insights banner

Insights

Our unique perspective is informed by our real-world experience, deep subject matter expertise, and extensive client network.

GRC hot topics

Regulatory compliance insights and alerts

Cybersecurity alerts and insights

ESG

ESG alerts and insights

GIPS® standards and performance alerts and insights

RegTech insights and alerts

Insights and alerts related to the SEC's new Marketing Rule

Guidance and insights on regulatory proposals, enforcements, and risk alerts

Regulatory change is here for Private Fund Advisers

1 of
ACA Threat Intelligence Alert Blog Image

FINRA Warns of Fake Agency Website

FINRA issued an alert regarding the appearance of a fake website purporting to be from the authority. The fake website uses the domain “finnra.org” in which the letter “n” appears twice.

Cyber Alert
  • Cybersecurity
  • Phishing
Compliance Alert

SEC OCIE Issues Risk Alert on COVID-19-Related Compliance Risks and Issues

The U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) has issued a risk alert on the COVID-19-related risks, issues, and challenges faced by SEC-registered investment advisers and broker-dealers, including those resulting from the widespread use of telecommuting practices and pandemic-related market volatility.

Compliance Alert
  • Compliance
  • BCP
  • COVID-19
2020 NSCP Aponix Survey

Highlights from the 2020 NSCP / ACA Aponix Cybersecurity Compliance Programs Survey

Benchmarking your firm’s cybersecurity program against those of your peers is a smart way to identify the compliance gaps your firm should address. Here are the results of the 2020 NSCP / ACA Aponix Cybersecurity Compliance Programs Survey.

Survey
  • Cybersecurity
highway at night from overhead

Preventing Financial Crimes

Money laundering has become a global concern over the past several years. In response, the U.S., Cayman Islands Monetary Authority and the EU are taking steps to increase AML efforts in their jurisdictions, and it is likely that other countries will follow suit in the coming years.

Article
  • AML and Financial Crime
cyber code

Is It Time to Reset Your Password Reset Policy?

Many authorities are questioning whether mandatory password reset policies are worth the hassle. Get ACA's guidance on when, if ever, you can remove or relax your password reset policy.

Article
  • Cybersecurity
curved glass building looking up at a blue sky

FINRA Guidance for Retail Communications Concerning Private Placement Offerings

FINRA issued Regulatory Notice 20-21 on July 1, 2020 providing guidance for complying with FINRA Rule 2210 “when creating, reviewing, approving, distributing, or using” retail communications concerning private placement offerings.

Compliance Alert
  • Compliance
city skyline from above

The CCO's Guide to the GIPS Standards: Essentials for Understanding and Mitigating Risk

As adoption of the GIPS standards has grown over the years, ACA has seen compliance personnel take a much deeper interest in ensuring their firms meet every requirement.

Report
  • Performance
tprm vmos

Third-Party Risk Management: Collaborating for Results

Running vendor management or third-party risk management (TPRM) programs can be a complicated process for both consumers and providers of services. Here are some of the current challenges with due diligence and opportunities to improve the process for all parties involved.

Article
  • Cybersecurity
abstract image with a lock and shield

Critical Vulnerability Identified in Windows Servers

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert identifying a critical vulnerability affecting all versions of Microsoft® Windows Server® configured with the Domain Name System (DNS) role enabled. The vulnerability could potentially allow a remote attacker to gain control of affected systems.

Cyber Alert
  • Cybersecurity
curved glass building looking up at a blue sky

New Focus on Senior Manager Responsibility for Regulatory Reporting

Regulators are placing increasing importance on senior managers taking personal responsibility and accountability for regulatory reporting under SM&CR. We examine what this means for firms in scope of the MiFIR, EMIR or SFTR reporting regime.

Compliance Alert
  • Trade & Transaction