Controlling With Confidence: A ‘How-To’ For Hedge Fund Managers

Dec 22 2014 | 12:52pm ET

By Robert M. Barsky
Principal, Information Technology Practice
C&A Consulting, LLC

In the best of times, hedge funds grow rapidly, outpacing the firm’s ability to upgrade services and infrastructure. The organization is both reactive and tactical, producing a collection of systems and processes that are complex, constantly changing and somewhat unpredictable. Numerous reconciliations are required, issues are regularly spotted in the annual audit, and the Form PF filing (for example) is submitted right at the deadline.

It is not necessary to overhaul the operating model or create a future state strategy in order to gain reasonable control over the operation.  A basic set of control procedures – check points – that are placed strategically throughout the workflow can provide management with a window into the operation and provide a degree of assurance that the processes are working as intended.  

At the same time, vendor managed services are being used increasingly throughout the industry.  This is a macro trend with many benefits, but presents a major challenge to controlling and managing the firm’s operating environment. Deployment of a well-designed control framework alongside the process workflow will enable the firm to make best use of its resources including third party services while protecting the integrity and security of the firm’s operating model.  
Control Frameworks: Internal And External

A control framework is a set of policies, controls, risk assessment guidelines, and backup procedures which, taken together, enable effective and cost-efficient management of essential functions such as Change Control, the Help Desk, Vendor Management and other processes throughout the enterprise. 

Organizing an effective control frame work involves several steps:

First is to identify a set of policies governing your technology, operations and financial operating model. These policies define the nature and scope of process oversight and reporting, and provide a guide to achieving policy objectives including: regular and defined oversight, assessment of operating risks, and provision for significant business disruptions.

Second is a comprehensive set of controls to assure that significant risks are identified proactively or timely noted for assessment when raised unexpectedly.  Regular processes, standards, and reporting enable a transparent and well managed operating environment within acceptable risk parameters.

Third is risk assessment which is the firm’s defined process for identifying and evaluating risk throughout the work flow.  Management of risk is an executive priority and the staff is trained to identify and escalate concerns as they arise in the operating environment.

Finally, procedures are put in place to enable a timely and effective response to a business disruption, enabling the firm to continue operating as close to ‘business as usual’ as possible.  The procedures are designed to facilitate a quick financial and operational assessment, protection of the firm’s books and records and other proprietary data, maintenance of reporting, and timely recovery and resumption of critical operations.

Also, in implementing an effective reporting framework, be sure that your users understand the assumptions and parameters used in compiling, organizing and presenting the data.

Best Practices For Managing Portfolio Risk

First an observation:  Firms often expect and allow their PM’s to manage their own risk information without an overall manager to assess the firm’s cumulative exposure, scenarios, and other risk factors.

The best practice here is to employ a dedicated risk manager whose purpose is to gauge the cumulative impact of all the strategies and exposures. This could include concentrations, over-extended leverage, exaggerated exposures, or the opposite, where the firm’s positions are unintentionally neutralized.

The risk manager, like the PM, looks for unintended consequences and ‘what-if’ scenarios, but over the firm’s entire portfolio.  The purpose is not to second guess the PM, although this often becomes a point of contention. 
Ultimately, the risk manager provides data, attributions, and other information which enables the firm’s leadership to make appropriate adjustments and informed strategic decisions.

In Conclusion

It’s very useful to set up control frameworks around critical systems and functions.  A control structure is practical from a managerial view, even if all of the functions are operated in-house.  Workflow can be defined and documented underneath the control structure and used to improve a process, train the staff, and increase transparency. 

Develop a business continuity strategy, not just a BCP.  Identify and focus on critical systems and staff.  Recognize and take advantage of recent advances in technology such as data compression for faster communications and storage efficiency, replication software and active/active data center configurations which eliminate latency and data loss even during a disruption.  Virtualized desktops enable users to work remotely without loss of efficiency or security.

And be sure to conduct regular disaster recovery tests!  

Author’s Note: C&A’s IT practice provides strategic guidance including technology, data security, operations assessments, future state roadmaps, and digital media planning, along with tactical assistance including business continuity planning, vendor evaluations, PMO, and data management and governance.

In Depth

PAAMCO: Will Inflation Deflate the Asset Bubble?

Jan 30 2018 | 9:49pm ET

As the U.S. shifts from monetary stimulus to fiscal stimulus, market pricing should...


CFA Institute To Add Computer Science To Exam Curriculum

May 24 2017 | 9:25pm ET

Starting in 2019, financial industry executives sitting for the coveted Chartered...

Guest Contributor

Boost Hedge Fund Marketing ROI By Raising Your ROO

Feb 14 2018 | 9:57pm ET

Tasked with delivering returns on client capital, a common dilemma for many alternative...