In today’s competitive market, research management software (RMS) has become a must-have integrated feature for investment management firms. Significant benefits offered via RMS have caused a ripple effect of soaring adoption rates across the global investment industry. In this article we’ll examine how adopting a research management solution could benefit your firm.
With offices, colleagues and clients spread across the world, firms need to consolidate data in an organized fashion. From meeting and call notes, to audits and analyst reports, the demand for readily accessible information is ever burgeoning. Storing information within multiple programs and folders not only welcomes disorder and the opportunity for digression in the workplace, but also increases costs and wastes valuable time. This prehistoric method of aggregating data has been replaced with advanced RMS, a much more viable, flexible and comprehensive solution. Hosting a firm’s data within a user-friendly, central repository simplifies processes, optimizes productivity and uncovers new business opportunities. When selecting a RMS, managers may consider a generic or industry-specific product. While both options present benefits, the latter assimilates seamlessly with an investment firm’s daily workflows, terminology and diverse range of data. An ideal RMS will also offer customization, accessibility and integrate with other applications, such as Outlook.
On December 9, 2015, Wells Fargo Prime Services and Eze Castle Integration hosted a panel on cybersecurity to discuss the current landscape. The panel featured leading industry experts including:
Eldon Sprickerhoff, Founder & Chief Security Strategist, eSentire
Stuart Levi, Partner, New York, Skadden, Arps, Slate, Meagher & Flom LLP
Vinod Paul, Managing Director, Eze Castle Integration
Timothy O’Brien, Supervisory Special Agent, Cyber branch, Federal Bureau of Investigation – New York Office.
Marc P. Berger, Partner, Government Enforcement, Ropes & Gray LLP
Marc Berger’s opening statements emphasized the extent of the cybersecurity threat currently facing firms across a wide swath of industries. He quoted FBI Director James Comey, who stated: “There are two kinds of big companies in the United States. There are those who’ve been hacked … and those who don’t know they’ve been hacked ….” (FBI Director James B. Comey, 60 Minutes, CBS TV Interview, October 5, 2014). Alarming statistics from the Ponemon Institute’s 2015 Cost of Cyber Crime Study, conducted with HP Enterprise Security, found that the average cost to resolve a single cybersecurity incident is $1.9M, and the average time to resolve is 46 days. Perpetrators range from nation-state-sponsored hackers and disgruntled/rogue employees to organized crime units, activists, and other thieves.
With a new year brings new excitement and new ambition. Across the hedge fund and alternative investment industry, firms are devising new strategies and implementing plans to drive growth and increase returns. In 2016, we expect the following industry trends will play a role in shaping many of the decisions hedge funds and other investment management firms make.
Hedge Fund Cybersecurity 2.0
Last year, cybersecurity took center stage across the investment community, and there is little doubt that it will continue to dominate in 2016. If we can assume that firms used 2015 to shore up security practices and have, at minimum, established a baseline for protecting firm assets with firewalls, password protections and penetration testing, we can expect 2016 to take cyber preparedness to the next level in the form of advanced features and analytics including phishing and social engineering tests, designed to increase the level of preparedness held by firm employees. With cyber-attacks increasing in sophistication, firms will need to spend time in 2016 working with managed providers and internal IT teams to continue the education process and identify strategies to outsmart hackers.
Operational due diligence has become a hot topic that continues to gain importance and attention throughout the alternative investment industry. Over the past few years, as regulations have changed and investors increasingly seek transparency, funds are spending more time than ever preparing for the due diligence process.
It is no surprise that the investment industry landscape is becoming more and more competitive. As this trend continues, investors are raising their expectations and looking towards funds that display the highest levels in operational excellence. One important way to ensure your firm meets these high standards is to complete a due diligence questionnaire (DDQ) that can be shared with potential investors.
A comprehensive DDQ covers a wide range of topics, from assets under management to audited financial statements and investment strategies. One major area of focus is the fund’s IT and accompanying cybersecurity policies and procedures.At Eze Castle, we frequently assist our hedge fund clients in completing DDQ questions on technology, and we often see the same types of questions popping up. So, to help you get started, we have compiled the following list of some frequently asked DDQ questions.
Earlier this week we presented at a Wells Fargo Prime Services breakfast briefing on cybersecurity. During the discussion, Stuart Levi of Skadden reminded attendees that the SEC has clearly defined (and communicated) its cybersecurity expectations. He recapped the following six areas advisers must have covered to demonstrate preparedness to regulators.
1. Risk Assessments
4. Access Control
5. Vendor Management
6. Information Sharing
Here's Eze Castle Integration's take on these focus areas:
#1 Risk Assessments
The April 2015 SEC Cybersecurity Guidance Update goes deeper into risk assessments expectations. Here are some key cyber risk assessment takeaways:
Define what confidential data is and determine how it's protected.
You must also understand where your data is located, how it is collected and who and what technology systems have access to it.
Registered investment advisers should have a clear understanding of the threat landscape, including potential internal and external risks as well as unique vulnerabilities specific to the firm. Evaluate a variety of potential scenarios as well as their likelihood to occur.
Once firms understand the risks facing their organization, they must conduct assessments of the existing controls and processes to ensure they account for the risk landscape and put the appropriate safeguards in place.
Be sure to understand the potential impacts of various cyber risk scenarios and outline specific protocols for incident response and quick resolution. The impact of cybersecurity incidents can range from financial to technological to reputational.
Finally, testing and assessing the governance structure, including administrative and technical safeguards, is key to ensuring effectiveness.
Gone are the days of management simply outsourcing responsibility to third-party experts and trusting them blindly. Telling the SEC, “we hired the best security consultant,” won’t cut it. Today management must understand their firm’s security posture and be able to outline the safeguards that are in place to minimize risk.
Additionally, management must instill the importance of security preparedness in all employees by making it a top-down priority.
This article is contributed by Richard Wilson of Hedge Fund Blogger and provides unique hedge fund marketing tactics that managers should investigate further while attempting to raise capital for their funds. The topics covered include public relations management and educational marketing.
Public relations has to be one of the most ignored marketing tools of hedge fund managers today. I have worked with over three dozen hedge funds on their marketing plans and capital raising efforts. So far, the most intense public relations effort I have seen set forth was a single press release over a four-year period. This is not to say that any hedge fund that is not publishing at least four press releases per year is doing something wrong. However, many could benefit by simply making themselves more available to the press.
The media is hungry for real time opinions of hedge fund managers, traders and marketers. They need comments on current market conditions, trends in hiring and firing of traders and portfolio managers and what prospects lay ahead for the industry as a whole. Many hedge fund managers shy away from contributing to stories in the press. I would strongly encourage you to speak with your legal counsel and see if they would approve of your discussions with the media if you stick to industry trends, general market trends and long-term movements you are seeing within the industry.
Effective hedge fund marketing strategies and materials allow firms to capitalize on new opportunities and stand-out from the crowd. However, crafting a unique story that reaches and motivates investors is challenging.
Today I moderated a webinar with speakers from Ovis Creative and Ledgex Systems looking at the current marketing landscape, marketing pitchbook best practices and the role of a hedge fund CRM platform.
Below you can watch the whole webinar or download the slides HERE.
To pique your interest, here is expert advice from Ovis Creative’s Creative Director, Lauren Colonna, about hedge fund pitch book best practices:
Don’t go overboard on the content. Create a cohesive but succinct story (total of 20 to 30 pages)
Focus on key pages with greatest opportunity for impact
Avoid overused terms; remember if a concept or phrase sounds generic to you... they are even more so to an investor who has heard the same theme over 1000 times
Maintain a consistent style, voice and tone (reflective of your pitch); Employ perfect grammar, succinctness, clarity and a consistent message
Use bulleted form rather than full text paragraphs; Consider a call out/side bar to enforce a key takeawayShe also covers what’s in a pitchbook, the role of a website and much more.
To quote our latest Tech Tips video, "when things are good, they’re good. But when things turn bad, it could be downright scary," so here is our latest video that covers four signs you may be outgrowing your IT service provider.
This article first appeared in HFMWeek's Special Report: How to Start a Hedge Fund in the EU 2015.
HFMWeek catches up with Eze Castle Integration’s executive director, Dean Hill, to discuss the importance of selecting the right business service providers and the key technology factors new funds must consider when starting out in the EU.
HFMWeek (HFM): Are you seeing a healthy market for new hedge fund launches in the EU?
Dean Hill (DH): Yes. I think going into 2016 we will see an increase in terms of the amount of new hedge fund launches across the UK and European markets. Not only are these launches coming more frequently, but their size, structure and launch AuM is greater than anything we have seen in the last two-to-three years. It is certainly on the uptake.
The following article is part of our Hedge Fund Insiders Article Series and was contributed by Haynes and Boone, LLP. Read more articles from the Series HERE.
Cybersecurity risks pose an increasingly significant threat to investment advisers. In early 2015, the Securities and Exchange Commission’s (the “SEC”) Office of Compliance Inspections and Examinations (“OCIE”) identified its annual adviser examination priorities which reflect certain practices perceived to present heightened risk to investors and/or the integrity of US capital markets, one of which was cybersecurity compliance and controls. In April 2015, the SEC’s division of investment management (the “Division”) issued guidance (the “Guidance”)  reinforcing cybersecurity as a priority for advisers and suggesting that advisers implement cybersecurity risk assessment plans, response strategies, and written policies and procedures. Included below are measures advisers should consider (some of which are directly from the Guidance) when addressing cybersecurity risks relating to their operations:
Risk Assessment. Advisers should conduct assessments of: (1) the nature, sensitivity and location of information that it collects, processes and/or stores and the technology systems it uses; (2) internal and external cybersecurity threats to and vulnerabilities of the adviser’s information and technology systems; (3) security controls and processes currently in place; (4) the impact should its information or technology systems become compromised; and (5) the effectiveness of the governance structure for the management of cybersecurity risk.