Frequently Asked Questions (FAQs)

Select a question below to locate the question and response.

  1. How do I get my password reset?
  2. What is an identity provider (IDP)?
  3. What if my organization doesn?t have an identity provider (IDP)?
  4. What happens if I forgot my User Name?
  5. How many times may I attempt my password before my account is disabled?
  6. What is an acceptable password?
  7. My account is deactivated. How do I reactive it?
  8. I have a new email. How do I update my account?
  9. Does the Help Desk agent provide assistance on accounting and other financial related questions?
  10. Does the Help Desk agent provide assistance on submitting reports to the CDR?
  11. How much access to the CDR system does the Help Desk have?
  12. Are financial institutions allowed to have more than one DSA?
  13. How does a financial institution add an additional Delegated Site Administrator (DSA)?
  14. What if our organization doesn't have a Delegated Site Administrator (DSA)?
  15. How do I update my user roles or another user’s role in the CDR?
  16. What are Reportability Rules and how are they updated?
  17. What is the Central Data Repository (CDR)?
  18. What is a Delegated Site Administrator (DSA)?
  19. Who is my Delegated Site Administrator (DSA)?
  20. How do I get enrolled?
  21. What do I do if I'm trying to register but can't find my organization in the lookup?
  22. What is the ID RSSD?
  23. What is a secret question?
  24. Is training available for the CDR?
  25. How do I contact the Help Desk?


  1. How do I get my password reset?

    2. CDR is accessed by entering your CDR user name and then authenticating using your credentials for your organization's identity provider (IDP): email, password and multifactor authentication (MFA) challenge.

    If you have forgotten or need assistance resetting your password, contact your organization's IDP.

  2. What is an identity provider (IDP)?

    3. An identity provider (IDP) manages and verifies user identities, allowing them to access various applications, services and resources. For example, your organization's IDP may act as a central authentication authority, allowing you to log in once and access various resources in your organization, such as your organization's intranet or applications.

    An IDP may also provide authentication to third-party service providers (websites, applications, or other services). For instance, you might use your Google credentials when you log into YouTube and Spotify. In this case, Google is managing and authenticating your identity, allowing you to access YouTube and Spotify without creating separate usernames and passwords.

  3. What if my organization doesn't have an identity provider (IDP)?

    4. Each CDR user must register using their professional email address for their organization.

    If you're unsure of which email you should use when registering, contact the Delegated Site Administrator (DSA) for your organization.

    Organizations that don't already have an identity (IDP) might choose to use Microsoft 365 Products for Business | Microsoft 365

    For additional assistance, contact the CDR Help Desk.

  4. What happens if I forgot my User Name?

    5. If you've forgotten your CDR user name, contact your Delegated Site Administrator (DSA) or call the CDR Help Desk for assistance.

  5. How many times may I attempt my password before my account is disabled?

    6. CDR is accessed by entering your CDR user name and then authenticating using your credentials for your organization's identity provider (IDP): email, password and multifactor authentication (MFA) challenge.

    The number of attempts and other password policies are set by your organization's IDP. If you need help unlocking or resetting your password, contact your IDP for assistance.

  6. What is an acceptable password?

    7. CDR is accessed by entering your CDR username and then authenticating using your credentials for your organization's identity provider (IDP): email, password and multifactor authentication (MFA) challenge.

    The number of attempts and other password policies are set by your organization's IDP. Best practices for password creation should include minimum length, complexity and age requirements

  7. My account is deactivated. How do I reactivate it?

    8. Accounts will be deactivated if they are not used for an extended period. If your account becomes deactivated, it will need to be reactivated by your Delegated Site Administrator (DSA).

    If your account remains inactive for too long, your DSA may not be able to reactivate it, and you will need to request a new account.

  8. I have a new email. How do I update my account?

    9. Emails cannot be changed. You'll need to request a new account using your new email address.

  9. Does the Help Desk agent provide assistance on accounting and other financial related questions?

    10. No, the Help Desk cannot provide direct feedback on accounting or other financial related questions. Please contact your organization's FFIEC assigned analyst for assistance.

  10. Does the Help Desk agent provide assistance on submitting reports to the CDR?

    11. CDR Help Desk agents are available to assist with CDR related issues or questions. However, for assistance with issues encountered submitting through vendor software, please contact the Software Vendor for assistance. For accounting or other financial related questions, contact your organization's FFIEC assigned analyst.

  11. How much access to the CDR system does the Help Desk have?

    12. The Help Desk has limited access to the CDR. Please speak with your Delegated Site Administrator (DSA) or FFIEC Assigned Analyst if you are uncertain if your question is appropriate for the Help Desk.

  12. Are financial institutions allowed to have more than one DSA?

    13. Yes, each organization should maintain two Delegated Site Administrators (DSA) to ensure adequate user support.

  13. How does a financial institution add an additional Delegated Site Administrator (DSA)?

    14. The Delegated Site Administrator (DSA) role can be assigned to an existing or new user. For instructions on adding users and assigning roles, select the Help Topics link above and review the User Enrollment topics.

  14. What if our organization doesn't have a Delegated Site Administrator (DSA)?

    15. If your organization does not have an active Delegated Site Administrator (DSA), contact the CDR Help Desk for assistance.

  15. How do I update my user roles or another user's role in the CDR?

    16. If you are a Delegated Site Administrator (DSA), click the Help Topics option above and review the Manage User Roles topic. If you are not a DSA, contact your DSA for assistance.

  16. What are Reportability Rules and how are they updated?

    17. Reportability Rules determine which Call Report form, schedule and line items an institution must report on. Reportability rule concept values are derived from the FFIEC National Information Center (NIC) structure and historical data. Financial institutions can review their current reportability rule concept values. See the View FI Reporting Status and View Reportability Rules topics in the CDR Help Topics.

  17. What is the Central Data Repository (CDR)?

    18. The Federal Financial Institutions Examination Council (FFIEC) Central Data Repository (CDR) (https://cdr.ffiec.gov/cdr) system was developed by the FFIEC agencies to collect, validate, manage, and distribute financial institution data.

    The CDR Public Data Distribution (PDD) website (https://cdr.ffiec.gov) provides public access to financial institution data.

  18. What is a Delegated Site Administrator (DSA)?

    19. The Delegated Site Administrator (DSA) is responsible for managing CDR users at their organization. Specifically, they are responsible for approving, denying or deactivating user account, and assigning appropriate user roles.

  19. Who is my Delegated Site Administrator (DSA)?

    20. Selecting a Delegated Site Administrator (DSA) is a business decision made by each organization. Usually the DSA is a manager or Call Report leader. Each organization should have more than one DSA.

  20. How do I get enrolled?

    21. For requesting a CDR account, select the Help Topics link above and review the User Enrollment topics.

  21. What do I do if I'm trying to register but can't find my organization in the lookup?

    22. If you cannot find your organization in the lookup, contact your Delegated Site Administrator (DSA) to verify the Organization Name or identifier you're using to search is correct. If you are the DSA for a new organization registering for the first time, contact your FFIEC assigned analyst or Vendor liaison to verify your organization has been added.

  22. What is the ID RSSD and where can I find it?

    A RSSD is a unique identifying number assigned by the Federal Reserve to all financial institutions, as well as their main offices, and other branches. See the FFIEC National Information Center (NIC) for additional information.

    The CDR also has a look-up facility for this identifier: https://cdr.ffiec.gov/CDR/SystemManagement/AccountEnrollment/lookupOrg.aspx

  23. What is a secret question?

    A secret question is a technique used by the CDR to help validate you as a user by verifying the response to a pre-determined question.

  24. Is there any additional training available for the CDR?

    Click the Help Topics option above to review basic instructions for Financial Institutions and Software Vendors users.

  25. How do I contact the Help Desk?

    Select the Contact Us link to view contact methods and hours for the CDR Help Desk.