Happy New Year! Here at Hedge IT, we’re looking forward to sharing more educational articles with you in 2016, but before we do, let’s take a look back at our readers’ favorite articles from last year.
Cybersecurity Regulations Take Center Stage
The Securities and Exchange Commission took major strides to regulate investment firm cybersecurity practices in 2015, with the release of multiple guidance updates (Click for the September 2015 update). At a high level, the SEC has identified the following six areas as paramount for investment firms to demonstrate preparedness:
In December 2015, we participated in a Wells Fargo Prime Services cybersecurity event and the panelists outlined everything your hedge fund needs to know about the SEC’s security expectations. Read “SEC Cybersecurity Checklist: 6 Areas Your Hedge Fund Better Have Covered” for the full scoop.
Welcome back for our monthly Eze Tech Tips Video.
2016 is just around the corner, which means we’re entering resolution time and the hedge fund launch season. So, here’s our list of the top four hedge fund IT mistakes you need to resolve not to make in 2016.
Earlier this week we presented at a Wells Fargo Prime Services breakfast briefing on cybersecurity. During the discussion, Stuart Levi of Skadden reminded attendees that the SEC has clearly defined (and communicated) its cybersecurity expectations. He recapped the following six areas advisers must have covered to demonstrate preparedness to regulators.
1. Risk Assessments
4. Access Control
5. Vendor Management
6. Information Sharing
Here's Eze Castle Integration's take on these focus areas:
#1 Risk Assessments
The April 2015 SEC Cybersecurity Guidance Update goes deeper into risk assessments expectations. Here are some key cyber risk assessment takeaways:
Define what confidential data is and determine how it's protected.
You must also understand where your data is located, how it is collected and who and what technology systems have access to it.
Registered investment advisers should have a clear understanding of the threat landscape, including potential internal and external risks as well as unique vulnerabilities specific to the firm. Evaluate a variety of potential scenarios as well as their likelihood to occur.
Once firms understand the risks facing their organization, they must conduct assessments of the existing controls and processes to ensure they account for the risk landscape and put the appropriate safeguards in place.
Be sure to understand the potential impacts of various cyber risk scenarios and outline specific protocols for incident response and quick resolution. The impact of cybersecurity incidents can range from financial to technological to reputational.
Finally, testing and assessing the governance structure, including administrative and technical safeguards, is key to ensuring effectiveness.
Gone are the days of management simply outsourcing responsibility to third-party experts and trusting them blindly. Telling the SEC, “we hired the best security consultant,” won’t cut it. Today management must understand their firm’s security posture and be able to outline the safeguards that are in place to minimize risk.
Additionally, management must instill the importance of security preparedness in all employees by making it a top-down priority.
The Financial Industry Regulatory Authority (FINRA) recently issued a notice that it has filed a rule that became effective on November 30, 2015. This rule, known as Rule 4380, grants FINRA the authority to designate member firms to participate in FINRA’s annual Business Continuity/ DR Testing under Regulation System Compliance and Integrity (SCI).
Regulation SCI was adopted by the Securities and Exchange Commission (SEC) in November of 2014 which detailed out specific requirements of FINRA to “establish, maintain, and enforce written policies and procedures that address, among other things, business continuity and disaster recovery." And as part of that FINRA must designate firms to participate in of its BC/DR Plans. The SEC adoption of SCI can be tied to experiences such as Superstorm Sandy which caused the securities market to close for two days.
FINRA Notification Process and Designation Criteria
FINRA will privately notify firms that meet the standards for designation. This will happen at least 90 day prior to the testing date. For the most part the designation criteria is based on volume of activity over a specified time period. For the most this equates to about 5-9 firms designated per system.
The following table provides details on the criteria designations.
Categorized under: Launching A Hedge Fund
A new year, which is just around the corner, brings us endless opportunities to improve. So here’s a list of the top 4 IT resolutions that will help keep your hedge fund safe and sound in 2016.
This post was contributed by Frank Serebrin, president and founder of InCapital Marketing.
If you don’t have a website, you don’t exist.
That’s the takeaway from…well, I can’t cite a study, but it’s my opinion.
Less than a generation ago, few businesses would consider not having their phone number published in the yellow pages. (Remember them?) Today, search engines have replaced phone books as the place most go for research and information. How can your potential new clients search you if you don’t have a website or social media presence?
Yet fifty-five percent of small businesses don't have a website, according to a 2013 survey of more than 3,800 small businesses conducted by Google. That's a slight improvement from the year before, when 58 percent said they didn't have a website.
You may think of yourself as a start-up hedge fund manager, or a Registered Investment Advisor, or a real estate private equity manager. And you’re still also a small business, too, at least as defined by the SBA.
Here are ten reasons why you may not have a site yet, and what you may do to correct the oversight:
1. I Don't Have the Time
Is this you? "I'm too busy trading…I’m on the road making sales calls…my partners and I have full time corporate jobs, too.” With all the demands on your time, a website can help sell your story while you build relationships and multi-task.
2. There’s No Money in the Budget
Is it that you don't have the money, or you haven’t figured out what your marketing budget should be? As a start up, your focus might understandably be on the legal costs of a private placement memorandum, and administrative, accounting, technology, trading, office space, and sales expenses.
How much capital are you looking to raise, and it what period of time? Is it $25 million? $50 million? $250 million or more? And you want to raise that from professional and sophisticated investors without the credibility of a website?
Effective hedge fund marketing strategies and materials allow firms to capitalize on new opportunities and stand-out from the crowd. However, crafting a unique story that reaches and motivates investors is challenging.
Today I moderated a webinar with speakers from Ovis Creative and Ledgex Systems looking at the current marketing landscape, marketing pitchbook best practices and the role of a hedge fund CRM platform.
Below you can watch the whole webinar or download the slides HERE.
To pique your interest, here is expert advice from Ovis Creative’s Creative Director, Lauren Colonna, about hedge fund pitch book best practices:
Don’t go overboard on the content. Create a cohesive but succinct story (total of 20 to 30 pages)
Focus on key pages with greatest opportunity for impact
Avoid overused terms; remember if a concept or phrase sounds generic to you... they are even more so to an investor who has heard the same theme over 1000 times
Maintain a consistent style, voice and tone (reflective of your pitch); Employ perfect grammar, succinctness, clarity and a consistent message
Use bulleted form rather than full text paragraphs; Consider a call out/side bar to enforce a key takeawayShe also covers what’s in a pitchbook, the role of a website and much more.
Our Eze Voice (think financial services grade VoIP) is now available to firms across the United States and United Kingdom. In honor of this global availability, we want to debunk some common myths associated with VoIP for financial services forms.
Voice over IP has come a long way especially in the business world, but many financial services firms still have hesitations about making the switch. Check out these five common myths about Voice over IP.
MYTH 1: Poor Call Quality – Everyone will know I’m on VoIP
Call quality is a key concern and can be impacted by a number of items including the network, available bandwidth and even the type of phones being used. However, a well-designed business-caliber VoIP system can deliver quality of service comparable to an in-house phone system. In business settings, where calls are made over private IP connections, Quality of Service (QoS) can be monitored and guaranteed because the entire IP connection is controlled by the party making the call.
When evaluating VoIP services, it is important to inquire about the underlying network and how voice traffic is prioritized and routed. You want a provider that has full control over network traffic and can ensure high quality of service. For added confidence, ask to speak with existing VoIP customers (over the phone!) to hear about their experiences first-hand.
MYTH 2: VoIP is Unreliable – I’ll Experience Downtime
A natural extension of the call quality concern is the reliability concern. While consumer-grade VoIP services work over the Internet to deliver low cost services, Business-grade VoIP services often use the Internet as a backup and have private IP point-to-point lines for primary connections. If Internet is the primary transit, be sure you are working with a VoIP provider who manages the entire network and has control over traffic prioritization. In most cases you want to ensure voice traffic takes precedent over data or travels on a different network.
This article first appeared in HFMWeek's Special Report: How to Start a Hedge Fund in the EU 2015.
HFMWeek catches up with Eze Castle Integration’s executive director, Dean Hill, to discuss the importance of selecting the right business service providers and the key technology factors new funds must consider when starting out in the EU.
HFMWeek (HFM): Are you seeing a healthy market for new hedge fund launches in the EU?
Dean Hill (DH): Yes. I think going into 2016 we will see an increase in terms of the amount of new hedge fund launches across the UK and European markets. Not only are these launches coming more frequently, but their size, structure and launch AuM is greater than anything we have seen in the last two-to-three years. It is certainly on the uptake.
Among the many technology decisions your firm will face during the launch phase is selecting the appropriate telecommunications needs to power daily operations. High-speed Internet and voice connectivity are necessary to access market data feeds, communicate with investors and facilitate trade orders and other investment decisions. To help you make an informed decision about your voice and Internet needs, we’ve provided a few suggestions below.
The Internet, of course, is an essential vehicle for collecting and distributing market data, as well as communicating with your clients, investors and partners via email. You’ll likely find four Internet access choices, depending on availability in your area. There are benefits and drawbacks to each, as described below.