GRC hot topics
Critical MOVEit Transfer Vulnerability Updates
Progress Software discovered a critical SQL injection vulnerability (CVE-2023-34362) on May 31st in the MOVEit Transfer software which allowed unauthorized access to the Transfer environment and escalated privileges.
Love is Love: ACA Group Celebrates Pride Month and Inclusivity
ACA celebrates Pride Month in June with the theme Love is Love, hosting initiatives like a panel and book club selection that explore identity and belonging. We aim to create an inclusive workplace free from discrimination and are dedicated to enhancing LGBTQIA+ lives through education, advocacy, and community outreach.
- ACA News
EU/UK Announce Memorandum of Understanding – What does that mean for Financial Services Firms?
In May the EU and UK announced a draft MoU for regulatory cooperation in financial services, establishing a framework for close cooperation and avoiding regulatory divergence.
13 Key Elements for Successful Cybersecurity Portfolio Oversight
Our cyber team has identified the key elements of successful programmatic cyber oversight. By adopting these elements, firms can avoid value destruction, meet investor expectations, and increase valuations of their portfolio.
- Cybersecurity Resources
Tip for Updating Your Compliance Program: Shareholder Reporting Requirements and Amendments to Advertising Rules
The SEC's new rule amendments for mutual funds and ETFs aim to provide concise shareholder reports and require physical delivery instead of online posting. The amendments also introduce new advertising requirements for fee and expense figures.
- Mutual Fund
ACA Group Appoints Patrick Olson as Chief Executive Officer
17-year BlackRock veteran with blend of industry expertise, client relationships and global operating experience, will help drive growth and innovation.
- ACA News
SEC Staff Bulletin – Standards of Conduct for Broker-Dealers and Investment Advisers Care Obligations
The SEC issued guidance on the Care Obligation of Reg BI, emphasizing understanding risks, obtaining investor information, considering alternatives, and exercising caution with complex products.
Tip for Updating Your Compliance Program: Enhanced Proxy Voting Requirements
New SEC rules require standardized categorization, machine-readable filing, and sharing of mutual fund proxy votes and shares, with say-on-pay votes reported on Form N-PX by institutional investment managers worth $100 million or more only if they vote.
U.S. Regulatory Update – May 2023 Edition
This update includes insights on the third SEC Bulletin on Reg BI and Fiduciary Standard of Care, Ransomware Reminders, New N-PX Reporting, and the looming FTC Safeguards Rule.
Meeting the Evolving ESG Demands of Institutional Investors
Despite market challenges, sustainable investing remains a strong growth driver for ACA clients. Although institutional asset owners show increasing interest in this area, it can be challenging to find compelling investment offerings.