India accounts with the ability to opt out of the Secure Login System.