Whether you're shopping around for new outsourced providers/business partners or just reevaluating them, it’s always important to consider the vendor’s approach to continuity and how that could impact your business. If your firm has a comprehensive business continuity plan in place and you conduct regular BCP tests, you might think your responsibility ends there. However, if the service providers that you engage with do not also have proper disaster recovery systems and business continuity plans and test said plans regularly, they are exposing your firm to serious risk and may be the weakest link in your continuity or recovery.
To properly conduct review and discussion with vendors and business partners, firms should have a series of questions and discussion points ready. Four critical areas you may want to review include continuity program activities, disaster recovery system details, business continuity procedures, and communication practices.
Continuity Program Activities: This would include ensuring that the vendor or business partner regularly reviews and updates necessary plans and procedures. Do they conduct ongoing tests of their disaster recovery systems? They should also be testing and exercising their business continuity plan. Lastly, it’s also critical that they provide employees with necessary training on these plans, both at the outset of the plan implementation and at least annually.
Disaster Recovery Systems: During vendor discussions and evaluations, ensure your business partners are identifying the location or locations where data is backed up. They should also identify recovery time objectives (RTO) related to that data and compare that desire with the RTO outlined within the existing plan. This is important as it relates to recovery time, since it will outline at which point after a disaster you are expected to have access to critical systems and data. If RTOs are unclear, you run the risk of being unable to work or access data or information you need, potentially disrupting clients and even violating contracts or regulations.
Categorized under: Business Continuity Planning
In the last decade, the financial services industry has seen a dramatic increase in the number of high-profile cyber-attacks. Data breaches have risen in frequency, sophistication and risk impact. In light of this trend, emerging and established firms alike must consider measures to mitigate these growing risks. During this week’s session of our Hedge Fund Launch Webinar Series, Nicole Segal and Gamelah Palagonia of Willis Towers Watson spoke with us about how to leverage cyber and privacy liability insurance, as well as offered insight in to the evolving nature of cybercrime.
“In the past two years, there’s been more talk than action,” Palagonia began. In the past, most hedge funds didn’t feel like they had exposure because they weren’t collecting personally identifiable information (PII) or credit card information. Now, with the threat of ransomware and damage to digital assets looming, hedge funds are increasingly interested in cyber insurance. Our guests acknowledged, however, that new SEC guidelines have also played a large role in shaping how firms consider cyber insurance. “There was a shift at the SEC level from a compliance-based to risk-based approach,” said Palagonia. “You can’t just wait until an event happens to remediate it.”
Segal noted that despite increased regulatory exposure, the general insurance market for hedge funds has reacted quite favorably. In the past two or three years, many insurance companies have entered the marketplace for underwriting for hedge funds on both the property and casualty side. Rates are dropping dramatically, and coverage terms are relatively favorable at this point in time. For example, many of the required coverages for startups come in business packages at oftentimes reasonable costs. Some of this must-have coverage typically includes property & casualty, general liability and worker’s compensation.
Categorized under: Launching A Hedge Fund
The official definition given in TechTarget’s IT Dictionary reads: “Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. Authentication is a process in which the credentials provided are compared to those on file in a database of authorized users’ information on a local operating system or within an authentication server. If the credentials match, the process is completed and the user is granted authorization for access.”
At the heart of authentication is controlling access to ensure individuals only access the information they need. With stories of password compromises becoming more common it is important to understand the types of authentication factors available and good computing practices.
As part of Information Security Planning, firms should also identify applications, services or websites that require at least one level of authentication (e.g. password protection, PC certificate, or security tokens) as well as any that may require multi-factor authentication.
Following are the three commonly used authentication factors:
This week, we had the pleasure of speaking with Shelly Rosenweig, Partner at Haynes and Boone LLP, who discussed the importance of compliance as well as the 2016 examination priorities of the SEC. Throughout the webinar, Shelly reminded attendees about the importance of undertaking compliance measures right at the start of a launch, not only for regulatory purposes, but to demonstrate to prospective investors commitment to compliance.
2016 SEC Examination Priorities
There are four priorities for the SEC that any startup manager will want to be aware of:
Exempt Reporting Advisors (ERA) – An exempt reporting advisor is any advisor that takes advantage of the venture capital fund advisor exemption or the private fund advisor exemption. The private funded advisor exemption is available to investment advisors whose clients are solely comprised of private funds who have less than $150 AUM and are not required to be registered as an advisor in the state where their principal office is located. In November of 2015, OCIE began to examine ERAs as part of their routine examinations.
What can ERAs do to prepare?
Ensure your information provided on your ADV application is accurate and consistent. The ADV application is required to be updated annually and when changes occur.
Make sure marketing and advertising material are in compliance with the anti-fraud provisions of the Advisers Act preventing advisors from engaging in manipulative activity. For example, advisors are surprised to learn that performance returns may only be disclosed to prospective investors in certain instances
Confirm you are in compliance with the “pay to play” rule under the Advisers Act (Rule 205). Pay-to-pay generally refers to various arrangements by which advisers may seek to influence the award of advisory business by making or soliciting political contributions to government officials charged with awarding such business.
Comply to the Books and Records Requirements under the Advisers Act. This technically only applies to registered advisors, but the SEC has championed the importance of organized record keeping. These records fall under two categories, the first being general accounting. These are business records, such as keeping ledger of sales. The second is additional records, such as memos describing disciplinary events.
A virtual family office is a lean single family office that uses a high level of outsourcing to keep the staff as low-cost and flexible as possible. A virtual family office and single family office are essentially one in the same, but the former model is most typically used by families with just $20M-$200M in assets under management, where a customized model is needed but not all of the overhead and support of a fully-fledged single family office.
Virtual family offices first gained modest popularity in the 1990’s, particularly in London, Zurich, and New York, as wealthy families heard about the benefits of having their own single family office and desired the direct control that can be designed into such a structure. As the family office industry has expanded over the past 20 years, this term has become more common and will likely gain traction in the future as families continue to seek out customized, affordable family office solutions.
Three Benefits of a Virtual Family Office
One might wonder why a family would set up a virtual family office rather than hiring a multi-family office or establishing a full-fledged single family office. Here are the three benefits of a virtual family office that are most often cited by families:
Direct Control & Flexibility: If you don’t like one person on the team, you replace them; if you want to reshape your team, your portfolio, etc., you can do so swiftly at your own discretion. If you hire a multi-family office or wealth management firm instead of a virtual family office, you may feel “stuck” with the team that is assigned to you and have little flexibility to pursue a different wealth management approach. Many families have recently wanted to conduct more co-investments and club deals, for example, and a team may be re-built around that need very quickly.
Diverse Investment Perspectives: If you hire a Chief Investment Officer (CIO) to only manage your family’s wealth, they may soon lose track of what other families are investing in and techniques they are using. Inside of a virtual family office, however, you could use a multi-family office asset management service or outsourced CIO. You could negotiate the management of liquid assets or additional areas of your investment portfolio to be administered by a leading multi-family office and they would gladly accept your business.
In my experience, this is not common practice but it can be a tremendous benefit for families that use this strategy. Most virtual family offices hire an outsourced CIO who helps hire and fire investment fund managers, reviews deal flow, helps manage real estate investments, and is responsible for the overall investment portfolio design and risk management. In either case—hiring a multi-family office or outsourced CIO—you get the benefit of using the best practices collected from serving multi-family offices, but within the structure of a single family office. Yes, you can gain this perspective as a traditional single family office, but likely at a higher price point, which leads us to the next benefit.
Categorized under: Launching A Hedge Fund
To help emerging hedge fund managers we are running a 6-week Hedge Fund Launch Webinar Series. This week we were joined by Frank Napolitani, Director, Financial Services at EisnerAmper. During the 30-minute interview, Frank shared insights on the benefits of outsourcing to service providers as well as advice on how to conduct proper due diligence on front, middle, and back office operations.
The Learning Curve
“There is a learning curve to get your hands around what it takes to run a business,” Frank began. Often, he said, a portfolio manager that has left a larger hedge fund complex or investment bank knows perfectly how to run a book, but has little knowledge about how to run a business. The smartest managers, Frank said, are the ones who “sit back, listen, and consult a number of different service providers in the space before moving forward.”
He went on to note that the operational due diligence (ODD) industry has grown dramatically post-Madoff. While a manager’s pedigree, investment process, and performance used to take precedence, it is now front, middle, and back office operations plus legal compliance that are most important.
Frank warned: “Keep everything up to date.” Sophisticated investors will follow up quarterly, twice a year, or annually. Because they collaborate with many ODD teams, research teams will immediately have a feel for what is right and what is wrong with a manager from a front, middle, and back office perspective. “They won’t waste too much time on someone they won’t seriously invest in,” Frank concluded.
This article is contributed by Richard Wilson of Hedge Fund Blogger and provides unique advice for setting up a family office entity.
The topic of how to setup a family office is deep and could cover a full week long intensive workshop, but for those looking for some of the basics we have come up with a checklist that will get families pointed in the right direction. This checklist is based on our work meeting face-to-face with 1,000 family offices now, and currently acting as CEO of a single family office with $500M that we helped a family start earlier this year.
Family Office Startup Checklist
As you start your family office, ensure the following:
A Family Compass document has been created to ensure that from the beginning, the vision, objectives, goals, values, mission, and history of the family has been documented and incorporated into the investing and operating plans of the single family office.
An operating plan on how day-to-day activities are carried out within the single family office has been established. A binder has been created which documents each of the Key Performance Indicators and critical processes to ensure the family office is operating as it should.
Financial controls are in place to prevent embezzlement, unauthorized investments, and style drift within an investment portfolio.
A core team has been identified and one individual has been appointed as the single family office CEO and/or CIO to act as the key executive making operational and/or investment decisions.
Categorized under: Trends We're Seeing
For any new investment startup, the task list is lengthy. Beyond investment priorities and strategy decisions, new managers are also grappling with securing office space, ordering technology, engaging with service providers, and much more. One aspect often overlooked is human resources. To kick off our Hedge Fund Launch Webinar Series, we invited Maya Cohen, Senior Vice President at TriNet, to share HR priorities for startup hedge fund managers.
Human Resources Challenges for Investment Startups
HR can pose a challenge to any new business owner. If you’re venturing out from a larger institution, you’re used to relying on a large HR department to meet your needs and answer your questions. Now, as the employer for the first time, you’re expected to fill that role seamlessly. You’ll soon be faced with situations unfamiliar to you: creating initial offer letters, negotiating healthcare costs, and dealing with employee terminations. You’ll need to think about the type of work environment you want to foster. Will it be casual or formal? Will you offer rich benefits to employees? How will you handle payroll questions? These are just a sample of the decisions you’ll need to make as you start your hedge fund.
On Monday, March 21st at its California headquarters, Apple unveiled a new iPhone and iPad, as well as announced improvements to current products. Fittingly, CEO Tim Cook also discussed security at length – not shying away from concerns resulting from the current fight with the FBI. "We believe strongly that we have a responsibility to help you protect your data and protect your privacy. We owe it to our customers, and we owe it to our country,” he said. The key takeaways from the event are summarized below.
The 4-inch iPhone SE
The new iPhone was introduced as having all the power of the iPhone 6s, but with the aesthetic of the iPhone 5. The reason, said Apple VP Greg Joswiak, is simple: “For some people, they simply love smaller phones.” With a $399 price point, analysts believe that the new phone is Apple’s attempt to penetrate the fastest-growing markets of India and China, specifically “prepaid consumers who cannot afford, or are not familiar with, bigger screen smartphones,” said Neil Mawston, an analyst at Strategy Analytics.
The iPhone SE promises an A9 processor with faster LTE and Wi-Fi speeds, better battery life, 4k and 240 fps slow-mo video recording, live photo support, and Apple Pay. The 16GB model, as well as a 64 GB model for $499 go up for pre-order on March 24, 2016, with the first units shipping March 31, 2016.
9.7 inch iPad Pro
The “baby brother” to the 12.9 inch screen iPad Pro that some consumers deemed too large, the new 9.7 inch model is roughly the same size as the iPad Air 2 but with features like Apple Pencil, Apple’s Smart Keyboard, a 12 MP rear camera with 4K video recording and live photo support, and a 5 MP front-facing camera. In addition, the screen of the new iPad pro will be 40% less reflective than that of the iPad Air 2, but will be 25% brighter.
A feature called “True Tone” will benefit designers by constantly checking the lighting of the room and adjusting accordingly for color accuracy. Three models will be available for pre-order March 24, 2016: the 32GB for $599, 12GB for $749, and 256GB for $899.
Because holiday expectations weren’t high enough for parents masquerading as the Easter Bunny or Elf on the Shelf, the latest craze is now centered around St. Patrick’s Day, giving parents the new role of leprechaun. Setting leprechaun traps the night before St. Patty’s has emerged as the newest trend for kids hoping to discover where the mighty leprechaun has hidden his pot of gold – or at least hoping to snag some chocolate coins.
But there is another trap you should be wary of, and that’s the one hackers are setting for you right now. A phishing trap.