For roughly 25 years, institutional investors have increasingly required asset managers with whom they invest to claim compliance with the Global Investment Performance Standards (GIPS®). This requirement is largely required of traditional fixed income and equity strategies and applied to asset managers that work predominantly with institutional investors. Early on, most private wealth managers were […]
In May 2016, the Financial Crimes Enforcement Network (“FinCEN”) issued its final rule on beneficial ownership with respect to customer due diligence (“CDD”) requirements. This rule requires financial institutions (“FIs”) to adopt due diligence procedures that ensure the FIs verify and identify the beneficial owner(s) of the legal entity each time a new account is
Technology Enhancements for Beneficial Ownership Implementation Read More »
In the five months since the SEC’s Office of Compliance Inspections and Examination (“OCIE”) issued request letters to registrants focused on advisers’ use of electronic communications, compliance officers have been reviewing their policies and procedures, determining how employees are using third-party communications platforms to conduct firm business, and ensuring adequate archival and retention of electronic
Electronic Communications Monitoring – A No-Brainer for CCOs Read More »
In the past year, it’s become apparent that cyber breaches are on the rise, and they are crippling businesses in their wake. One of the most seriously impacted companies was Equifax, whose stock price plunged 30% after they announced one of the largest breaches in U.S. history. If the last few months are any indication,
7 Cybersecurity Trends to Plan for in 2018 Read More »
This is the first post in a series of cybersecurity tips and tricks from ACA Aponix’s team of experienced consultants. The third quarter of 2017 saw the announcement of 7 high-profile data breaches in 7 weeks. Two of the more high-profile breaches, the SEC’s EDGAR filing system and Equifax, were caused via known security exploits.
5 Best Practices for Building an Effective Vulnerability Management Program Read More »
In the wake of the recent Equifax breach that potentially affected the personal data of more than 143 million Americans, Equifax is pointing the finger at one of its third-party vendors as the cause. When dealing with third-party vendors, there is more at stake than organizations may realize. Vendors are entrusted with sensitive data and
I recently joined ACA as Managing Director and Head of ACA Aponix’s Global Regulatory Cybersecurity Practice. Before joining ACA, I served as Associate Director and Head of the National Technology Controls Examination Program with the U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”). I would like to take this opportunity
What Investment Advisers Need to Know about Regulatory Cybersecurity Read More »
An endpoint is any device connected to your enterprise network — laptops, PCs, and printers, for example. In addition to these devices, the average worker uses 3 or more mobile devices per day for work activities, then multiply that by the number of employees in your organization, and you’ll have an idea of how many
7 Ways You Can Secure Your Network Endpoints Read More »
The 21st Annual GIPS® Standards Conference was held in San Diego on September 14-15 with over 300 attendees. A number of topics were covered, including important aspects of the proposed 2020 GIPS Standards updates. Jonathan Boersma, CFA, Moderator, began the conference with opening remarks discussing his time as the Head of Professional Standards and Executive
Highlights from the 21st Annual GIPS Standards Conference Read More »
Cyber incidents can have devastating effects on business of all sizes. A breach or malware attack could cripple business operations, lead to financial losses, expose sensitive data, and cause reputational damage. This October, ACA Aponix will again participate in the U.S. Department of Homeland Security’s Stop.Think.Connect Campaign for National Cyber Security Awareness Month (NSCAM). Each
