Don't Forget to Share this Post

2017 Outlook for Hedge Funds: Risk, Regulation and Cybersecurity

By Kaleigh Alessandro | Thursday, December 8th, 2016

2017 is already shaping up to be an interesting year. With a new presidential administration taking office and the hedge fund industry coming off the heels of a challenging year, there’s a lot to keep an eye on. We recently hosted a panel with law firm Morgan Lewis to discuss these and many other topics as part of our “2017 Outlook for Hedge Funds: Risk, Regulation and Technology” event.

Read on for some of our panel’s key takeaways.

2017 Regulatory Outlook

  • While little is known about how a Trump presidency will operate, there could be potential tax savings for managers depending on how the administration chooses to regulate Wall Street.

  • Firms should expect to see reforms with the Dodd-Frank Act and the Volcker Rule, which could add more competition into the marketplace if limits on bank investments are adjusted.

SEC Focus Areas

  • Top six areas of focus for the Securities & Exchange Commission will likely be: (1) expenses and fees, (2) trade allocation, (3) material non-public personal information, (4) valuation processes, (5) operating partners and due diligence, and (6) security, privacy, insider trading and business continuity.

  • Cybersecurity is not necessarily part of every SEC examination, however, the bar will continue to be raised in terms of preparations firms will need to employ.

  • In 2016, the SEC provided additional guidance on business continuity and transition plan requirements, highlighting the need for hedge fund and financial firms to maintain their fiduciary responsibility to their clients and investors.

Top Cybersecurity Risks for Hedge Funds

  • Phishing and social engineering schemes are a top threat for hedge funds and are continuously leading to more fraudulent wire transfers. As email is easily spoofed, fund managers should always execute a checks-and-balances system (e.g. call the alleged email sender) to verify the transaction and ensure the sender is making a legitimate request.

  • Firms need to leverage intelligent technology that adapts to new threats, but more importantly, need to train and educate employees on awareness of social engineering threats and how to avoid them.

  • One of the newer threats posed to investment firms is ransomware, through which a hacker essentially takes a firm’s data hostage until a ransom is paid. These types of security breaches highlight the need for strong backups and frequent backup and disaster recovery testing.

  • Zero-day exploits are also growing in popularity, as hackers take advantage of vulnerabilities before software and firewall vendors are able to remedy the issue.

Third Party Due Diligence

  • A hedge fund’s risk management program needs to start at the C-level in order to be effective.

  • Firms should not trust their third party providers implicitly, but rather conduct thorough due diligence on a regular basis.

Best Practices for Cyber Preparedness

  • Next-generation firewalls are growing in popularity, but can be tricky to perfect without a serious time commitment. It would be worth outsourcing this responsibility to a third party technology provider.

  • Written information security policies do not need to be dozens of pages in length. Hedge funds should ensure they are not too difficult or long for employees to understand, digest and practice.  

Hedge Fund Cybersecurity Whitepaper

You might also find these other hedge fund security articles interesting:

Don't Forget to Share this Post

Related Posts

How Can Eze Castle Integration help you?Contact us today!