diff --git a/apps/accounts/api/account/account.py b/apps/accounts/api/account/account.py
index 819e2da8c..a9edc25c2 100644
--- a/apps/accounts/api/account/account.py
+++ b/apps/accounts/api/account/account.py
@@ -37,6 +37,8 @@ class AccountViewSet(OrgBulkModelViewSet):
         'partial_update': ['accounts.change_account'],
         'su_from_accounts': 'accounts.view_account',
         'clear_secret': 'accounts.change_account',
+        'move_to_assets': 'accounts.create_account',
+        'copy_to_assets': 'accounts.create_account',
     }
     export_as_zip = True
 
@@ -112,18 +114,18 @@ class AccountViewSet(OrgBulkModelViewSet):
             except Exception as e:
                 creation_results[asset] = {'error': str(e), 'state': 'error'}
 
-        results = [{'asset': asset, **res} for asset, res in creation_results.items()]
+        results = [{'asset': str(asset), **res} for asset, res in creation_results.items()]
 
         if move and success_count > 0:
             account.delete()
 
-        return Response(data=results, status=HTTP_200_OK)
+        return Response(results, status=HTTP_200_OK)
 
-    @action(methods=['patch'], detail=True, url_path='move-to-assets')
+    @action(methods=['post'], detail=True, url_path='move-to-assets')
     def move_to_assets(self, request, *args, **kwargs):
         return self._copy_or_move_to_assets(request, move=True)
 
-    @action(methods=['patch'], detail=True, url_path='copy-to-assets')
+    @action(methods=['post'], detail=True, url_path='copy-to-assets')
     def copy_to_assets(self, request, *args, **kwargs):
         return self._copy_or_move_to_assets(request, move=False)
 
diff --git a/apps/accounts/filters.py b/apps/accounts/filters.py
index a27d2ba25..781312609 100644
--- a/apps/accounts/filters.py
+++ b/apps/accounts/filters.py
@@ -1,13 +1,14 @@
 # -*- coding: utf-8 -*-
 #
-from django.db.models import Q, F
+from django.db.models import Q, F, Value, CharField
+from django.db.models.functions import Concat
 from django.utils import timezone
 from django_filters import rest_framework as drf_filters
 
 from assets.models import Node
 from common.drf.filters import BaseFilterSet
 from common.utils.timezone import local_zero_hour, local_now
-from .models import Account, GatheredAccount, ChangeSecretRecord
+from .models import Account, GatheredAccount, ChangeSecretRecord, AccountRisk
 
 
 class AccountFilterSet(BaseFilterSet):
@@ -62,9 +63,20 @@ class AccountFilterSet(BaseFilterSet):
         if not value:
             return queryset
 
-        queryset = queryset.prefetch_related('risks') \
-            .annotate(risk=F('risks__risk'), confirmed=F('risks__confirmed')) \
-            .filter(risk=value, confirmed=False)
+        asset_usernames = AccountRisk.objects.filter(risk=value). \
+            values_list(
+            Concat(
+                F('asset_id'), Value('-'), F('username'),
+                output_field=CharField()
+            ), flat=True
+        )
+
+        queryset = queryset.annotate(
+            asset_username=Concat(
+                F('asset_id'), Value('-'), F('username'),
+                output_field=CharField()
+            )
+        ).filter(asset_username__in=asset_usernames)
         return queryset
 
     @staticmethod