From small boutiques to global giants, all financial management firms utilize third-party services to perform vital functions. Be it data providers like Bloomberg or risk control modules from lone independents, these outside vendors have become a seamless part of daily asset management. A risk exposure, of course, can occur if that third-party service becomes compromised. Despite all the strong governance policies or technological security measures a firm can have in place, it can still remain vulnerable to business disruption or malicious hacking through no fault of its own. A firm’s security and compliance are only as strong as its weakest link, and a third-party vendor is that link.
In today’s financial management world, asset management firms have more eyes on them than ever. Laws and regulations worldwide demand not only compliance, but a dedicated program to ensure that compliance takes place.
Fund domicile drives the type and level of documentation and structure. For the US, whether onshore or offshore, a typical framework will include the offering memorandum, governance documents that incorporate operating agreements, the memorandum and articles of association, and the subscription agreement.
The compliance program should of course have the framework for how the firm will perform, its standards for performance, and its means for review. It should be codified in a manual that outlines the firm’s code of ethics and its related polices, including the approach to valuation, trade errors, personal trading, allocation, soft dollars, and best execution guidance.
Investor due diligence will keep a firm on its toes, so firm’s employees should understand their programs intimately. Before investing, an investor will seek clarity and assurances on such matters as liquidity rights, liability and indemnification effects, and conflicts of interest. Everyone involved in the fund’s management should be able to answer these types of questions.
Perhaps the best way to develop a compliance program is to always operate as if an audit must pass the requirements of the Advisor’s Act and SEC requirements, even if the firm is not registered with the SEC as a registered investment advisor (RIA). This approach will accomplish two things: 1: meet investor expectations for a high level of legal compliance, and 2: have mechanisms already in place should the firm need to register as an RIA in the future. In other words, be forward-thinking on growth and scalability.
A compliance program can only be successful within the firm through leadership of senior management. As a component of inspiring trust and integrity in the workplace, leadership should set the example on the importance of adherence to the program. The compliance manual should always be available to staff, and leadership should actively confirm periodically through signed certification that the staff has received, read, and understood the process. A regular review of actions within the firm to determine if the compliance program is being adhered to will also send a signal to staff that high standards should always be met and motivate them to practice that adherence to strict standards.
By initiating the highest possible standards for compliance at the outset, firms can establish significant reputational value in the investor market as well as with governing authorities. Having a clear path of operation and execution in written form increases transparency, inspires trust across all interested parties, and reduce liability issues in the future.
How OpsCheck Can Help
OpsCheck is an Operations/Compliance Control and Oversight application that mitigates Operational Risk, enhances communication, offers full transparency, and makes everyone accountable. OpsCheck brings proven advances in task, project and workflow management software to you in a single tool. No more spreadsheets, emails and Outlook are needed for managing business operations. It’s easy to get started, easy to operate and is cost effective. Many reputable firms have already subscribed. Internal and external stakeholders will appreciate its value. OpsCheck promotes a culture of Operational Excellence!