The Trusted Professional | Trusted Professional

SEC Adopts Changes to Access Procedures for EDGAR, Notably Transitioning from Shared to Individual Accounts

GettyImages-513676272 Security Exchange Commission SEC

The Securities and Exchange Commission (SEC) has announced that it is adopting changes to the login, password, and other account access procedures for those using its Electronic Data Gathering, Analysis, and Retrieval System (EDGAR). 

The new version of EDGAR, known as EDGAR Next, will upgrade the system in three ways: improving EDGAR's security, enhancing filers’ ability to manage their EDGAR accounts and modernizing connections to EDGAR. Most notably, it will transition from one login account per company to one account for every individual filing documents into EDGAR.

"A lot has changed in the three decades since the Commission first required mandatory EDGAR filings in 1993. EDGAR has lived through the rise of the internet, social media, and streaming content. We also have learned a great deal about data security and password protection in that time," said SEC Chair Gary Gensler, in a statement. "To keep pace with ever-evolving markets, technology, and business models, we’ve updated EDGAR over the years. Our most recent meaningful update, though, to EDGAR login, password, and other account access protocols was more than a decade ago. Today’s amendments are an important next step for EDGAR account access protocols."

Gensler explained that under previous requirements, registrants had one login per company, which is akin to having a family passing around one shared login and password for a movie streaming app. "That’s simply not the most secure system—for filers and the Commission alike—when it comes to information relating to financial disclosure. By contrast, today’s amendments further secure login protocols by requiring every person filing something into EDGAR to login with individual credentials and to use multi-factor authentication," he said.

These amendments require electronic filers to authorize and maintain designated individuals as their account administrators. The changes also mandate filers to take certain actions, through their account administrators, to manage their accounts on EDGAR. 

Additionally, under the amendments, filers may authorize individuals as account administrators only if they get individual account credentials in the way laid out by the EDGAR Filer Manual. As part of the EDGAR Next changes, optional Application Programming Interfaces (APIs) will be provided to filers for machine-to-machine communication with EDGAR.  The SEC is also amending Volume I of the EDGAR Filer Manual to be in accordance with these changes. 

APIs are a machine-to-machine way of making submissions, retrieving information and performing account management tasks that will enhance filers' EDGAR interactions' efficiency and accuracy. These APIs also lets filers manage their EDGAR accounts with minimal manual interaction with EDGAR.

The SEC opened a beta software environment for filer testing and feedback, reflecting the adopted rule and form amendments and the related technical changes. Information about signing up for beta testing and other information regarding the rule's adoption can be found on the EDGAR Next webpage.

Those asking for access to EDGAR must complete a form known as the Uniform Application for Access Codes or Form ID. Compliance with amended Form ID is required on March 24, 2025.  All rule and form amendments will take effect on that date, and filers will be required to comply with all rule and form amendments by Sept. 15, 2025.