There is only one "AccessControlList".

Each rule set contains exactly one Default rule.

The Firm Code specified in the PcRuleset must match the Firm Code of the parent FcRuleSet.