ACA Spotlight Blog

ACA Spotlight Blog

Compliance, risk, and technology insights and alerts for financial services


ACA's experienced compliance, risk, and technology professionals regularly provide insights on industry news, trends, and best practices. Our blog now consolidates all ACA compliance alerts, thought leadership articles, white papers, cybersecurity alerts, and results from ACA surveys to help you find the information you need more quickly and easily.

OCIE Issues Risk Alert Highlighting Deficiencies in Compliance, Supervision, and Disclosure of Conflicts of Interest
Compliance Alert - SEC
July 26, 2019

The SEC's OCIE issued a Risk Alert detailing compliance issues noted during examinations of advisers who hire or employ individuals with a history of disciplinary events.

Form ADV Part 3 is Here – What You Need Know
Compliance Alert - SEC
July 25, 2019

On June 5, 2019, the U.S. Securities and Exchange Commission issued the Standard of Conduct for Investment Advisers interpretation to reaffirm and clarify the SEC’s views of the fiduciary duty that investment advisers owe to their clients under the Investment Advisers Act of 1940. 

MiFID II transaction reporting
Compliance Alert
July 23, 2019

Whilst the FCA’s priorities appear, for the time being, to be on understanding the nature and scale of reporting data errors and how they are addressed, failings under MiFID I moved it to take several high-profile enforcement actions. It is imperative that firms get to grips with their MiFID II transaction reporting processes and data quality checks as soon as possible.

Exposure Draft About Revising Their Three Lines of Defense Model
Thought Leadership
July 22, 2019

On June 17, 2019, The Institute of Internal Auditors (the IIA) released an Exposure Draft (the Draft) on a study being conducted to review and modernize the Three Lines of Defense Model (3LoD). The Draft has been released for public comments from June 20, 2019 and September 19, 2019 and reflects the thoughts and analysis of a working group, chaired by Jenitha John, Vice Chairman of The IIA Global Board of Directors; and Chief Audit Executive, FirstRand Ltd.

FinCEN BEC alert
Compliance Alert - FinCEN
July 19, 2019

On July 16, the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) issued an update to the September 6, 2018 advisory, "Advisory to Financial Institutions on E-mail Compromise Fraud Schemes." The updated advisory indicates a sharp rise in business email compromise (BEC) fraud across financial services and other industries.

Thought Leadership
July 17, 2019

The Lei Geral de Proteção de Dados (LGPD) is a sweeping data privacy regulation that goes into effect on February 15, 2020. Download our FAQs to find out what you need to know and how the law applies to your company.

SM&CR for non-UK firms
Compliance Alert
July 17, 2019

The Senior Managers and Certification Regime (“SM&CR”) is new set of requirements that will affect all firms regulated by the Financial Conduct Authority in the UK. This includes US firms (and those based elsewhere) who have some presence in the UK. And because SM&CR touches on the way firms are governed, it has potential implications for senior managers and some other staff in such firms including, in some cases, those located in the US parent.

ACA IAA 2019 Survey Results
July 15, 2019

ACA Compliance Group and the Investment Adviser Association release the results from their 2019 Investment Management Compliance Testing Survey. For the sixth year in a row, cybersecurity remains the biggest compliance concern at registered investment adviser firms – with 83 percent of survey respondents identifying cybersecurity as the “hottest” compliance topic and 70 percent indicating that their firms increased compliance testing in this area over the past year.

FCA alert
Compliance Alert - FCA
July 12, 2019

A recent Freedom of Information request to the UK’s Financial Conduct Authority (FCA) by accounting firm RSM revealed that 819 cyber incidents were reported to the FCA during 2018 – almost a 12-fold increase from the 69 cyber incidents reported to the FCA in 2017.

Compliance Standards of Conduct for Investment Advisers
Compliance Alert
July 11, 2019

On June 5, 2019, the SEC released a final comprehensive interpretation of the standard of conduct for investment advisers, which will become immediately effective upon publication in the Federal Register (anticipated July 2019). Here's what you need to know.

british airways alert
Compliance Alert
July 8, 2019

The UK's ICO plans to fine British Airways £183.39m ($230M) under the General Data Protection Regulation (GDPR) for a breach that occurred in 2018. The proposed penalty represents the largest fine of a company since GDPR came into force.

Market Abuse Regulation
Thought Leadership
July 3, 2019

This week marks three years since the Market Abuse Regulation (MAR) overhauled the civil market abuse regime across Europe, repealing and replacing the Market Abuse Directive (MAD) and the UK’s own domestic legislation.