Cybersecurity and Risk Insights and Alerts
Cyber risks and threats continue to evolve, and firms are under pressure to meet SEC and FCA expectations for operational resilience as well as their own internal and client expectations for cybersecurity and privacy. Stay current on the latest cybersecurity, privacy, and risk threat and regulatory alerts, and build your cybersecurity and privacy knowledge with insights from our cybersecurity and technology risk experts.
ACA Aponix Cybersecurity Checklist
Cyber alerts and insights
FINRA Warns of Additional Fake Emails
The Financial Industry Regulatory Authority (FINRA) has issued an alert warning of reported additional phishing attempts using fake FINRA credentials. Per the notice, an ongoing email phishing campaign has been reported, in which the fake FINRA domain name of "gateway-finra[dot]org" is being used.
- Cybersecurity
Peer Analysis: Understanding Today’s Compliance Risks and Solutions
Find out what financial firms have identified as three of the knottiest issues facing compliance teams this year, the top five compliance areas that could benefit from better technology, and the biggest hurdles to compliance technology adoption in our latest peer analysis infographic.
- Compliance
- ComplianceAlpha
- Brexit
- Cybersecurity
- RegTech
- Managed Services
GDPR: Expectations vs. Realities on the Regime’s Third Anniversary
The General Data Protection Regulation (GDPR) reached its third-year anniversary on 25 May 2021. Three years after implementation, we speak with Alex Scheinman, Managing Director, ACA Aponix, about the impact of the regulation, how the COVID-19 global pandemic, Brexit and Schrems II influence the regime, and where data privacy rules will head next.
- Compliance
- Cybersecurity
FINRA Addresses Customer Account Takeovers (ATOs); Firms Advised on Protection Tactics
The Financial Industry Regulatory Authority (FINRA) has issued a regulatory notice in response to a noticed increase in customer account takeovers (ATOs). During these ATOs, bad actors compromise account information, gain unlawful entry into customer online brokerage accounts, make fraudulent transactions, siphon out funds, and commit other crimes. Similarly, bad actors have increasingly been using simulated identities to open online accounts, and unlawfully access funds and data. FINRA’s regulatory notice summarizes the observations of 20 firms of various business models and sizes on the subject.
- Cybersecurity
Protecting the Enterprise Server: After the SolarWinds®/Microsoft® Exchange® Hacks
The SolarWinds breach and the Microsoft Exchange server breach are striking, both in the extent and the breadth of their damage. The damage is ongoing; as part of the attack pattern, backdoor malware designed to give the attackers persistent access to the compromised organizations has been planted for future criminal activity. The recent executive order on cybersecurity testifies to the severity of the problem and the need for a centralized, proactive response. Learn what patterns we have observed and the mitigating strategies we recommend.
- Cybersecurity
Navigating Evolving Risks on the Regulatory Horizon
Regulatory change, COVID-19 fallout, and a rapidly mutating ecosystem of risks make this a challenging year for financial services firms. In our complimentary whitepaper, we examine the future of risk and compliance and how firms must respond to rapidly evolving circumstances.
- Trade & Transaction
- Compliance
- ESG
- Managed Services
- Regulatory Deadlines
- RegTech
- ComplianceAlpha
- FCA
- SEC
- Cybersecurity
- RiskMutation
- Brexit
- COVID-19
- GIPS Standards
- Mirabella