ACA Group (ACA), a leading provider of governance, risk, and compliance solutions for the financial services sector, has announced the launch of Aponix Foundations, a new self-service SaaS platform designed to simplify cybersecurity oversight. The program enables firms to establish core cyber governance practices without the high costs or complexity of building a dedicated in-house function.

Developed by ACA Aponix, the firm’s cybersecurity and risk management arm, Aponix Foundations delivers automated capabilities tailored to the needs of wealth managers, broker-dealers, venture capital firms, and asset managers.

Cyber Technology Insights : The National Cyber Security Agency (NCSA) – State of Qatar Partners with ISASecure

Cybersecurity continues to dominate compliance agendas in financial services. ACA’s 2025 Investment Management Compliance Testing Survey revealed that 55% of firms increased their cybersecurity testing this year, ranking it among the top three compliance priorities. Yet, many organizations still struggle with visibility and oversight, especially when IT operations are outsourced.

Aponix Foundations bridges this gap by equipping compliance teams with a self-service governance framework. Integrated into ACA’s ComplianceAlpha platform, the solution acts as a centralized hub for assessing risks, monitoring vulnerabilities, and managing cyber controls alongside broader compliance functions. Each implementation also includes a consultation with ACA experts to review results, prioritize remediation, and create a forward-looking roadmap.

Key Capabilities of Aponix Foundations:

  • Risk Assessment – Proprietary evaluations that generate findings, recommendations, and ratings, followed by a review session with ACA consultants.
  • Risk Register & Management Tool – Tools to prioritize and address identified risks effectively.
  • IT & Compliance Checklist – Guided steps with cadence tracking for essential cyber activities.
  • Employee Training – Web-based learning modules for staff awareness.
  • Threat Monitoring – Continuous domain surveillance with automated alerts.
  • Weekly Vulnerability Scanning – Ongoing scans with downloadable reports to support audits and regulatory exams.

Cyber Technology Insights : OX Launches VibeSec to Prevent Vibe Code Vulnerabilities From Ever Being Generated

By putting oversight directly into the hands of compliance officers while complementing managed service providers’ IT operations, the program enhances accountability and helps firms align with regulator expectations.

“Aponix Foundations was created to give compliance officers peace of mind that cyber risks are being properly identified and addressed,” said Christine Tetherly-Lewis, Partner and Head of ACA’s Cybersecurity and Risk Advisory division. “With regular scans, continuous monitoring, and audit-ready evidence, firms can achieve effective cyber oversight without the need to build an in-house function.”

“This offering isn’t limited to wealth managers. It’s built for any financial services firm that hasn’t yet established its cybersecurity governance framework,” added Kerry Rider, Partner and Head of ACA Wealth. “By providing a structured, self-service platform, Aponix Foundations enables organizations that outsource IT to maintain accountability, manage risks strategically, and stay prepared for regulatory scrutiny.”

Cyber Technology Insights : Hack The Box Launches Threat Range to Advance Security Operations Teams’ Readiness

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com