ACA Spotlight Blog

ACA Spotlight Blog

Compliance, risk, and technology insights and alerts

Subscribe

ACA's experienced compliance, risk, and technology professionals regularly provide insights on industry news, trends, and best practices. Our blog now consolidates all ACA compliance alerts, thought leadership articles, white papers, cybersecurity alerts, and results from ACA surveys to help you find the information you need more quickly and easily. 

For ACA compliance alerts prior to March 2019, see our News Archive.

M&A Due Diligence and Portfolio Oversight: Minimizing Cyber and Privacy Risks During the Deal Lifecycle
Thought Leadership
May 30, 2019

With data breaches, social engineering attacks, extortion, hacking, and other cyber threats on the rise, it’s become increasingly vital for private equity firms to manage their firm’s cyber, IT, and data privacy risks as well as those of their prospective and current portfolio companies. Here's what you need to know to protect your investments.

The Secret Ingredient for Effective Vendor Risk Management
Thought Leadership
May 30, 2019

Vendor risk management can be painful, time-consuming, and expensive. Get the secret ingredient to capture the full range of vendor risks in our latest blog post.

OCC's Semiannual Risk Perspective: What Bank Asset Managers Should Know
Compliance Alert - OCC
May 29, 2019

The Office of the Comptroller of the Currency (“OCC”) recently issued its Spring 2019 Semiannual Risk Perspective, a recurring report of key risk areas and emerging threats to the federal banking system that are monitored by the OCC's National Risk Committee. In this blog post, we summarize the risk areas that impact banking asset management groups, and operational risk, strategic risk, and BSA/AML.

5 Key Challenges When Tuning AML Transaction Monitoring Software
Thought Leadership
May 29, 2019

More and more, regulators are examining AML and terrorist financing monitoring software solutions to see if they are tuned correctly; and citing financial institutions who fail to meet the regulatory standards. One issue for both regulators and these institutions is the creation of excessive volumes of “false positive” activity alerts, or alerts on activity that after evaluation, is not determined to be suspicious.

SEC risk alert on data storage
Compliance Alert - SEC
May 28, 2019

On May 23, the U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert regarding the security associated with cloud and network data storage solutions.

2019 Liquidity Risk Management Program Rule Survey Results
White Paper
May 24, 2019

ACA Compliance Group is pleased to present their newest survey results in the form of a white paper, 2019 Liquidity Risk Management Program Rule Survey Results.

SEC cyber exam sweep
Compliance Alert - SEC
May 22, 2019

The U.S. Securities and Exchange Commission (SEC) has commenced a series of cybersecurity examinations on registered investment advisers (RIAs) which targets Form ADV data related to cloud service providers.

View of buildings in the city
Compliance Alert - FCA
May 22, 2019

The FCA recently published the conclusions of its review of principal firms in the investment management sector. We examine the relevance of the findings and outline how the FCA rated Mirabella in the review.

FINRA Provides Guidance Regarding Suspicious Activity Monitoring and Reporting Obligations
Compliance Alert - FINRA
May 16, 2019

FINRA recently issued Regulation Notice 19-18 (the “Notice”), which provided guidance to member firms regarding their monitoring obligations with respect to suspicious activity pursuant to the Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) requirements.

New Intel Chip Security Vulnerability
Cyber Alert
May 15, 2019

On May 14, Intel announced a series of security vulnerabilities in its central processing unit (CPU) chips. The vulnerabilities are collectively labeled Microarchitectural Data Sampling (MDS).

Q&A-New-Prudential-Regime
Thought Leadership
May 15, 2019

The Investment Firm Regulation (IFR), a new prudential framework developed by the European Commission (EC), will soon apply to all MiFID investment firms. The vast majority of investment firms will need to adapt to a new set of capital, liquidity, and reporting requirements. Whether or not you believe these rules are simpler and more proportionate to investment firms, you need to be prepared.

Surveillance Attack Discovered in WhatsApp
Cyber Alert
May 14, 2019

On May 13, Facebook announced a vulnerability in its popular WhatsApp messaging service. The vulnerability allows attackers to install spyware on smartphones by simply placing a voice call to WhatsApp on the device.