cybersecurity

California Consumer Privacy Act (CCPA) and Increasing Demands on the Privacy Office

Join ACA’s Alex Scheinman and Paul Schappell for a discussion on how to prepare your firm to comply with requirements under the California Consumer Privacy Act (CCPA) as well as the evolving regulatory privacy landscape. Based on the string of state-specific data protection regulations released recently in New York, Colorado, and now California, more state and national regulations will likely follow. In this webcast, our speakers will discuss steps to implement an accountable regulatory privacy program and meet the challenges of the evolving regulatory landscape.

Vendor Risk: Due Diligence, Scaling, Analysis, and Ongoing Oversight

In recent years, regulators have increasingly focused on vendor due diligence. Join Marc Lotti, Partner at ACA Aponix, alongside the compliance manager of a leading private equity firm, as they discuss some of the challenges companies face in identifying and managing third-party risks. Our speakers will discuss best practices for managing your due diligence process and how to scale your third-party risk management program. Our guest speaker will also discuss how outsourcing helped his firm overcome common challenges, reduce costs, and improve vendor oversight.

5 Cybersecurity Considerations for Investment Companies

ACA’s Askari Foy and Thomas Riley recently hosted a live webcast discussing cybersecurity best practices and trends for fund boards, sub-advisers, and investment company service providers with cybersecurity oversight. This post provides key takeaways from the webcast that investment companies can implement to help mitigate cybersecurity risk and protect the fund's assets and reputation. 

GDPR Implications for Investment Managers

In May 2018 the EU’s General Data Protection Regulation (GDPR) will come into force, bringing significant implications for all organisations that process data belonging to EU residents. Investment managers that employ EU residents or have investors that are EU residents will have to comply with the new legislation regardless of whether the firm is based within the EU or not.

GDPR introduces a number of requirements relating to how personal data is collected, stored and processed as well as the threat of fines of up to 4% of a firm’s global turnover.

GDPR - A Practical and Proportionate Approach for Investment Managers

Do you know what you should be doing now to prepare for the new General Data Protection Regulations ("GDPR") coming into force on 25th May 2018? Within an environment that is already highly regulated, what more must investment managers do to meet the new standards? Now is the time to take action to ensure that you are prepared for next year and  to avoid the scrutiny of the regulator.