The role of the Money Laundering Reporting Officer (MLRO) is a mandatory position in all firms in the Financial Services Industry. This reflects the statutory objective that the Regulator(s) have for ensuring that firms behave with “Integrity”, particularly relating to financial crime prevention. The MLRO therefore plays a significant role in assisting Senior management to ensure that systems and controls relating to anti-money laundering (AML) and countering the risk of terrorist financing (CTF) are appropriate and effective. This course provides practical advice and guidance on the responsibilities of the MLRO, what is expected by the Regulators, both of the Senior Management and the MLRO, and how those responsibilities can be achieved. It should be noted that attendance at this course does assume a good knowledge of the UK’s AML/CTF regulations.
ACA Aponix® provides cybersecurity and technology risk programs, data privacy compliance services, vendor and M&A diligence services, portfolio company oversight, network testing, and advisory services for companies of all sizes.
Strengthen your cyber program with Aponix Protect™
Aponix Protect helps firms address evolving cyber risks and threats to ensure that their cybersecurity needs are covered year-round. This solution is available in three tiers, each one designed to provide firms with a flexible, robust, responsive, and cost-effective cybersecurity program.
Increase oversight of your portfolio companies' cyber risk with PortCo Defend™
Our PortCo Protect program is designed to provide high-level insight into cybersecurity risks across a portfolio and measure the maturity of the cybersecurity approach at each investment entity. The program establishes minimum security requirements, a measurement framework and governance, and provide guidance/ assistance where needed. It is not intended to cause rework or significantly change the direction of a portfolio companies current security initiatives.
Minimize risk and maximize enterprise value with technology, cyber, and privacy M&A diligence
Our team assists private equity firms with IT, cybersecurity, and privacy transaction advisory and risk management services. We provide full M&A integration analysis, design, oversight and execution services to help you minimize risk and maximize enterprise value for your most complex transactions by closely aligning our services with your investment thesis.
Why work with us?
We provide cybersecurity and technology risk programs, data privacy compliance, vendor and M&A diligence services, network testing, and advisory services for companies of all sizes. Our unique approach combines a deep understanding of your workflows with our methodologies, thought leadership, and proprietary data to surface and prioritize the most important risks. Our award-winning solutions are designed to help firms uncover risks and identify deficiencies in their cybersecurity policies, procedures, and controls.
Why work with us?
Deep information technology experience. Award-winning solutions. Holistic approach to technology risk.
- Experienced global team
- Certified team members
- Thought leaders in cybersecurity and IT risk
- Over 650 companies work with us
- Award-winning technology and solutions
- Holistic approach to cybersecurity and IT risk
ACA Aponix provides cybersecurity and technology risk assessments, data privacy compliance, vendor and M&A diligence services, network testing, and advisory services for companies of all sizes. Our unique approach combines a deep understanding of your workflows with our methodologies, thought leadership, and proprietary data to surface and prioritize the most important risks. Our award-winning solutions are designed to help firms uncover risks and identify deficiencies in their cybersecurity policies, procedures, and controls.
Who we are
- Our team consists of senior technologists who have started in the technology trenches, many growing into technology leaders at organizations ranging from small to large hedge funds, bulge-bracket banks, and technology services providers for the financial services sector.
- ACA Aponix staff maintain or have held the following relevant certifications around cybersecurity risk management, incident response, penetration testing, information security, IT governance, privacy, and business. Additionally, select ACA Aponix staff maintain U.S. military security clearance.
- CISSP, CISM, CISA, ISO27001:2013, CGEIT, CRISC, CTPRP, Security+, OSCE, OSCP, CEH, GXPN, GPEN, GWAPT, GCFE, GCCC, GCIH, GCIA, ECSA, SSA, CREST CPSA
- CIPM, CIPP, CIPT
IT & Business Continuity
- A+, CCA, CNE, CCNA, CCNP, CSPO, ISO22301:2013, MCSA, MCSE, MSCP, Network+
- CFA, CM&AA, GSLC, JD, MBA, PhD, PMP, Six Sigma Black Belt
Our leadership team
Kavitha is a Partner and the Business Lead for ACA Aponix, the dedicated global cybersecurity and technology risk advisory team.
Chad is a Partner at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group and oversees ACA Aponix’s Strategic Technology Advisory and Risk practice.
Mike is a Partner at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group.
James is a Partner at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group. James manages ACA Aponix in Europe.
Marc is a Strategic Advisor at ACA, and a Co-founder and formerly a Co-head Partner at ACA Aponix.
Kris is a Managing Director at ACA Aponix, specializing in information security program and policy development, risk management, vulnerability assessments, third-party security assessments, and audits.
Henry is a Managing Director at ACA Aponix, the cybersecurity, privacy, and IT risk division of ACA Group and oversees the sales department for the division.
Alex is a Managing Director at ACA Aponix, overseeing ACA Aponix’s GDPR, CCPA, and other privacy regulation data-processing reviews and related programming.
Sara oversees ACA Aponix's vendor diligence and management service (VMOS) team.
Jose is a Director at ACA Aponix leading the penetration team.
Christine is a Director at ACA Aponix.
Latest cyber and risk insights
ACA’s virtual spring conference is right around the corner. We encourage ACA Aponix clients to attend the sessions below or to invite other members of their teams to join in. Here’s a sneak peek at what you can expect and what you can expect to take away.
- Portfolio Company Risk Management
On April 14, the U.S.DOL issued a news release with guidance on cybersecurity for retirement plan administration aimed at plan sponsors, fiduciaries, record-keepers and participants of plans regulated by ERISA, the federal law that sets the minimum standards for retirement and health plans in private industry. Get the details on this guidance as well as our recommendations.
Learn about the new software patches Microsoft released on April 14, 2021 to address 19 critical vulnerabilities as well as a new Zoom vulnerability discovered at the Pwn2Own white hat hacker event.
When Microsoft announced patches for the four “zero-days” that were revealed on March 2, 2021, the full extent of the vulnerability was not known. Security experts continue to notify victims, coordinate remediation, and suggest remaining vigilant for “stage 2” of this attack, i.e., further exploitation of the backdoors left on the already-compromised servers.
Apple has issued urgent updates for its iPhone, iPad, and iWatch devices. According to Apple, these updates patch a discovered “cross site scripting” vulnerability that allows bad actors to inject malicious code into web pages. The code could be enabled when users access these pages using browsers on Apple devices. This vulnerability may already have been exploited.
Multiple firms have reported receiving emails from an organization posing as the International Fund Manager Regulator (IFMR). There is no legitimate international global regulatory authority for fund managers. This email is a phishing attempt.
ACA Group announced today that ACA Aponix® is the recipient of the Accounting/Due Diligence Firm of the Year in the 20th Annual M&A Advisor Awards. The M&A Advisor Awards are the benchmark for dealmaking excellence, recognizing the leading M&A Transactions, Restructurings, Deal Financings, Product/ Services, Firms, and Professionals.
ACA is delighted to be counted among the 100 most innovative RegTech companies in the financial industry.
The ever-increasing focus by the Regulators on the accountability of senior management, particularly when things go wrong, emphasises how important it is for individuals in senior positions to have a clear understanding of what is expected of them. This succinct course is designed to assist Senior Managers to have a full understanding of what they need to do to achieve compliance with the rules under the obligations created by the Senior Managers and Certification Regime (SMCR).
The role of the Compliance Officer is a mandatory position in all firms in the Financial Services Industry. They play a major role in assisting Senior Management to ensure that appropriate and effective systems and controls are in place to achieve and maintain compliance with the applicable Rules. While the nature of the Compliance Function is likely to differ from one firm to another, this course provides an easy to follow breakdown of what the Regulator expects of a Compliance Officer and explains, in practical terms how the regulatory expectations and those of Senior Management can be achieved.