Today we released a new whitepaper that looks at a growing trend we are seeing -- billion dollar hedge funds and investment firms moving to the cloud. Here is a sneak peak at the paper's content as well as a video interview with Bob Guilbert on why firms should read, Why the Billion Dollar Club is Headed to the Cloud.
It’s More Than Managing Money
There’s more competition in financial services than ever before. Every week, new and agile boutique firms sprout up, armed with proprietary models and the right technology foundation to compete – intensely – with the major players for billions of investment dollars. Firms of every size are competing to deliver broader ranges of increasingly exotic instruments, specialized funds, and high-performance investments that deliver competitive returns to investors whose demands and expectations continue to climb.
But when it comes to performance and success in financial services, there’s more to evaluate than just the hard numbers. Returns alone aren’t enough. Today, savvy firms know they need to deliver more. In a post-Madoff, post-2008 world, the SEC and FINRA – and investors as well – are scrutinizing all corners of the operation. There’s an increased focus on how operational risk is managed and how firms respond to greater demands for transparency. That means it’s more important than ever for firms to deploy and maintain robust, scalable, and secure technology infrastructures.
Hedge funds have known for some time the importance of effective cybersecurity, and regulation increasingly enforces this as a requirement. For any practice to be effective, however, there are a number of factors which need to be considered prior to implementation. Eze Castle’s Lisa Smith recently sat down with HFMWeek Magazine to talk about how to meet and understand the new cybersecurity guidelines advised by the SEC. Following is an excerpt of the article.
The SEC's cybersecurity questionnaire sets the framework and best practices for the financial industry. When you consider the type of information that hedge funds are handling on a day-to-day basis, it's really important that they have security controls in place. The questionnaire is a way for the SEC to ensure that hedge funds, private equity and investment management companies are taking security controls seriously and are aware of what's in place for their company.
HFMWeek (HFM): Within the sample SEC cybersecurity request document, questions were divided into five categories. What is the SEC looking for in these categories?
Lisa Smith (LS): Identification of risk in cybersecurity governance - this involves an analysis of what's in place. So for instance - when I conduct a business assesment I'll focus on what's currently in place versus what should be in place in accordance with the recommendations from the SEC. Anything that is not in place that should be goes into our risk assesssment summary and is categorized as low, medium or high. It's about ensuring that hedge funds have certain controls and security policies in place to protect their environment and data.
At Eze Castle Integration, we seek a variety of skill sets when we look to hire new engineers. We not only look for solid technical skills and experience, but an array of core competencies that we have found are critical for quality IT pros. To help you in your firm’s quest for a premier IT team, here are a few of the core competencies we like to see in our technology candidates:
Communication and Interpersonal Skills
IT pros need to be more than extremely intelligent and skilled in their field; they require interpersonal skills and finesse.
IT staff work with clients (internal or external) every day, sometimes day and night. It is critical for their communication to be clear and consistent at all times.
Common sense, good judgment and the ability to be resourceful are all necessary skills on the job.
Firms should also look for candidates with the ability to simultaneously understand business issues and communicate solutions effectively from a technical standpoint. Not every end user has a degree in information technology – successful IT managers should be adept at framing technical situations in a way that’s easy for non-technical users to understand.
Categorized under: Hedge Fund Operations
As your firm evaluates moving to the cloud – as most firms today will inevitably do – your list of priorities will likely include:
Regulatory and investor impact
Migration plans and operational effects
Hardware disposal and infrastructure changes
But another critical business area your firm should put some thought into is the effect of the cloud movement on your internal IT department (assuming you have one). What exactly happens to a firm’s IT team once it moves operations into a cloud environment? Is there still value in maintaining an in-house staff?
The simple answer is ‘yes,’ but the day-to-day responsibilities for those staffers may not look quite the same post-cloud. With a fully managed service provider, everyday management is typically taken care of – leaving internal resources with a lot more time on their hands. But that doesn’t mean there’s no longer a need for an IT department.
In Part 1 of our Transformation of IT seminar recap, we shared what our expert panel discussed relative to evaluating outsourced solutions and leveraging technology solutions. Our panel included Vinod Paul, Managing Director, and Steve Schoener, Vice President, at Eze Castle Integration, John Budzyna, Managing Director, and Dave Messier, Director, at KPMG, Timothy Ng, Managing Principal at Clearbrook Global Services, Jon Anderson, Global Head of OTC Derivatives at SS&C GlobeOp and Sheldon Rubin, COO/CFO/CCO at S Squared Technology LLC.
Read on to see what our speakers had to say about the considerations for outsourcing, typical transformation challenges and more. You can also read Part 1 of the event recap or listen to the complete audio replay.
Q: Whether it's technology, compliance or another area of the business, firms ultimately need to decide if they are going to manage these areas internally or outsource to an expert vendor. How does a hedge fund determine what is the right solution for them and whether to outsource or maintain their own systems and operations?
When considering internal operations vs. outsourcing, a firm must determine which option gives it the most control over the given process. The firm is not only considering outsourcing technology but also outsourcing control.
The annual gathering of Apple’s developers took place earlier this week in San Francisco, and top Apple execs Tim Cook, Phil Schiller and Craig Federighi took center stage to reveal what new products and features users can expect to see from Apple in the near future.
Before we get into the specific announcements from the Worldwide Developers Conference (WWDC), let’s talk numbers and take a look at what Apple has been up to as well as their growth as a company:
9 million registered Apple developers (47 percent increase from 2013)
800 million iOS-powered devices sold to date
80 million Macs have been installed to date
130 million new customers in the past year
1.2 million apps currently available in the App store
75 billion apps downloaded to date
12% growth in the Mac market share (whereas PC has declined)
Earlier this month alongside KPMG, we hosted a seminar in New York on “The Transformation of IT and Hedge Fund Operations.” We asked experts to examine the changes impacting hedge funds today and the future of this industry transformation. Our distinguished panel included Vinod Paul, Managing Director, and Steve Schoener, Vice President, at Eze Castle Integration, John Budzyna, Managing Director, and Dave Messier, Director, at KPMG, Timothy Ng, Managing Principal at Clearbrook Global Services, Jon Anderson, Global Head of OTC Derivatives at SS&C GlobeOp and Sheldon Rubin, COO/CFO/CCO at S Squared Technology LLC.
Below is a brief recap of the topics discussed during the lively event. To listen to the full audio podcast of the event, click here.
What do you see as the greatest transformation the hedge fund industry has undergone or is currently in the midst of?
There is more acceptance of outsourcing. Many firms are leveraging outsourced service providers for front office support, for example, and leaving their in-house departments to focus on the core business.
Many firms starting today don’t even consider building out a middle and back office – they immediately look to outsourcing. The quality and opportunities provided by outsourced service providers, including administrators, are much better than they have ever been before.
According to Forrester Research, it is “inevitable that enterprise IT in 2020 will be a hybrid mix of on- and off-premises services. While [a firm’s] particular mix of actual cloud services will vary, it’s unlikely that any enterprise IT shop will still be primarily focused on configuring server, storage, and network devices as a core competency. The shift to business technology and IT-as-a-service is well underway, so you can either ignore it, try to contain it, or embrace it.”
So when it the right time for a hedge fund to make the cloud move?
For newly emerging investment firms, the choice to adopt a cloud-based architecture is an easy one. Few firms have a business model where an on-premise solution makes strategic or economic sense -- but what about established firms that have been in business for several years and have invested millions of dollars in technology? When is the right time to make a move?
Opportunities and timing will vary, but generally speaking, the following three scenarios represent ideal inflection points for moving to the cloud:
Office Relocations: This is an ideal time to switch to the cloud. Many hedge funds are understandably reluctant to take on the expense of moving a massive, expensive, and often outdated infrastructure to a new location – particularly if the company expects to phase out certain portions or components in the following 24-36 months. In such cases, migrating to the cloud before relocating an office can be a smart move.
New Applications: Larger investment firms with larger application sets often find that a transitional strategy is best. Abrupt migrations to the cloud can be disruptive. In those instances, investment firms often find that new applications can start in the cloud – no subsequent migration needed. And those deployments are faster. While few IT portfolios will see 100 percent turnover in the short term, this strategy can simplify any migration of on-premise applications to the cloud by minimizing the work required when the company finally makes its move.
Cybersecurity is a hot topic these days, so I thought it was important to touch on the importance of including cybersecurity in your firm’s Business Continuity Planning (BCP). Ideally, firms should have two separate plans: a Written Information Security Plan (WISP) and a Business Continuity Plan, keeping in mind there will be some high-level overlap.
Let’s start with the basics, such as access controls and permissions required for accessing data that is considered confidential. Access controls focus on preventing unauthorized use of an application, service, website, etc., to gain access to confidential data. Only specific users will have a business need to access confidential data. During the Business Impact Analysis (BIA) phase of business continuity planning, be sure to identify applications, services or websites that require at least one level of authentication (e.g. password protection, PC certificate, or security tokens).
We’re back for Part Two of our UK Cloud Summit seminar recap. Last week on Hedge IT, we explored connecting to the cloud. In today's article, we will dive into the most talked about UK regulation: the Financial Conduct Authority’s (FCA) Dear CEO letter. We will cover how the letter affects IT outsourcing and the steps firms can take to mitigate service provider risk and adhere to the Dear CEO letter guidance.
The “Dear CEO” letter was issued in December 2012 to all UK asset managers and expressed concern about the endemic outsourcing risk in the sector, particular around asset managers having effective business continuity plans (BCP) and exit strategies in place with their service providers in the event of service provider failure.
Since the letter was issued, the FCA has asked firms to demonstrate they have a clear handle on what they outsource and why, a full understanding of the potential impacts of failure, and contingency plans that are viable, robust, and realistic.