Hi Rupert,
I am afraid that this is up to the framework where SRM is deployed.
If you are using portal, it is up to portal if they can provide such kind of complicated authentication. I believe there should be.
If you are using NWBC, it is up to NWBC to decide this.
BR,
Ivy