FINRA-compliant appointment scheduling
FINRA logo

FINRA-compliant appointment scheduling

How OnceHub helps you archive and protect investor data

OnceHub is a provider to organizations across the financial services sector and is committed to helping you remain in step with FINRA. 

Read on to learn how OnceHub can help you meet your compliance obligations while streamlining operations with best-of-breed appointment scheduling software.

FINRA and appointment scheduling software

The Financial Industry Regulatory Authority (FINRA) is a non-governmental organization whose mission is to maintain fair and transparent markets in the United States. It operates under the oversight of the US Securities and Exchange Commission (SEC).

FINRA is responsible for investor education and protection, setting new standards for the securities industry, and enforcing regulations set by the SEC. These rules range widely and include guidelines on digital security, data protection, and data retention, all of which could impact how you configure your appointment scheduling software. 

OnceHub for FINRA-compliant appointment scheduling

OnceHub privacy and security program

OnceHub runs a multi-layered privacy and security program to protect our assets and that of our customers. It includes policies that address risk management, incident management, business continuity, and disaster recovery. All prospective and existing customers can assess these measures by requesting our due diligence pack, which includes a completed CAIQ and our latest SOC 2 report.

Data access controls

Technical controls OnceHub uses to protect investor data from unauthorized disclosure or modification include:

  • NIST-compliant encryption of all data and backups at rest and securely managed encryption keys.
  • HTTPS-only applications and encryption of data in transit using TLS 1.2 and higher.
  • Secure server-to-server authentication protocols for calendar integrations.
  • Robust access controls to ensure that our appointment scheduling software and any investor data it gathers and stores are solely accessible by authorized personnel:
    • Single sign-on (SSO)
    • Two-factor authentication (2FA)
    • Role- and user-based access management
    • Password policies, account lockout, and session controls
  • Audit trails to register who logged into the system and when, in addition to tracking meeting lifecycle changes, like who canceled or rescheduled a meeting.
Recordkeeping

OnceHub also has features to help maintain auditable records of electronic communications, as required by FINRA:

  • All emails to and from clients – meeting invitations, reminders, and follow-up messages – are automatically saved by the OnceHub appointment scheduling software and can be output to a system of record. There are also options to send emails through a corporate mailbox or use email BCCs to deliver copies of emails to an archive service.
  • Text message notifications can be downloaded in bulk for archiving.
  • Transcripts of live and AI-powered chats can be sent via email for archiving.
Disclosures

FINRA requires that all brokers’ sales and marketing communications be clear and accurate, providing customers and prospects a sound basis for evaluating the facts. Where necessary, brokers can customize booking pages, forms, and chatbots in their appointment scheduling software to include disclosures clarifying details of their products and services.

Due-Diligence-HP
Are you looking for due diligence information?

We have it all ready for you

Contact us

Related help articles
Security at OnceHub
Compliance at Oncehub
Security best practices

Get started today

back to top