#00669a

Insights

April 18, 2019 | Cyber Alert

On April 10, researchers published information on a critical vulnerability in Microsoft’s Internet Explorer® (IE) browser. This previously unseen, “zero-day” exploit enables attackers to remotely access locally installed program version information, and potentially to exfiltrate user data.

April 17, 2019 | Compliance Alert

On April 16, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a risk alert detailing compliance issues from recent examinations of investment advisers and broker-dealers pertaining to privacy regulations.

Regulation S-P is the primary SEC rule regarding privacy notices and safeguards. It generally requires firms to:

April 16, 2019 | Article

Michael Held, Executive Vice President of the Legal Group at the Federal Reserve Bank of New York, spoke at the 1LoD Summit in New York on April 2, 2019. In his speech, he thanked the risk managers that act as the first line of defense against financial crime and provided important information about risk management and detecting and preventing financial crimes, specifically Anti-Money Laundering (“AML”)/Countering Terrorist Financing and Economic Sanctions in the banking world.

April 15, 2019 | Article

Cybersecurity oversight continues to challenge boards and now the SEC has updated their request list for cyber exams. This updated list combined with previously articulated SEC expectations, provides some directional help for boards as they navigate cybersecurity issues. 

April 12, 2019 | Cyber Alert

On April 11, researchers from the Carnegie Mellon Software Institute announced security vulnerabilities in multiple virtual private network (VPN) applications. These VPN agent software programs connect users to corporate computer networks over secure internet channels.

April 11, 2019 | Article

New prudential capital rules will be coming into force for the UK asset management industry – and for some firms, the amount of change required to the business will be significant.

The UK asset management industry should soon receive the final version of the new EU prudential capital rules within the EU’s Investment Firm Regulation (IFR) and Investment Firm Directive (IFD). Despite Brexit, it is highly unlikely that the Financial Conduct Authority (FCA) will end up with a regime that is materially dissimilar – firms should begin to prepare now.

April 11, 2019 | Article

When it comes to anti-money laundering (AML) transaction monitoring, financial services firms are under more pressure than ever to prove that the approach they are taking is working. Regulators want to see obvious evidence that firms are generating the right level of suspicious activity reports (SARs) for their size, geography, and business types, usually in the form of statistics and reporting. In turn, boards and senior management teams are now demanding to see this same information to be sure the firm is meeting its compliance obligations.

April 10, 2019 | Cyber Alert

On April 9, researchers discovered three serious vulnerabilities in the Verizon Fios Quantum™ Gateway (G1100) router. This is the default device issued by Verizon for subscribers to its Fios internet service. The device enables internet and Wi-Fi access for millions of users.

April 9, 2019 | Cyber Alert

The Security and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) recently updated the list of documents they typically request during investment adviser examinations which reflect their 2019 cyber exam focus areas.

April 8, 2019 | Article

Business communication continues to evolve. Over the past few decades, there has been a noticeable change in what is seen as an “acceptable” turnaround time. Back in the days of “snail mail” it was weeks, then the introduction of email shortened that time to hours, and now with the growing mobility of employees and clients, the turnaround time has shifted to minutes with the rise of new messaging applications and trends towards the use of text messages.

April 5, 2019 | Press Release

ACA Compliance Group (“ACA”) has expanded its consulting services that will help banks engaged in asset management activities manage risk and meet growing regulatory expectations. The bank asset management consulting services practice is overseen by former bank examiner, Roy Kim.

April 3, 2019 | Article

The Innovation in Compliance with Tom Fox podcast recently featured ACA's Patrick Conroy, Managing Director of Client Development for ACA's Regulatory Technology practice. In Conroy's episode, Nimble and Strategic Compliance: A Conversation with Patrick Conroy, Tom Fox and Conroy discuss a range of topics related to regulatory technology (RegTech), including the need for this type of technology, the future of RegTech, and how

April 2, 2019 | Compliance Alert

With the UK government’s desperate attempts to achieve a Brexit settlement having reached a crescendo, the FCA continues to make preparations for the worst case no-deal scenario. It has extended the deadline for firms and funds registering for the Temporary Permissions Regime (TPR) from 28 March to 11 April 2019, reflecting the recent delay to the process of UK withdrawal.

March 29, 2019 | Article

On February 13, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations ( OCIE) issued a Risk Alert highlighting the concerns and issues associated with certain types of transfer agents (“TAs”) that also serve as paying agents.1 For the past several years, OCIE has prioritized examining TA’s performance in safeguarding funds and securities.2 This Risk Alert high

March 28, 2019 | White Paper

ACA Compliance Group and ACA Aponix are please to present their newest white paper, Board Oversight of Cybersecurity...In Search of the Rosetta Stone.

March 27, 2019 | Cyber Alert

Last week, I attended the 2019 Mutual Fund and Investment Management Conference which is sponsored by the Investment Company Institute (ICI) and the Federal Bar Association. The annual conference provides updates on current securities, tax, and regulatory developments that affect investment companies and investment advisers.

This year, the keynote presentation featured Kristin Snyder, deputy director of the SEC's Office of Compliance Inspections and Examinations (OCIE). Below are my observations from the session.

March 26, 2019 | Article
Give your professional life a boost with the ACA Professional Skills Academy

While technical knowledge may get your foot in the door, interpersonal skills play a critical role in advancing your career. Time management, critical thinking, communication – they all allow not only you, but also your organization, to stay competitive and adaptable. No matter your role or company size, there will always be an interpersonal dynamic that can't be ignored. 

March 25, 2019 | Article

Data privacy has become an overarching issue top of mind to organizations across industries and geographies over the past several years. It affects every business function in an organization, from the IT department to compliance to marketing to HR, and has increasingly been occupying the minds of the C-suite.

March 22, 2019 | Cyber Alert

On March 21, Facebook announced that they had discovered an internal security flaw, in which hundreds of millions of user passwords had been stored in their systems in an unencrypted, plain text, readable format. While typically passwords undergo security processes known as “salting” and “hashing” that make them unreadable without special algorithms, over the course of several years, Facebook has been storing many passwords in plain text.

March 22, 2019 | Survey

Are you interested in what frequently asked compliance questions your peers have raised or have wondered about? Participate in our Alternative Fund Manager Survey.

This is the twelfth survey of our ongoing series to gain insight into how your peers are approaching common challenges in the industry. Our September 2018 iteration of this survey received 220 responses. 

March 20, 2019 | Case Study

A large cap private equity firm wanted to conduct pre-deal diligence on a potential target company that provides post-acute care (PAC) management solutions and clinical services for care-continuum optimization. The firm chose ACA's M&A diligence and advisory services to assess the quality and sophistication of the target’s core IT software and systems.

March 20, 2019 | Press Release

Key features include new and enhanced algorithms, vendor integrations for expert network or meeting calendar information, reporting enhancements, and user interface improvements.

March 20, 2019 | Survey

We invite you to participate in our second Liquidity Risk Management Program Rule Survey. We understand there is a continued need for transparency and insight into the various ways mutual funds, investment advisers, and sub-advisers are approaching the liquidity risk management program rule. By participating in this survey, you can help us identify trends in how firms are complying with, or getting ready to comply with the rule.

March 19, 2019 | Article

In our previous RegTech blog post, we discussed we discussed how regulators are investing in the development of their own technological capabilities to quickly and efficiently manage data, and how this is evolving regulators' expectations regarding investment firms' use of tech. 

March 19, 2019 | Article

In less than two months, hundreds of compliance and performance professionals will be arriving in Miami for ACA’s Spring 2019 Compliance and Performance Conference. This year’s event will mark the fifth anniversary of ACA’s performance track focused exclusively on issues related to performance measurement and the GIPS® standards.