ACA Spotlight Blog

ACA Spotlight Blog

Compliance, risk, and technology insights and alerts for financial services


ACA's experienced compliance, risk, and technology professionals regularly provide insights on industry news, trends, and best practices. Our blog now consolidates all ACA compliance alerts, thought leadership articles, white papers, cybersecurity alerts, and results from ACA surveys to help you find the information you need more quickly and easily. 

For ACA compliance alerts prior to March 2019, see our News Archive.

Thought Leadership
July 17, 2019

The Lei Geral de Proteção de Dados (LGPD) is a sweeping data privacy regulation that goes into effect on February 15, 2020. Download our FAQs to find out what you need to know and how the law applies to your company.

SM&CR for non-UK firms
Compliance Alert
July 17, 2019

The Senior Managers and Certification Regime (“SM&CR”) is new set of requirements that will affect all firms regulated by the Financial Conduct Authority in the UK. This includes US firms (and those based elsewhere) who have some presence in the UK. And because SM&CR touches on the way firms are governed, it has potential implications for senior managers and some other staff in such firms including, in some cases, those located in the US parent.

ACA IAA 2019 Survey Results
July 15, 2019

ACA Compliance Group and the Investment Adviser Association release the results from their 2019 Investment Management Compliance Testing Survey. For the sixth year in a row, cybersecurity remains the biggest compliance concern at registered investment adviser firms – with 83 percent of survey respondents identifying cybersecurity as the “hottest” compliance topic and 70 percent indicating that their firms increased compliance testing in this area over the past year.

FCA alert
Compliance Alert - FCA
July 12, 2019

A recent Freedom of Information request to the UK’s Financial Conduct Authority (FCA) by accounting firm RSM revealed that 819 cyber incidents were reported to the FCA during 2018 – almost a 12-fold increase from the 69 cyber incidents reported to the FCA in 2017.

Compliance Standards of Conduct for Investment Advisers
Compliance Alert
July 11, 2019

On June 5, 2019, the SEC released a final comprehensive interpretation of the standard of conduct for investment advisers, which will become immediately effective upon publication in the Federal Register (anticipated July 2019). Here's what you need to know.

british airways alert
Compliance Alert
July 8, 2019

The UK's ICO plans to fine British Airways £183.39m ($230M) under the General Data Protection Regulation (GDPR) for a breach that occurred in 2018. The proposed penalty represents the largest fine of a company since GDPR came into force.

June 2019 Broker-Dealer Newsletter
July 3, 2019

ACA Broker-Dealer Services invites you to download the latest edition of our newsletter.

Market Abuse Regulation
Thought Leadership
July 3, 2019

This week marks three years since the Market Abuse Regulation (MAR) overhauled the civil market abuse regime across Europe, repealing and replacing the Market Abuse Directive (MAD) and the UK’s own domestic legislation.

When is marketing not marketing? When it’s pre-marketing
Compliance Alert - FCA
July 2, 2019

When the Alternative Investment Fund Managers Directive (“AIFMD”) came into force back in the heady days of 2013, it brought into the financial lexicon terms that are now well-worn phrases such as “Article 42” or “Article 36” and of course “reverse solicitation”.

GIPS 2020 Release
Thought Leadership
July 1, 2019

After much anticipation from the investment management community, CFA Institute released the 2020 GIPS Standards on June 28, 2019. The newest version represents the most significant changes since the 2010 edition of the GIPS standards went into effect on January 1, 2011.

Cyber Alert: Vulnerability Discovered in Microsoft Excel; Rise in Spear-Phishing Attacks
Cyber Alert
June 28, 2019

This alert contains information about a vulnerability discovered in Microsoft® Excel®, as well as information about a recent rise in spear-phishing attacks attributable to heightened international tensions.

re-Deal IT Due Diligence
Thought Leadership
June 26, 2019

Our M&A Due Diligence Challenges blog series addresses the changing nature of IT, cybersecurity, and data privacy and how investors can manage these risks and increase their chances of achieving a successful M&A transaction. We also discuss tales from the trenches and lessons learned from M&A due diligence we have performed for clients.