Operational due diligence (ODD) is a challenging undertaking for any business, including the obligations on dealer group portfolio managers. Christopher Addy examines the five-stage process that can enhance the ODD process within a business.
In the 2014 edition of Insight magazine, the Australian Prudential Regulation Authority (APRA) outlined its expectations for due diligence to be performed on investment managers by APRA regulated superannuation entities, with a special focus on the need for, and importance of, operational due diligence (ODD).
Since then, Australian superannuation funds - together with asset owners and advisers - have given increasing attention to the need for ODD and, more practically, the processes and procedures which can be put in place to establish an effective ODD program.
The following article outlines Castle Hall’s view of the evolving due diligence landscape globally, of which Australia, particularly given APRA’s attention to the subject, is at the leading edge. For investors new to ODD, Castle Hall recommends a five-stage process:
- Establish a due diligence policy – risk based, covering all asset classes and external manager relationships
- Establish responsibility for ODD as part of governance, risk and compliance
- Identify operational due diligence risk areas
- Develop an effective reporting process
- Develop an effective ongoing monitoring process
But firstly, what is Due Diligence 3.0?
Before 2008, operational due diligence was an optional, ‘nice to have’. I call this period Due Diligence 1.0:
Pre Madoff. For those investors who did conduct ODD, the process, scope and methodology of emerging ODD programs was variable. Equally, there was a lack of commonality among hedge fund operating structures, exemplified by the existence of many self-administered funds.
In the Post 2008 Due Diligence 2.0 world, some level of operational due diligence is now performed by virtually all asset owners. Diligence scope and methodology has also become somewhat more standardised, although some investors continue to have a ‘light touch’. Equally, manager operational structures are now more uniform, benefiting from better systems and technology, a wider bench of experienced talent, and more transparency around the industry as a whole.
But now, there is a new model for asset owners called Due Diligence 3.0. This applies as follows:
Multi asset class: Operational diligence should be applied across all third party asset manager relationships, not just hedge funds. Investors focused on governance, risk and compliance, now require consistent operational risk information across all fund and account holdings.
A risk-based approach: Operational risks for managed funds, long-only managed accounts, private equity funds and real estate investments are very different, as compared to a traditional hedge fund. Different diligence procedures should be adopted to reflect different asset classes.
Real time monitoring: Traditional ODD has focused on a schedule of in person diligence meetings, with the output of each ODD cycle often limited to a report memorialising information gathered during each meeting. This process is then repeated every 1-3 years.
Due Diligence 3.0 introduces a new operating model: the foundation of an effective ODD program is now an active, real time monitoring program, where the annual onsite visit and resulting diligence report is just one tool in a far broader toolbox of diligence procedures.
Fintech: Technology has become critical to process ever increasing amounts of public and private information. Systems, bandwidth to curate data, quality reporting and dashboard capabilities are vital to give asset owners an effective view of portfolio risks.
5 key areas for Operational Due Diligence enhancement
So, when implementing or enhancing a best practice operational due diligence program, the following is the five-stage process that needs to be undertaken for any effective ODD program.
- Establish a due diligence policy
Managers and investors are familiar with compliance manuals, valuation policies and disaster recovery plans, but the ODD policy is a relatively new concept. However, a policy document should be the foundation of the ODD process, outlining clear procedures for initial operational diligence on new allocations and, thereafter, policies for the conduct of ongoing diligence on invested positions.
A well drafted ODD policy will outline a risk-based approach, recognising the different operational risk profiles of different types of investments (from long-only managed accounts, public and private pooled funds, hedge funds, private equity vehicles and so forth), and also take account of investment materiality.
However, as a core concept, a threshold level of operational diligence should be completed on all third party asset managers, both when new managers are on board and then as part of an effective ongoing monitoring program.
- Establish responsibility for ODD as part of governance, risk and compliance
One of the key elements of the due diligence policy is to establish which functional area within an organisation has responsibility for ODD.
As ODD has gained importance and adoption, it has become firmly entrenched in the governance, risk and compliance (GRC) agenda. Placing ODD in the protective, risk-mitigating framework of GRC highlights the need for segregation of duties between front and back-office diligence.
Given the evident conflict between market and business risk (for example, what happens when a hedge fund has attractive returns but weak operational controls?), ODD should not be performed by investment teams that are compensated for portfolio performance. The same conflict also impedes the ability of external investment consultants, who are equally focused on investment returns, to conduct operational diligence.
Instead, ODD should be performed by risk specialists, who report directly to GRC functional areas, such as compliance, internal audit and risk management.
- Identify operational due diligence risk areas
ODD seeks to identify, manage and mitigate non-market risk. This focuses on three primary categories:
- The business risk of the management company (the entity responsible for investment decision-making);
- The legal risk of the fund entity (the product owned by the investor); and
- The operational risk of the control environment (the controls and procedures in place to prevent fraud, theft of assets and ensure that investment transactions are accurately recorded).
As part of these three ODD categories, there are seven specific areas that should be included in each operational diligence review. They are:
- Security over the existence of assets
Diligence should identify and verify custodians, prime brokers and derivative counter parties. Additional procedures are required for non-custodied assets, such as private equity holdings and direct loans.
- Controls around trade capture and accounting
Internal to the manager organisation, each asset manager should implement appropriate controls around trade execution, confirmation, settlement and reconciliation. To the extent that mid or back-office functions have been outsourced, investors should gain a thorough understanding of the responsibilities of external vendors and evaluate their resources, systems and overall effectiveness.
- Controls over cash movements
Investors should require asset managers to implement robust controls around transfers of client money held in funds and other client accounts. A single professional within the asset manager should not, for example, be able to disburse fund assets on his or her sole signature; rather, client money controls should require dual signatories and a segregated prepare/approve/release procedure.
- Controls around asset valuation
Diligence should evaluate the fund’s valuation policy, the role of the valuation committee, and procedures adopted to ensure accurate valuation adopted by the investment manager, the fund administrator, and third-party valuation agents, if any.
Extensive diligence attention should be given to illiquid, hard to value securities.
The risk of deliberate mis-evaluation is clearly far greater with respect to assets that lack an active trading market and have no transparent, independent pricing sources. However, it’s typically these assets, which are precisely the securities most susceptible to deliberate mis-marking, where administrators are typically ready to accept manager originated prices, rather than independently sourced prices.
- Service providers
Alternative asset funds may use external fund administrators, valuation agents, information technology providers and compliance consultants. Appointments should be verified, and the function and capability of each vendor evaluated. Issues such as legal and contractual liability should be considered. A recent trend, for example, is for fund administrators to seek to limit their liability, even in the event of a loss to investors caused by their gross negligence.
- Governance
The role of external fund directors should be examined using the ‘six Cs’ of governance:
- director and board competence;
- capacity;
- composition;
- choice;
- compensation; and
- control.
For example, recent changes in the Cayman Islands have focused more attention on the role of external directors. This has resulted in positive trends for more frequent board meetings and enhanced governance oversight.
- Compliance procedures
Given the new compliance paradigm faced by alternative asset managers, investors expect to see hedge and private equity managers appoint an experienced chief compliance officer (CCO), maintain robust compliance documentation, conduct frequent compliance training, and create an overall culture of compliance across the firm.
The CCO will often be supported by a compliance consultant able to assist the asset manager with documentation, training and services, such as mock regulatory inspections.
Finally, as recently demonstrated globally, cybersecurity issues will impact both the technology team and the compliance department.
- Develop an effective reporting process
Even if the ODD process is effective in terms of gathering information and conducting diligence interviews with managers and service providers, findings and action points arising from the ODD process also must be documented.
A consistent weakness of many ODD programs is poor documentation, with investors often struggling to keep reports up-to-date, or preparing only brief ODD documentation in the form of annotated questionnaires.
Effective reporting should, firstly, be consistent across all funds in a portfolio. Thereafter, it should provide an overall assessment, highlight strengths and weaknesses, and identify action points and follow ups.
Quality reporting evidences the investor’s diligence process (vital if the investor is itself subject to regulatory oversight) and supports ODD as an ongoing process of engagement and monitoring with each invested manager.
- Develop an effective ongoing monitoring process
ODD is not only a process conducted before investment. Post-investment diligence will, over the lifetime of an investment, require significantly more resources than the initial review when the manager is on-boarded.
Certain ongoing monitoring procedures will be annual, starting with annual updates to each diligence report and detailed review of annual fund financial statements.
Throughout the year, many investors schedule diligence updates with invested managers, focused on issues such as changes in assets under management and product range, staff turnover, and any regulatory or other legal events.
Investors typically monitor changes in counter-party composition and valuation profile throughout the year, with administrator transparency reports being an excellent tool to support monthly and quarterly oversight over these metrics.
Investors should also complete real time monitoring to identify regulatory and news media (and increasingly social media) commentary with respect to their asset managers.
The way forward
Operational diligence is a challenging discipline. ODD requires significant resources, working within a well-defined process and methodology. Investors will increasingly need to make investments in new technology solutions to streamline data gathering and enable systematic identification and monitoring of operational risks.
Looking forward, investor ODD programs will be driven by two motivations.
Firstly, many investors that are increasing allocations to alternative assets, such as corporate and public superannuation funds, operate within stringent fiduciary standards and are exposed to significant regulatory, business and political risk. For this class of investor, the reputational and governance impact of investing in a hedge or private equity fund that suffers a loss due to operational failure, will likely far exceed the impact of a loss solely due to investment underperformance.
More positively, as we have already discussed, investors recognise that operational quality will support investment outperformance, a concept that has been referred to as ‘operational alpha’.
Other things being equal, it’s reasonable to assume that, of two equivalently skilled investment professionals, the one supported by the more robust operational infrastructure will, over time, generate higher performance. This is the central value add of operational diligence, and it illustrates why more and more investors aspire towards top tier ODD.
Christopher Addy is President and CEO of Castle Hall Alternatives. Castle Hall Alternatives is a specialist in operational diligence, working on behalf of asset owners. It has worked with Australian investors for several years from the firm’s office in Sydney, together with its locations in Zurich, Abu Dhabi, and its headquarters in Montreal, Canada.