GRC hot topics
M&A Due Diligence and Portfolio Oversight: Minimizing Cyber and Privacy Risks During the Deal Lifecycle
With data breaches, social engineering attacks, extortion, hacking, and other cyber threats on the rise, it’s become increasingly vital for private equity firms to manage their firm’s cyber, IT, and data privacy risks as well as those of their prospective and current portfolio companies. Here's what you need to know to protect your investments.
- Portfolio Company Risk Management
Vendor risk management can be painful, time-consuming, and expensive. Get the secret ingredient to capture the full range of vendor risks in our latest blog post.
More and more, regulators are examining AML and terrorist financing monitoring software solutions to see if they are tuned correctly; and citing financial institutions who fail to meet the regulatory standards. One issue for both regulators and these institutions is the creation of excessive volumes of “false positive” activity alerts, or alerts on activity that after evaluation, is not determined to be suspicious.
- AML and Financial Crime
The Office of the Comptroller of the Currency (“OCC”) recently issued its Spring 2019 Semiannual Risk Perspective, a recurring report of key risk areas and emerging threats to the federal banking system that are monitored by the OCC's National Risk Committee. In this blog post, we summarize the risk areas that impact banking asset management groups, and operational risk, strategic risk, and BSA/AML.
- Bank Asset Management
On May 23, the U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert regarding the security associated with cloud and network data storage solutions.
ACA Compliance Group is pleased to present their newest survey results in the form of a white paper, 2019 Liquidity Risk Management Program Rule Survey Results.
The FCA recently published the conclusions of its review of principal firms in the investment management sector. We examine the relevance of the findings and outline how the FCA rated Mirabella in the review.
Regulatory Cyber Alert: SEC Conducting Cyber Compliance Examination Sweep of Registered Investment Advisers (RIAs)
The U.S. Securities and Exchange Commission (SEC) has commenced a series of cybersecurity examinations on registered investment advisers (RIAs) which targets Form ADV data related to cloud service providers.
FINRA recently issued Regulation Notice 19-18 (the “Notice”), which provided guidance to member firms regarding their monitoring obligations with respect to suspicious activity pursuant to the Bank Secrecy Act (“BSA”) and anti-money laundering (“AML”) requirements.
Third-party risk management can be painful, time-consuming, and expensive. Get the pain-free solution to effective vendor due diligence in our latest blog post.