The Hedge Fund COO’s Perspective on Risk
Risk. Across the financial services industry, it’s a buzzword right now, and rightfully so. Perpetuated by mounting regulatory change, growing cybersecurity threats and a challenging market climate, the focus on risk is one that grows with each passing day.
As such, we are hosting a 6-week webinar series, Risk Outlook, wherein we’re interviewing industry experts on a host of risk-related topics. To kick off the series, last week we interviewed Mark Strachan, chief operating officer and compliance officer for BBL Commodities, a New York hedge fund. Read on for a recap of my conversation with Mark or scroll to the bottom to watch the webinar replay.
Question (Q): The last 5-10 years have been challenging for the investment management industry, looking back to the 2008 financial crisis as well as with increasing regulatory initiatives and changes across the investor due diligence process. How have your views on risk and the risk landscape evolved during this time? Or have they evolved?
Mark Strachan (MS): I think they’ve certainly evolved. The core features of non-investment risk – such as operational, counterparty, regulatory, security and business risk – have been constant, but they have evolved in terms of their complexity, our experiences with them, the tools available to help mitigate exposure and the focus by investors through their due diligence process.
Q: You are responsible for investor relations to an extent and are heavily involved in running due diligence meetings with investors. What’s your specific take on how ODD has changed and what’s your philosophy for meeting today’s high demands for hedge funds?
MS: We enjoy due diligence meetings and view them as an opportunity to explain our operations, how we’ve thought about our business and what we’ve introduced in terms of procedures and control points. The ODDs vary in scope and depth, but the fundamental points are consistent: operational risk, cash management, business features – including human capital practices, counterparty exposure, compliance and, of course, cybersecurity, which has seen the biggest increase in focus.
Q: There’s been a lot of focus lately on third party oversight and managing relationships with outsourced service providers. You obviously leverage third parties to support various functions across your business. What’s your take on the risk involved with outsourcing and where does the pendulum fall in terms of risks realized in-house vs. via outsourcing?
MS: As complexity grows, I think the ability to leverage third parties for features of your process becomes more compelling, but at the end of the day, as COO you own the risk in the process. If the service provider or agent makes a mistake, the GP is probably going to blame you or at least expect you to measure, contain, fix and/or mitigate any issue. So I think it’s important to understand the role of any third party, understand their thinking and business dynamics and look to manage and partner with them accordingly.
Q: What is your biggest concern as a fund COO?
MS: Anything that can negatively impact the business. Cybersecurity is definitely up there.
Q: From a cybersecurity perspective, what do you see as a firm’s biggest exposures or vulnerabilities?
MS: I think you look to control what you can control. Educate your staff around obligations and best practices, and where possible, technically control behavior. Work with [third parties] to ensure that we have appropriate defensive systems and monitoring tools. Perform due diligence on third parties to ensure they recognize their obligations. We think about exposures in terms of impact, and with cyber, they are across the board.
Q: What do you envision the risk landscape to be as we move closer to 2017 and beyond? Where do investment firm COOs need to spend their time and money to ensure risk is mitigated across the firm?
MS: I think generally the challenge of cyber security is only likely to become more complex and the need for constant evaluation and upgrade of defensive measures; counterparty risk; and continued developments in the regulatory and tax regimes. I think the constants will continue to evolve, and it’s a case of prioritization for each. But whatever happens, technology will increasingly be at the heart of it.