The results from our Global Hedge Fund Technology and Operations Benchmark Study are in and here is a snapshot of the 2014 findings. You can find the complete report here. We surveyed 279 buy-side firms across the United States, United Kingdom and Asia in order to discover their front, middle, and back office technology and application preferences.
Respondent Profile[Hedge Funds by Type]All survey respondents fell into the following categories within the financial industry: hedge fund (58%), asset/investment manager (13%), private equity firm (3%), fund of fund (3%), and family office (3%). Additionally, 13 percent fell into an ‘other’ category, which included financial firm types such as venture capital, advisory, fund management, quant and wealth management.
Firms surveyed fell into three asset groups: thirty-three percent (33%) reported their assets under management (AUM) as less than $100 million; twenty-eight percent (28%) fell between $101 and $500 million; and the majority (39%) reported over $500 million AUM.
In regards to investment strategy, long/short equity continues to dominate as the most favorable with 50 percent (50%) of respondents reporting this to be their primary investment strategy. Additional preferred strategies include credit (8%), fixed income (6%), emerging markets (5%), event driven (4%), and distressed debt (3%). Twenty-four percent (24%) of firms fell into an “Other” category that included a wide variety of investment strategies such as commodities, derivatives, merger arbitrage, relative value, securities, global macro, and long only. In 2014, the top primes employed by firms are Goldman Sachs, Morgan Stanley, JP Morgan, Credit Suisse and UBS (same as 2013 results).
In it's fourth year running, our Global Hedge Fund Technology Benchmark Study reveals the top technology systems and applications used by investment management firms around the world. And while we aren't due to officially release the results until tomorrow - register for our webinar to hear them live - we thought we'd share a little sneak peek in the form of an infographic.
Take a look below and discover how your hedge fund and investment management firm peers are using technology to power their firm operations.
Categorized under: Hedge Fund Due Diligence Launching A Hedge Fund Cloud Computing Security Hedge Fund Operations Hedge Fund Regulation Infrastructure Communications Outsourcing Software Trends We're Seeing Videos And Infographics
Last week, we co-hosted another exciting Hedge Fund Startup event with KPMG in New York and had a great turnout of fund managers looking to learn more about everything from legal and tax implications to technology must-haves and capital raising strategies.
Since technology is clearly our forte, we wanted to share some of the key takeaways from our “Achieving Institutional-Grade IT” panel, featuring speakers from Evercore Partners, Bank of America Merrill Lynch and, of course, Eze Castle Integration. Here are the highlights:
State of Emerging Manager Market
The hedge fund startup market is healthy, and investors’ appetite for emerging managers is strong
Investors are attracted to nimbler, hungrier nature of emerging managers.
Key Priorities for Startups in 2014/2015
Select the right service providers to support your business.
Understand your firm’s vulnerabilities and exposures.
The operational due diligence process is changing, therefore firms need to understand the protections they have in place to secure investor assets.
Over the years, cybercrime has evolved, matured and increased in frequency. Target groups vary from case to case and victims range from big merchants and high-end retailers to celebrities and common folk. On the eve of Halloween, we’ve dug up some of the scariest cyber-attacks in 2014.
One of the more innovative hacks in recent years started making headway in Great Britain in September 2013. CryptoLocker utilizes malware to encrypt and freeze victims’ sentimental and valuable files on infected computers. After successfully locking the computer, a ransom note appears on the victim’s screen demanding money in return for their files. If the victim fails to make payment, the computer remains locked and files are unsalvageable.
More than $100 million in losses were attributed to the cybercriminals’ schemes as well as hundreds of thousands of infected computers. Computer security companies estimate that CryptoLocker infected over 234,000 computers worldwide, including more than 100,000 in the United States.
In any relationship, when things are good, they’re usually pretty good. And when things are bad, sometimes they are really bad. There may come a point when you need to evaluate whether you’re still a good fit together.
Just like with a romantic relationship, your firm’s connection to a service provider (especially an infrastructure/cloud provider you rely on daily) should be strong enough to withstand a few hiccups and healthy enough to warrant open communication at all times. In some cases, it might be clear that you’re in a good place and moving forward together, but sometimes there are sure signs it’s time to call it quits.
Here are a few of those signs:
1. Your provider’s service levels are not up to snuff.
Maybe you recently experienced a major service outage or find that you not-so-conveniently have to work around confusing and interrupting maintenance schedules during work hours. You’re constantly frustrated and don’t feel like you are receiving the level of support that was agreed to – both verbally and as part of your Service Level Agreement (SLA).
Your SLA should clearly indicate the uptime standard (e.g. 99.995% availability) as well as repercussions to any breaches in the contract (for example, service credits) and associated RPOs if disaster recovery is involved
We are excited to be sponsoring the 2014 EzeSoft Client Conference later this week in Boston. For those of you who aren’t familiar, Eze Software Group is the owner of the order management system, Eze OMS, which is frequently used by hedge funds and asset managers across the globe.
As a preview to this week’s conference, we thought we’d dial it back to basics a little and explain exactly what an order management system is and why it’s a critical piece of software for many investment management firms today.
On our recent Hedge Fund Marketing and Due Diligence webinar we looked at how the hedge fund investor due diligence process is evolving especially in terms of scrutiny on technology processes and security safeguards.
The reality is that investors have a greater understanding of technology, are asking more probing questions and care about the responses they receive. We’ve even heard investors say that deficiencies in IT infrastructure and security contributed to the decisions to redeem from or not invest in a fund.
So at Eze Castle Integration we regularly assist our hedge fund clients in completing the IT portions of investor due diligence questionnaires. The wording of questions varies but here is a handy list of 51 common IT due diligence questions we see.
Provide an organization chart for the Company, its affiliates and key personnel.
Provide the physical address and general contact information for each of the Company’s office locations.
Provide the name and contact information of the Company employee(s) assigned to the client’s account(s).
Provide a list of compliance personnel, their roles and qualifications, the date of his/her appointment and position within the Company’s organizational structure.
Cybersecurity is a hot topic -- and rightfully so -- as headlines tout new vulnerabilities or incidents with increasing frequency. In the fight to prevent attacks, technology safeguards are typically the focus. A firm must have layers of security that include, but are not limited to, anti-virus, firewalls, intrusion detection systems and Internet monitoring and reporting, as well as procedures that restrict and monitor access.
However beyond technology, the role employees play cannot be underestimated. The reality is that employees can be one of a firm’s best lines of defense or weakest link. The deciding factor in which way it swings often comes down to access control policies and cybersecurity training.
Getting the Access Right
Employees require access to the data necessary to complete their job functions. But beyond that, firms should be limiting what data employees have access to. It’s not about not trusting your employees, but more so about not trusting the technology behind those employees. The less data employees can get to, the less damage can be done via an internal breach or external hack.
The SEC Cybersecurity Risk Alert issued in April 2014 highlights the importance of access control by asking about the controls a firm maintains to “prevent unauthorized escalation of user privileges” and how firms “restrict users to those network resources necessary for their business functions.”
Part of a firm’s cybersecurity planning must be defining how company data is protected, where it is located and who has and needs access. Once access levels are defined, they must be reviewed at least annually to ensure adherence firm wide.
Security has been THE topic of 2014 thus far and was amped up last week when many A-list celebrities’ phones were hacked and racy photos released. The hack was allegedly the result of an iCloud infiltration, prompting many Apple users to question the company’s privacy settings. In response, Apple CEO Tim Cook released a letter to consumers, and the company’s website will now feature a privacy section:
Apple’s privacy site includes details on both the built-in security features within Apple devices as well as how users can manage their own privacy settings and tailor them to individual needs. Here is a brief snapshot of some security functions highlighted:
Built In Privacy
iMessages and FaceTime calls are protected with end-to-end encryption
iMessages and SMS messages are backed up to iCloud, but can be turned off by the user
All iCloud content is encrypted in transit and when stored (in most cases)
iCloud Keychain allows users to create strong passwords and stores them securely without giving Apple access
Safari blocks third-party cookies on all devices and offers private browsing
Last week our SVP of client technology, Steve Schoener, presented at a hedge fund due diligence event on the topic of protections in the cloud.
Since cloud security and ensuring a hedge fund’s data is protected is such a hot topic we thought we’d share his presentation. In a nutshell, the presentation looks at the layers of security that should be built into a cloud environment, which includes deep and detailed practices around:
Principle of Defense in Depth
Principle of Least Privilege
Audit & Logging
Secure User Authentication Protocols & Encryption