Successfully launching a hedge fund is a complex endeavor. Not only must emerging managers evaluate traditional deployment strategies, but consider current factors influencing the financial landscape.
Last week, Eze Castle Integration presented a webinar, “How to Launch a Hedge Fund,” featuring an expert panel that addressed some critical areas for consideration, notably capital introduction, legal and technology. There was quite a bit of content discussed during the 1-hour event, so we’ve pulled out some key takeaways.
Capital Raising (Paul Schultz, Director of Capital Introduction, Wells Fargo Prime Services)
Examine both content and context, i.e. cash inflows and outflows as well as the “big picture” that accounts for volatility
Be aware of the kinds of investors coming into the hedge fund space. Large and institutional pension plans are currently the largest investor base.
Be prepared when speaking to investors. Target those who have a history of being receptive to founder share class and who may offer lower management and performance fees.
Show investors that you have a 3+ year budget for working capital without any performance fees.
Have a well thought-out blueprint. Clarity and intention make all the difference.
Categorized under: Launching A Hedge Fund Cloud Computing Security Disaster Recovery Hedge Fund Due Diligence Hedge Fund Operations Hedge Fund Regulation Infrastructure Communications Outsourcing Business Continuity Planning Trends We're Seeing Videos And Infographics
Today’s the day.
The National Futures Association ("NFA") Interpretive Notice Regarding Information Systems Security Programs goes into effect. The NFA's Interpretive Notice to NFA Compliance Rules 2-9, 2-36 and 2-49 entitled Information Systems Security Programs requires Member firms to adopt and enforce written policies and procedures to secure customer data and access to their electronic systems.
The Cybersecurity Interpretive Notice applies to all membership categories--futures commission merchants, swap dealers, major swap participants, introducing brokers, forex dealer members, commodity pool operators and commodity trading advisors.
Rather than taking a ‘one-size-fits-all approach,’ the Cybersecurity Interpretive Notice adopts a principles-based risk approach to allow Member firms some degree of flexibility in determining what constitutes "diligent supervision," given the differences in Members' size and complexity of operations, customer types and counterparties.
But whatever approach is taken, the Cybersecurity Interpretive Notice requires Members to adopt and enforce an information systems security program (ISSP) appropriate to its circumstances.
Information Systems Security Program Key Areas
Similar to the SEC’s expectations, the Cybersecurity Interpretive Notice requires a written information security program to contain:
A security and risk analysis;
A description of the safeguards against identified system threats and vulnerabilities;
The process used to evaluate a security incident, including impact and incident response; and
Description of ongoing education and training related to information systems security for employees.Executive-level participation and annual review of the information security program is expected. Additionally, firms must provide employees training during the onboarding processes as well as periodically during employment.
Categorized under: Security Launching A Hedge Fund Hedge Fund Insiders Disaster Recovery Hedge Fund Due Diligence Hedge Fund Operations Hedge Fund Regulation Business Continuity Planning Trends We're Seeing
Investment firms often place too much emphasis on managing portfolios and not enough on managing the business as a whole. Particularly for startups entering a competitive marketplace, expectations are high. That means you have to demonstrate to investors that you take your business seriously and that you’ve made investments in your operations, technology, etc. that will fortify your firm and provide a solid foundation for investment success.
The decisions you make from the outset will define how your firm is regarded within the industry, by both investors and competitors. By taking into account all aspects of your firm and relying on trusted service providers to support operations, you prove to the greater investment industry that you should be taken seriously and can operate successfully in a challenging environment.
Transparency is of critical importance.
Since the 2008 economic collapse and scandals caused by the likes of Madoff, transparency has become a key requirement for investors. Nothing less than full disclosure is expected of firms from the newest launches to the most established investment firms. As such, fund managers should take this to heart and make strong efforts to comply with increasing investor expectations.
The following is the second excerpt from our new whitepaper, Launching a Hedge Fund: 10 Keys to Success. To read part one, click here.
Develop an IT budget for your first 2-3 years.
Operating capital may be limited in the first few years after your launch, so careful budgeting and long range planning will serve your firm well. Your information technology budget should include priorities and figures for at least two to three years, including infrastructure/hardware and software requirements. Some questions you’ll want to consider:
How many offices are you launching with? Do you plan to open additional offices in the near future?
How many users do you have on day one? How many can you expect to have in years 2 and 3?
Where are your offices located? Are there cost differences between domestic and international offices?
What are your trading practices and how does this impact your budget?
What kinds of systems do you need? (Order Management, Portfolio Accounting, Risk Management, CRM, etc.)
Ensure your technology budget coincides with your firm’s growth plan. Do you expect to grow quickly? Open new offices? Expand internationally? You will need to account for these changes.
Understand hedge fund regulations and how they affect your firm.
Governmental oversight of the financial industry has evolved dramatically in the last decade. Hedge funds, private equity firms and registered investment advisers now operate in a world where they are beholden to regulatory bodies with growing expectations and requirements. When launching your hedge fund, you’ll need to be clear up front with any responsibilities you may have to any applicable agencies – in the United States, that means the Securities and Exchange Commission (SEC). Are you required to register? If so, represent your firm accurately and be descriptive of your operations. If not forthcoming, you may open up your firm to serious regulatory and criminal prosecution.
Categorized under: Launching A Hedge Fund Cloud Computing Security Disaster Recovery Hedge Fund Due Diligence Hedge Fund Operations Hedge Fund Regulation Infrastructure Communications Outsourcing Business Continuity Planning Software Trends We're Seeing
The following is an excerpt from our new whitepaper, Launching a Hedge Fund: 10 Keys to Success. Be sure to come back to Hedge IT next week as we reveal more of our key considerations for starting a hedge fund.
Do your legal homework.
One of the first decisions you’ll need to make as a new investment manager is how to set up your hedge fund. Your organizational structure will typically reveal itself as a limited partnership (LP) or limited liability company (LLC). You may also consider a master-feeder fund structure, which could provide favorable benefits, and a domestic or offshore choice may also come into consideration. Many of these decisions will be impacted by the assets you plan to launch with or if you’re using or planning to solicit seed or acceleration capital.
Based on these structural decisions, you’ll need to determine your tax implications as well as regulatory requirements. In the United States, the Securities and Exchange Commission (SEC), under the Dodd-Frank Act, requires asset managers managing more than $150 million in AUM to register and hence meet a host of reporting requirements.
Create a marketing plan.
Once upon a time, hedge fund marketing was generally frowned upon, and in some cases, illegal. It wasn’t until the JOBS Act was enacted in 2013 that hedge funds finally had the opportunity to shed their fears of noncompliance and publicly market and advertise their funds. There are a variety of communication options firms can use to solicit investors – from traditional print and websites to social media, video and email marketing. Regardless of how, firms should build comprehensive marketing plans that will support their business beyond the launch phase.
Today's hedge funds are facing an environment defined by regulatory pressure, investor demands and fierce competition. For hedge fund startups, the challenges are even greater, so too are the demands. Successfully operating a new startup beyond the first year is a feat many managers struggle to accomplish, therefore it's critical for emerging managers to gain a full understanding of the industry that awaits them and the hurdles they should expect to face.
While the list of considerations is surely long for new managers, we've whittled it down to 10 Keys to Launching a Hedge Fund Successfully - a guide for new startups to use when setting off on their new journey.
Take a look at our latest video for a quick look at our 10 Keys to Success. And be sure to come back to Hedge IT later this week when we'll be sharing an excerpt from our brand new whitepaper on the same topic!
Categorized under: Launching A Hedge Fund Cloud Computing Security Disaster Recovery Hedge Fund Due Diligence Hedge Fund Operations Hedge Fund Regulation Infrastructure Communications Outsourcing Business Continuity Planning Trends We're Seeing
Spam is essentially a term used to describe emails that make their way into a recipient’s inbox without their consent. According tothe Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), almost 90% of all email is considered spam. Due to this shocking number, spam filters are widely used to assist users in keeping tabs on emails that are actually relevant. How do these spam filters work? We don’t know a lot about the algorithms used to operate them, and that’s probably a good thing. With that type of information floating throughout the web, spammers would be able to easily beat these filters, and we’d see cluttered inboxes everywhere. But despite our lack of knowledge on the intricacies of spam filters, there are a few red flags to avoid and best practices to adopt to keep genuine emails from entering total oblivion.
How Spam Filters Work
As mentioned, no one can be 100% certain how a spam filter flags an email, as they use many different benchmarks to judge an incoming message. A few hallmarks include:
IP Address – If your IP address has been flagged for sending spam in the past, it will impact the deliverability of your mail. This extends to your ISP as well. Where some ISPs attempt to eliminate spam from their servers, some take a more relaxed approach to spam.
What The Email Looks Like – Filters will look at the subject line and body of an email. If the filter deems either of the two to resemble spam, then your email likely won’t make it into someone’s inbox. Words and phrases such as “free” & “buy now” are often cited as trigger words.
Code – An innocent mistake many users make is using text formatted from Microsoft Office applications. Unfortunately, this creates rather messy HTML code with unnecessary lines of coding.
With threats of data loss increasing in both numbers and severity, it is no surprise that data security is on everyone’s mind within the financial and investment industry. Regulatory agencies and investors now expect businesses to have backup solutions and comprehensive record-keeping practices. Understanding the need and importance of implementing a backup solution can add instrumental value to your business.
We at Eze Castle Integration have identified the top four reasons why backups are critical to not only a firm’s growth, but also their survival.
1. Regulatory agencies demand security of financial records.
The Securities and Exchange Commission (SEC) has instituted regulations on the storage of financial records and electronic communication, and financial industry regulatory agencies such as FINRA now provide standards and guidance information on potential threats. In addition, international regulators such as the FCA, a financial regulatory body in the United Kingdom, are also demanding firms to have a data backup solution.
The reasoning behind these recommendations is the volume of things that can go wrong with your data storage solution. From hardware failure, software corruption, virus or network security breaches, to natural disasters and human error, the threat to your data is endless. With today’s financial services companies managing exponentially growing volumes of sensitive data, the risk of loss grows as well.
The cyber insurance industry is growing at a rapid pace as firms look to implement safeguards to protect sensitive data and financial information from ending up in the wrong hands. As hackers become savvier and cyber schemes more elaborate, many firms are relying on cyber liability policies to add an extra layer of protection.
In some cases, however, insurance coverage has not satisfied the demands of firms and instead left them feeling scammed a second time.
One example of this comes from Texas where a manufacturing firm is suing their cyber insurance provider for refusing to cover a loss that came at the hands of a phishing scheme. According to the provider, the loss – of $480,000 – did not meet the specific criteria needed for a successful claim.
Situations like these are reminders for Chief Financial Officers and Risk Officers to carefully comb their cyber insurance policies to gain a comprehensive understanding of what exactly is covered – and what is not.
Our friends at Willis Holdings Inc. work with investment firms regularly to craft cyber liability policies and provided their take on the insurance landscape as part of our Hedge Fund Insiders Article Series:
BY: John Mullen and Jennifer Coughlin, Lewis Brisbois Bisgaard & Smith, and Talene Megerian and Kristin Zieser, Willis FINEX Claims & Legal Group
The Cyber risk landscape is rapidly evolving. Governments are facing an unprecedented level of Cyber attacks and threats with the potential to undermine national security and critical infrastructure. Similarly, businesses across a wide range of industry sectors, particularly those in the health care, retail and financial services industries1, are exposed to potentially enormous liability and costs as a result of Cyber incidents and data breaches.
Given the risk landscape, it is no wonder companies of all sizes continue to be subject to increasing data breach liability, both in the form of single plaintiff or class action lawsuits and regulatory investigations and proceedings. Negligence, breach of fiduciary duty and breach of contract are just some of the allegations that a company may face as a result of a systems failure or lax security that compromises the security of customers’ personal information or data.
In an interconnected world, social platforms such as Facebook, have evolved into components of our everyday lives. Real-time updates keep us in the loop with popular events, friends, “liked” company pages, the latest apps and so on. Behavior quizzes offer entertainment to discover your celebrity and fairytale doppelgängers, or breakfast food and ice cream personality matches. To partake in this social extravaganza, we hand over our personal information freely, forgetting its value somewhere between each hashtag and viral post.
It seems that every hour emerging innovations and dynamic social platforms open the threshold of new opportunities to share and attain information. Typical data requested from social sites may include your full name, age, sex, birthday, relatives, photos, account access, etc. However, what most people don’t realize while tuning out to plug in our witty social facts, is the depth of personal data they’re unwittingly dispensing to persons, companies and third parties unknown.
When it comes to social media engines, when did people become the mindless machines pumping out sensitive information?