PRIIPs RTS Adopted By EU Commission
Today (September 7, 2021) the EU Commission announced the adoption of the PRIIPs RTS with the effective transition date for UCITS KIID to PRIIPs KID confirmed for July 1, 2022.
Compliance Solutions Strategies Named to AIFinTech 100
CSS awarded for its digital transformation technology and data analytics solutions which enable clients to move from tactical to strategic compliance
NEW YORK, September 7, 2021 – Compliance Solutions Strategies (“CSS”), a leading RegTech platform providing technology-driven solutions which assist financial services firms in meeting their regulatory compliance requirements, today announced its inclusion in the AIFinTech100. Compiled by FinTech Global with winners selected by a panel of industry experts and analysts, the annual list recognizes firms for their innovative use of technology to solve a significant industry problem, or to generate cost savings or efficiency improvements across the financial services value chain.
The use of AI and data analytics has grown tremendously as financial institutions move towards digital transformation to optimize data, technology and operations, mitigate risk and automate manually intensive processes.
With its selection to the AIFinTech100, CSS spotlights how continuous innovation is core to its product development process. The company continues to expand and deliver market-leading automation and data technology solutions to enhance its innovative end-to-end platform, including:
- The optimization of the central data management solution that powers the CSS platform – the Regulatory Book of Record (RBOR).
- An advanced automation and workflow system for its integrated global Fund Reporting solution supporting the production and distribution of factsheets, prospectuses and other key investor documents, such as UCITS KIID and PRIIPs KID, alongside support for the ESG disclosures envisioned by the EU Sustainable Finance Disclosure Regulation.
- The launch of the first pre-trade solution on the market for position limit monitoring leveraging automation technology.
- AI-based technology to build a comprehensive cybersecurity risk management program that includes dark web monitoring.
- The continued development and enhancement of automated rules engines across the CSS platform to enable data testing and analysis in support of global regulatory requirements.
“We’re excited to be included among the world’s most innovative FinTech companies,” said Doug Morgan, CEO of CSS. “CSS is committed to partnering with institutional asset managers, hedge funds, private equity firms and insurance companies to help build a resilient data management infrastructure and provide the agility and efficiencies to accelerate their digital transformation strategies.”
Evolving Threats: Battling COVID and Ransomware Variants
As the world prepares to address emerging COVID variants, there is another threat to people’s security: emerging ransomware variants.
As defined by the FBI, ransomware is: a computer program created by a malicious actor to
- infect a computer or server,
- encrypt its contents so they cannot be accessed or used, and
- allow the malicious actors to demand that a ransom be paid in exchange for the decryption key.
Ransomware attacks have already reached record numbers in 2021. Some of the emerging variants include: LockBit, Hive, Egregor, Pay2Key, RansomExx, and Everest. Ransomware attackers are becoming more aggressive with their strategies – including by shifting more to data exfiltration before locking the data and preventing its use by legitimate company users. There have been reports of hackers cold calling victims to pressure them into paying to regain access to their data and even going so far as to threaten employees.
Hackers have been able to take full advantage of the ongoing pandemic. The large-scale increase in employees working from home has created an opportunity for more attacks. In addition to sending emails with malicious links and attachments, hackers have been able to use stolen Remote Desktop Protocol credentials to gain access to networks. Once access is gained to the domain controller, hackers can spread malware to any endpoint within the network.
With the large threat posed by ransomware attacks, it is important to ensure that strong cybersecurity programs are in place. Some best practices for avoiding such attacks include:
- Regular data backups
- Cybersecurity training
- Phishing testing
- Strong passwords combined with multifactor identification
- Dark web monitoring for compromised credentials
Much like the coronavirus variants which have emerged, ransomware variants continue to evolve and present a dangerous threat to organizations. A multi-pronged approach is key, but we also must remain nimble enough to evolve our defense methods to keep pace with the evolving threats.
For more information on CSS’s Cybersecurity Services and Solutions, email us at cybersecurity@cssregtech.com
ESMA Issues National Rules on Notifications of Major Holdings
Holders of securities on European markets: Today ESMA issued a new edition of its must-have reference for investment managers notifying national regulators of their shareholdings at threshold levels. The Practical Guide contains each EU country’s rules on notification deadlines, whom to notify, what form to use, how to send the disclosure, and other key information.
CFTC Cracks Down on Position Limit Violations
The CFTC imposed a $1.5 million fine on a major global food processor for position limit and related violations. See the details here.
SEC Charges Firms for Cybersecurity Deficiencies
SEC charges three firms for cyber deficiencies when phishing attacks and credential stuffing resulted in the firms’ cloud-based email accounts being compromised and client PII exposed. Enforcement penalties ranged from $200k to $300k per firm, revealing that the SEC means business when it comes to enforcing expectations for cyber controls.