Banks might not be the only financial institutions needing dedicated chief information security officers (CISOs) to oversee and enforce a cybersecurity program. As FinOps Report goes to press, the Colorado Division of Securities is set to finalize rules which, as of July 15, will make the state the first in the US to require fund managers and broker-dealers […]
Irish Fund Admins Get Stern Offshoring Advice
Compliance and operations managers at fund administration shops in Ireland will need to keep closer tabs on middle and back-office activities outsourced to third-party firms or even offshore affiliates. In March, the Central Bank of Ireland sent chief executives of fund administrators in Ireland a stern letter about shortcomings in monitoring of offshore operational work with detailed guidance […]
Private Equity Admin: Blockchain Revolution?
In another entry of blockchain into a new operational realm, Northern Trust’s announcement that it has installed the first functioning blockchain for private equity funds administration has been drawing a lot of attention. Yet that’s no guarantee that institutional investors in private equity funds or other fund administrators will be enamored with the idea. say investment, operations, […]
Building Smarter 3rd-Party Cyber-Risk Programs
Financial firms needing to manage the cybersecurity risk of companies outside their own walls as well as they do their own can now count on a new risk assessment-as-a-service platform for help. Launched in March, the Denver-headquartered CyberGRX aims to take the gruntwork out of the due diligence process for third-party cybersecurity risk managers. It […]
New York Tightens Screws on 3rd Party Cyber-Risk
Out of sight doesn’t mean out of mind when it comes to following New York State’s new rigorous rules on how banks must manage cybersecurity risk. Cybersecurity information security officers (CISOs), IT directors, compliance managers, legal counsel, and vendor procurement specialists will need to work together to perform due diligence on third-party vendors, negotiate new […]
Blockchain 2017: Regulatory Reality from FINRA
Straight from the horse’s mouth, US broker-dealers have just been advised about the many ways their use of blockchain could impact their compliance with rules imposed by the Financial Industry Regulatory Authority (FINRA) — including recordkeeping, clearance and settlement, anti-money laundering, trade reporting and customer statements. FINRA , the US self-regulatory agency for broker-dealers, has issued a […]
AML Compliance: Policing the Money Wires
Bank compliance, technology and back-office executives will soon be faced with a lot more headaches in preventing and reporting possible money laundering and other illegal activities conducted through payments transmitted by European wire transfers. Effective June 2017, financial firms — specifically banks — will have to monitor their wire payment messages more closely and file suspicious […]
SS&C Sued by Hedge Fund for Cyber Heist
Was incompetence, gross negligence, collusion or a good faith mistake the reason operations executives from fund administrator SS&C Technologies authorized the transfer of almost US$6 million from a client’s commodities fund to Chinese hackers? That is the question readers of a lawsuit filed by hedge fund Tillage Commodities Fund against SS&C Technologies will likely be […]
New York Proposed Cyber Rules: Too Much, Too Fast
Cutting down one risk — that of a cybersecuity breach — is promising to add a lot more risk of other kinds. Those would be increased costs and liability. The New York State Department of Financial Services has gone further than its federal peers by mandating hard and fast policies instead of risk-based methodology to […]
Outsourced Compliance Officers: Red Flag for SEC?
The decision of the US Securities and Exchange Commission to require fund managers to disclose on their Form ADV whether they have outsourced their chief compliance officer role is starting to cause some angst. Asset managers wonder if they will be targeted for additional scrutiny, only because they delegated their regulatory compliance work to an external provider. […]