White Paper for Master & Reference Data Management

1. Executive Summary:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] Master Data and Reference Data Management and its position with regards to Hedge Funds. The document will cover what Master Data and Reference Data is and its goals as well as its life cycle and trends in its implementation. [nz_gap height="25" /] [nz_gap height="25" /]

2. What is Master Data Management?

Master data is core data needed to uniquely define objects like parties (customers, vendors, suppliers, trading partners or employees), places (locations or geographies) and things (products, services or accounts). It does not change as frequently as transactional data and is referenced by business processes and other applications. This data is usually located in multiple applications and is often out of synchronization, without a true “golden” source. [nz_gap height="25" /]

3. Master Data Management vs. Reference Data:

Isn’t Master Data same as Reference Data? Master Data is the non-transactional data that is meaningful to the business. It is the single source of business data used across all systems. While Master data may include reference data the important difference is that reference data is the basic business data used in a single system Master data is the key business information such as Products, Customers, and Employees etc. It supports the transactional processes as well as analytics and reporting. Master data is stored and used by various systems within an organization so there is a possibility for discrepancies in master data. [nz_gap height="25" /]

4. What are CDI, PIM and Enterprise Data Management?

Customer Data Integration (CDI) is a subset of MDM that focuses exclusively on customer information and how to ensure that you are always looking at the most recent version of customer information. Product Information Management (PIM) is centrally managing information about products, with a focus on the data required to market and sell the products through one or more distribution channels Enterprise Data Management is the management of the entire enterprise data landscape across all domains and processes [nz_gap height="25" /]

5. Who uses Master Data Management?

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Investment managers for managing products and customers
  • Asset and Wealth managers for managing customers and prices
  • Financial services companies for managing risks, compliance and customers
  • Hedge Fund managers for managing compliance, risk and prices
  • Insurance companies for managing customers and products
  • Banks for managing customers, counterparties, securities and brokers
[/nz_il] [nz_gap height="25" /]

6. Why do I need Master Data Management?

I already have a data warehouse, why do I need MDM? If you already have a data warehouse, you are in a very good place to start. MDM is the tool to ensure that an organization has only one version of the truth. MDM provides the 360 degree view of data that is of interest to business Most data warehouse ecosystems have attempted to manage master data within its data warehouse architecture, but it has typically focused on mastering data after transactions occur. This approach does little to improve data quality because data are corrected after the fact. The best way to improve data quality is to move the process upstream of the data warehouse before transactions are executed. MDM can be used to make your organization smarter and more flexible. By having accurate data for your most important information, you can be sure that your models, projections, and predictions are as accurate as they could be. By starting with valid data you are much more likely to produce results that your organization can depend on. [nz_gap height="25" /]

7. How is MDM useful for Hedge Funds?

Automating Trade Executions Fast trade execution is important to brokers because it allows them to capitalize on rapidly changing market opportunities Supporting Compliance Compliance officers need to report on existing regulations and want the ability to dynamically respond to new and evolving regulations at the national and state level, such as Basel II. To achieve this, they need desktop access to reconciled and related data within and across customer, counterparty and financial instrument data domains Managing Risk Having a clear picture of your institution's holdings is essential for accurately assessing and adjusting risk levels. To achieve this, bankers require desktop access to reconciled and related data within and across customer, counterparty and financial instrument data domains. [nz_gap height="25" /]

8. MDM Quick Implementation Checklist:

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Identify candidate for MDM data:
    • First and most important step is to identify what master data you would like to manage through MDM.
  • Identify the producers and consumers of the MDM data:
    • Next, identify which applications are creators and modifiers of the data and who consumes this data.
  • Define the owners of the MDM data:
    • Here’s another critical step. Who owns the data?
  • Appoint Data Stewards, Data Governance Council for MDM data:
    • This group must have the knowledge and authority to make decisions on how the master data is maintained, what it contains, how long it is kept, and how changes are authorized and audited. Data Stewards are responsible for resolving conflicts. They create the policies for resolving the conflicts when there are multiple versions/sources of data available?
  • Create MDM Data Model, chose MDM Tool, Build Infrastructure, Test Master Data:
    • Each one of these steps require careful considerations.
  • Implement the maintenance process:
    • It must incorporate tools, processes, and people to maintain the quality of the data
[/nz_il] [nz_gap height="25" /]

9. Challenges in Implementing MDM:

Getting business involvement: MDM has to be driven by business needs, otherwise it could turn out to be just another database that needs to be synchronized with all other ones, making it more of a liability than an asset. The difference between MDM success and failure depends greatly on an organization's ability to determine its own definition of what constitutes a quality, trustworthy piece of data. Most Hedge Funds already have concepts such as Pricing Community which can work as Data stewards acting as liaisons between business and IT, facilitating discussions about data and determining MDM requirements. Needs big vision but requires baby steps: Consider the ultimate goal, but limit the scope of the initial deployment. Once master data management is working in one place, it can be extended to other domains. Important differentiator is that each MDM implementation should include domains that work together such as Customers and Products. [nz_gap height="25" /]

10. What is Reference Data?

All relevant information pertaining to an instrument, required to support trading, settlement, accounting, performance, recordkeeping, risk management and regulatory reporting. [nz_gap height="25" /]

11. Goals of a Data Management Strategy:

To develop the operational platform to support a world-class Hedge Fund, minimize the operational inefficiencies, errors and costs and reduce legal, regulatory and operational risk. [nz_gap height="25" /]

12. Reference Data Life-Cycle:

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Acquire:
    • Source Data from Various Internal and External Sources
    • Extract, Transform and Load
  • Cleanse:
    • Business Rules
    • Golden Copy, if centralized design
    • Consolidations and Validations
  • Maintain:
    • Data setups (e.g. security, issuer etc.)
    • Maintain data quality
    • Review Governance and other data policies
  • Distribute:
    • SLA
    • Publish data
    • Workflow and Rules
    • Real time to key systems
[/nz_il] [nz_gap height="25" /]

13. Trends in Reference Data Implementations:

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Option 1: (Buy/build solution) with 3rd party feed handling and transformation, and custom consolidation, maintenance and distribution using a common API
  • Option 2: Adopt a 3rd party product to handle all functions up to distribution, with a custom translation to a common API
  • Option 3: Adopt a 3rd party product, which includes all functions including distribution
  • Option 4: Outsource some/all functions (e.g. allow 3rd party to conduct multiple-source consolidation)
[/nz_il] [nz_gap height="25" /]

14. Reference Data Common Trends:

Common Architectural trends include a drive towards multi-asset trading platforms with consolidated infrastructure; they require real-time data distribution mechanisms for trading, risk management, and compliance, source public data automatically from multiple sources, cleanse/validate data through workflow-driven business rules, decouple consuming systems from the approved data source, eliminate duplication of process or infrastructure and migrate over time to a services oriented architecture. Some organizational and operational common trends include the centralization of data service provisioning and governance, creation of a single point of compliance and audit for enterprise data, measurement of data quality for initial load and ongoing data maintenance, the establishment of data stewardship roles for the business, operational and technology organization and finally, Reference Data Outsourcing. [nz_gap height="25" /]

15. Reference Data Architecture Design:

Centralized architecture design includes business rules, identifier assignment, common data standards, service level agreements and data residence. Distributed data architecture design includes data capture/maintenance, ownership of data, enrichment (prioritization and consolidation), quality assurance and acceptance. [nz_gap height="25" /]  

16. Centralized Reference Data Value Proposition:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] Better data quality since enterprise-wide SMF definitions to improve interoperability across the portfolio management cycle, SMF Golden Copy with centralized validation engine and a best-of-breed composite record. There is a lower cost for doing business as a result of fewer touch-points and a more efficient maintenance process, the reduction in Bloomberg terminals and a more efficient data acquisition process. It is more efficient in trade processing and trade execution due to a less manual review of new security set-ups (improving accuracy) and lower failed trade rates. The key to success when implementing an enterprise reference data solution is to balance business needs with operational efficiency.

Case Study for a Multiple OMS Risk and Compliance Solution at Large Mutual Fund

1. Executive Summary:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] The client firm determined that a focused requirements driven process, supplemented by stakeholder working groups, was the most rational approach to address the ‘build versus buy’ decision and the subsequent design and selection considerations. In this case, the scope of the effort required for the integration of a centralized risk and compliance processing module into a trade order management system platform comprising several in-house and vendor OMSs. The existing data model was separated into distinct entities supporting reference data across this platform as required for position, index, pricing and security master (SMF) data. The client required expertise to address the following business functionality and integration challenges: [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Integration of portfolio and pre-trade risk evaluation functionality into multiple OMS workflows
  • Centralized data process with the capability maturity required for complex risk management across all instruments traded
  • Addition of an issuer schema to supplement the existing data model and to support more robust regulatory and counterparty risk testing, including complex diversification rules
  • Integrated reporting to support investment management, client and regulatory inquiry at the firm, client, fund and issuer level
[/nz_il] During the course of an investment management platform integration project, components of a firm’s order management systems (OMS), portfolio accounting systems (PAS) and data warehouse reporting tools (OLAP) are often within the scope of a business analysis effort focused upon workflow optimization and efficiency enhancements that address portfolio risk management protocols. IT project managers and stakeholders are tasked with evaluating requirements with input from legal and compliance subject matter experts, as well as portfolio management, operations and IT stakeholders, in order to implement complex regulatory and risk solutions. In this situation, there may be little understanding on the part of any one stakeholder or group as to the best approach to the business analysis and technical requirements presented by the regulatory framework. In addition, the complexity of the functionality required to provide this system logic for many lines of business demands not only sound legal opinion and well designed business rules, but an understanding of the appropriate data sources to be used in the solution data modeling effort. There are many risk and compliance solutions that project stakeholders will be asked to advise on in an investment management environment, depending on the firm’s line of business and the domicile of its trading activity, or that of the issuers it trades. Some of the common implementations include testing required for: [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Counterparty and credit risk driven by client and internal requirements
  • Investment Company Act of 1940 guidelines
  • Securities and Exchange Act of 1934 reporting
  • Investment Adviser Act of 1940 (client guidelines)
  • UCITS3 (for both alternative and traditional asset managers)
  • Substantial Acquisition Rules of sovereign entities
  • Internal Revenue Code reporting
[/nz_il] [nz_gap height="25" /] [nz_gap height="25" /]

2. Solution:

A proven approach was successfully initiated, an approach to implementing complex risk and compliance solutions following a phased software development lifecycle (SDLC) method:
  1. The client’s legal, risk, investment, operations and compliance stakeholders were engaged in order for the project team to fully understand the scope of the trading workflows and types of testing and reporting structure required by the business
  2. Tests were broken out and analyzed with respect respective sources – SEC, client guidelines, prospectus, SAI, internal counterparty risk, etc. so that the data requirements could be defined and vetted early in the discussion
  3. The applicable workflows, business and functional requirements were vetted with stakeholder working groups during the course of the requirements gathering process
  4. Design and/or solution selection was initiated with a functionally traceable RFP process after stakeholder sign-off is completed
  5. Solution implementation and functionality testing were completed in a phased approach by OMS segment before UAT was conducted and the solution was cutover to a production environment
When approaching the requirements effort, there will necessarily be an extensive regulatory review in order to understand the specific testing that applies to the client line of business. Legal definitions and an understanding of the legislative framework are helpful when working with the language of the SEC’s mandate. [nz_gap height="25" /]

3. Terms:

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Investment Adviser: the “adviser” to an investment company, or mutual fund, is specifically understood, in the legal sense, to be responsible for compliance to the Investment Company Act, as well as to the investment clients they represent. The adviser to an investment company is often also its sponsor, such as a financial Advisery firm, brokerage firm or insurance company. The structure of the investment companies covered under the act may be that of an exchange traded “closed-end” fund, an ETF (however, not all of these products are issued under the 40 Act) or that of an “open-end” fund.
  • Net Assets: Net assets can be defined as the “net worth” of the fund, and is expressed as a dollar amount at the fund level, as compared to “NAV” (net asset value), which is a per share price struck daily from the same data and quoted to the public. This value is usually provided by either the accounting system of the client firm or by data fed from an accounting services provider such as the fund’s custodian. The value generally includes: the sum of paid capital, undistributed net investment income, accumulated undistributed net realized gain, and net unrealized appreciation. It is commonly used in tests related to the Investment Company Act; most OMS data schemes incorporate this data point into the test design scheme for purposes of compliance to the act.
  • Total Assets: The value generally includes: the sum of securities investments, cash, receivables, unrealized appreciation, and securities held as collateral for loaned securities. It is expressed as a dollar amount at the fund level.
  • Total Market Value: As current prices are made available, this amount represents the market value of all positions. It is expressed as a dollar amount at the fund level.
  • Diversified Fund: or "Diversified [investment] company" means a management company which meets the following requirements: At least 75 per centum of the value of its total assets is represented by cash and cash items (including receivables), Government securities, securities of other investment companies, and other securities for the purposes of this calculation limited in respect of any one issuer to an amount not greater in value than 5 per centum of the value of the total assets of such management company and to not more than 10 per centum of the outstanding voting securities of such issuer.
  • Non-diversified Fund: or "Non-diversified [investment] company" means any management company other than a diversified company, as defined above, such as a “fund of funds”.
  • Senior Securities: prior to 1940, a significant number of investment companies were highly leveraged, issuing large amounts of “leveraged” securities such as debt and preferred stock called “senior” securities; securities are not considered “senior” if the positions are covered by the fund, such as with covered call writing strategies. The SEC essentially defines transactions such as short sales, or instruments such as: options, futures, forward contracts, swaps, dollar rolls, when-issued securities & reverse repos as being senior securities; any security or investment structure that creates an obligation to someone other than the fund’s shareholders.
  • Segregated Amount: Defined as the sum of the “segregated quantity amounts” for all positions in the account. It represents the amount of cash, cash equivalents, treasury or other liquid securities held by the custodian to cover the exposure incurred from the issuance of senior securities.
  • Total Issuer Voting Shares: this quantity represents the ownership or control of an issuer, and includes the underlying voting rights of convertible securities, options and warrants. “Shares of a class” would comprise one class of issuer voting shares only.
  • Issuer Debt Outstanding: represents the amount of capital invested by shareholders & owners that is owed and payable.
  • Test Basket: such as with Sec. 5(b)(1), when a specified threshold is reached with respect to a data point at the issuer level, the instance is tracked by “placing” it in a “basket” of such cases, and an exception triggered when the total basket member percentage exceeds a stated threshold with respect to a predefined value, such as the total assets of the fund tested.
[/nz_il] [nz_gap height="25" /]

4. SEC Regulatory Overview for Mutual Funds:

Securities Act of 1933 The first of four major securities acts that would come to shape and solidify the securities industry over the coming decades, the Securities Act of 1933 addressed the issuance of securities throughout the industry, including the shares of open-end and closed-end investment companies. It required that any person wishing to offer securities to the public register those securities and provide prospective investors with adequate disclosure in the form of an investment prospectus. (2) Because mutual funds issue shares that constitute publicly traded stock in the investment company itself, they fall under the provisions of the ‘33 Act and its subsequent rules. The prospectus delivered to investors under the ‘33 Act defines the objective of the fund. The Investment Company Act of 1940 described below, under section 35(d) of the ‘40 Act, states that a fund may not use a name that is misleading with respect to the investments selected by the adviser. Common practice in the industry is to review all fund prospectuses and develop a monitoring system in the trade and portfolio management workflow to test for adherence to this rule (which is further described in the test analysis portion below). Securities Exchange Act of 1934 The ‘34 Act broadly addresses rules related to the exchange of securities, as opposed to the issuance of instruments. This act also created the SEC and gave it enforcement powers with respect to federal securities laws. Specifically related to mutual fund investment management, the act requires disclosure of institutional investment manager holdings, as well as provides a framework for transfer agent registration and rules of conduct. (3) Investment Company Act of 1940 After the stock market declines that occurred in late 1929, the mutual fund industry sustained losses that were severely compounded by the issuance of “senior securities”, used to fund the acquisition activity of the adviser, and which had put the investment company in a heavily leveraged financial position. Investor losses resulting from this financial structure, and the general market decline prompted a SEC study which determined that the governance provided by the Securities Act of 1933 was insufficient to provide the risk management that both investors and the capital markets as a whole required. The findings of this study led Congress to conclude that the activities of persons operating mutual funds should be regulated under a new and more specifically crafted set of guidelines, which became known as the Investment Company Act of 1940, deeming it necessary given the aggregate risk undertaken by the investing public. The U.S. Congress observed in section one of the Investment Company Act, “[investment] companies are the media for the investment in the national economy of a substantial part of the national savings, and may have a vital effect upon the flow of such savings into the capital markets…” The act “establishes a comprehensive regulatory framework for investment companies”, “designed to: [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Prevent insiders from managing the companies to their benefit and to the detriment of public investors
  • Prevent issuance of securities having inequitable or discriminatory provisions
  • Prevent the management of investment companies by irresponsible persons
  • Prevent the use of unsound or misleading methods of computing earnings and asset value
  • Prevent changes in the character of investment companies without the consent of investors
  • Prevent investment companies from engaging in excessive leverage
  • Ensure the disclosure of full and accurate information about the companies and their sponsors.
[/nz_il] In order to accomplish this, the Act mandates the safekeeping and proper valuation of fund assets, restricts transactions with affiliates, limits transactions that leverage the funds assets, and imposes governance regulations as a check on fund management(4). The authors of the Mutual Fund Law Handbook concluded that, “The 1940 Act’s main concern is the integrity, accuracy, and security of mutual fund investment portfolios and operations. One aspect of that concern is the Act’s attention to the financial and other records of funds and to their outside accountants.”. (5) Investment Advisers Act of 1940 Another act requires the registration of anyone in the business of offering investment advice per se, such as the adviser to an investment company, as well as advisers to institutional and individual clients. The Investment Advisers Act of 1940 promulgates disclosure rules with respect to the adviser’s interests in all transactions it undertakes, and also contains anti-fraud provisions. More specifically, it requires that investment guidelines spelled out in the client agreement are adhered to, and prompts the SEC to inspect the operations of the adviser to ascertain that the adviser is in compliance with the act (hedge funds are currently not regulated as investment advisers or as mutual funds due to exemptions provided by federal law). (6) Investment Company Act (40 Act) Tests Monitored in the Trading Workflow The tests defined by the Act, which are applicable to the OMS environment, are generally related to these six categories: [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Investments in other investment companies
  • Investments in securities-related businesses
  • Liquidity
  • Diversification requirements – industry and issuer
  • Leveraged investments
  • Names of investments companies with respect to portfolio holdings
  • Tests related specifically to money market fund credit quality and liquidity
[/nz_il] The 40 Act has several sections that can be tested, and these are too numerous to be listed here in their entirety. Here is an example from one section: Section 18 governs the capital structure of investment companies. Section 18(f) in particular, prohibits issuance by the investment company, of “senior securities” unless a fund offsets the obligation. The SEC defines “senior security” broadly based on the potential obligation to someone other than the shareholders. Prior to the act, excessive issuance of these securities had greatly increased the speculative nature both the common stock and the investment portfolios of investment companies. However, two exemptions exist to this restriction, provided that either: [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • a segregated account is maintained, consisting of cash, government securities, or high grade debt securities, in an amount equal to the obligation;
  • by owning or having the right to acquire the asset that the fund is required to deliver, such as with a “covered-call” writing option strategy.
[/nz_il] Bank borrowing is allowed, so long as the coverage for all borrowing is, at minimum, 300% of the amount borrowed. (7) These tests can be simple to fairly complex to code in practice. For example test logic for a Section 18 borrowing rule may be structured in this way: Test Name [field data in OMS]: "At least 300% asset coverage for borrowing." Test Description [field data in OMS]: "1940 Act Requirement for diversified funds - Sec 18(f). Open-end investment companies should not issue "senior securities", but a fund may borrow from a bank provided it maintains at least 300% [net] asset coverage.” Rule Analysis Logic: Net assets (NA) plus borrowing must be at least 300% of borrowing, so NA must be at least twice borrowing, so borrowing must be no more than 50% of NA. Formula: [absolute value of borrowing at fund level] / [NA, where exception is triggered when 50% of NA is exceeded] The application of tests related to the above categories can be engineered to operate in a “pre-trade” mode or a “portfolio” mode. A pre-trade mode evaluation is best understood as a test that calculates the position related “bucket” (multiple concurrent trades may be evaluated at once, system-wide) combined with the settled portfolio position quantity prior to the order being placed. A portfolio (holdings) mode test is a component calculation of this test that is evaluated when trades have settled and also to prepare the data for pre-trade evaluations in the following trade cycle. The application of any test and test mode varies with the requirements of the adviser and the specific fund types, instruments types and domicile of the custodied assets. If the fund adviser requires these tests in the pre-trade workflow, the data quality must be reliable in order to have the confidence required to configure and apply tests. Otherwise, trading performance impacts would result if the platform were designed to limit trader control over the order when a test fails. [nz_gap height="25" /]  

5. Benefits:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /]Robust financial risk and compliance management is good business. Talented and effective leaders that understand the scope of the securities industry often manage operations that effectively manage risk and compliance controls. Additionally, risk management tools that focus on credit exposure, issue and issuer concentration and firm-wide leverage can save firms from realizing substantial trading losses and the consequences of inadequately managed client and firm related risk exposure. These are the common results of a successful implementation: [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Portfolio Management: Up-to-date risk and portfolio guideline data for management reporting
  • Trading: significant cost savings resulting from less trade errors and portfolio rebalances
  • Risk and Compliance: efficiency and increased capability provided - requires less staff to accomplish more work
  • Compliance: Up-to-date risk and regulatory reporting for regulatory inquiries
  • Client Services: Up-to-date risk and client guideline reporting for client inquiries
  • Operations and IT: significant ROI can be realized from a cost and data risk management perspective as the enterprise data warehouse is used to its full potential
[/nz_il] [nz_gap height="25" /]

6. Leveraged expertise:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Prospectus, SAI, guidelines, foreign entity, and IRS business rules analysis
  • Portfolio management business rules, functional requirements and workflow analysis
  • Request for proposal, vendor evaluation and testing scenario analysis
  • System configuration, functional integration and user acceptance testing
[/nz_il] [nz_gap height="25" /]

7. Citations:

  1. Securities and Exchange Commission, Division of Investment Management website ( SME, legal & industry interpretations appended.
  2. “Protecting Investors: A Half Century of Investment Company Regulation”, United Sates Securities and Exchange Commission, Division of Investment Management, May 1992
  3. Ibid.
  4. Clifford E. Kirsch, Investment Adviser Regulation - Step by Step Guide to Compliance and Law, (New York, Practicing Law Institute, 2006 ).
  5. James M. Storey & James M. Clyde, Mutual Fund Law Handbook (Little Falls, NJ: Glasser LegalWorks, 1998)
  6. Alan R. Palmiter, Securities Regulation - Examples and Explanations [Cases], (Aspen, CO: Aspen Publishers, 2002).
  7. Ibid, p.5

White Paper for Hedge Fund BCP Implementation Framework

1. Executive Summary:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] Recent provisions promulgated by the Private Fund Investment Advisers Registration Act of 2010, a section of the Dodd-Frank legislation, requires managers to register with the SEC and implement a suitable compliance program if they either a.) have $100M of AUM (if managing a fund and separate accounts) or, b.) have $150M of AUM (if managing a fund only). Under SEC Rule 206(4)-7 of the Investment Advisers Act of 1940, those managers will need to design and manage a business continuity plan as part of the compliance program. [nz_gap height="25" /] [nz_gap height="25" /]

2. Business Environment:

Since the SEC has stated that an adviser has an obligation to protect its client’s assets from risks resulting from the adviser being unable to provide advisory services, an adviser must create and maintain a business continuity plan which is “reasonably designed” to enable the adviser to meet client obligations in the event of a natural disaster, emergency, or significant business disruption. In the accompanying Adopting Release Report to Rule 206(4)-7, the SEC specifically noted that, at a minimum, policies and procedures established must address, among a number of other issues, the investment adviser’s or the fund’s business continuity plan. (1) Globally, there are many business recovery standards developing to meet the needs of international organizations, such as the British Standard Institution’s BS 25999. It is important to assess which standard is appropriate for your organization, taking into consideration the nature of the business, international acceptance of BCP practices in your markets and management’s approach regarding risk management (not only regarding business continuity issues but also risk analysis and mitigation activities). Fortunately, best practice guidance is available to financial market participants from many credible sources. The SEC has co-authored the Interagency Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System, and the SMIFA and the MFA have published best practice guidelines for financial industry participants. Additionally, FINRA provides specific guidance for member firms under Rule 4370 (2). These include many areas of focus that are relevant to private fund advisers insofar as that they can provide a framework for best practices: [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Establishing and Maintaining a BCP. Guidance provided addresses the creation and maintenance of a business continuity plan that identifies procedures related to an emergency or other significant business disruption and is “reasonably designed to enable the member [firm] to meet its existing obligations to customers.” The business continuity plan procedures should address existing relationships with other…counter-parties.
  • Updating Requirements. Guidance related to the ongoing update of the business continuity plans in the event of any material change to the adviser’s operations, business, structure, or location, and should be reviewed at least annually.
  • BCP Details. The rules do not provide specific detailed requirements. Instead, they provide a framework for minimum compliance. The following structure consists of some of key areas that the business continuity plans should address to the extent required.
    • Data back-up and recovery (hard copy and electronic);
    • All mission critical systems;
    • Financial and operational assessments;
    • Alternate communications between the member and its customers;
    • Alternate communications between the member and its employees;
    • Alternate physical location of employees;
    • Critical business constituent, bank, and counter-party impact;
    • Regulatory reporting;
    • Communications with regulators; and
    • How the member will assure customers’ prompt access to their funds and securities in the event that the member determines that it is unable to continue its business.
    • As part of the process, business constituents, banking and counter-party relationships would be identified and analyzed with respect to operational redundancies or required references to needed continuity structure in the context of external and internal events.
  • Plan Approval. Guidance related to the designation of a member of senior management who is also a registered principal to approve the business continuity plan and to conduct the annual review.
  • Disclosure Requirements. Guidance related to the disclose how the business continuity plan can address and how the firm will respond to future business disruptions of varying scope. The disclosure must, at a minimum, be made in writing to customers at account opening, posted on the firm’s web site (if one exists), and mailed to customers upon request.
  • Designating Emergency Contacts. Guidance related to the designation of emergency contact persons. The emergency contact persons should be associated persons. At least one contact person should be both a member of senior management and a registered principal of the firm. If the second contact person is not a registered principal, that person should be a member of senior management who has knowledge of the firm’s business operations. If a firm only has one associated person, then the second contact person should be an individual who has knowledge of the firm’s business operations.
[/nz_il] A firm planning a top down approach to business continuity implementation focused on mitigating the affects of disruptions to the business achieved through a plan will need to focus on its strategic business priorities and review the relevance of guidelines within that context. Some specific items to work through in order to accomplish this are proposed by the SMIFA (3): [nz_gap height="25" /]

3. Key Concerns/Issues:

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Regulatory requirements – SEC guidance may be forthcoming – will FINRA become the model?
  • Risk Management including exposures of vendors and to counter parties
  • Executive ownership, commitment, and support of the program.
  • Program as part of the company culture recognizing it is part of “doing business”
  • Adequate funding and staffing
[/nz_il] [nz_gap height="25" /]

4. Key Questions:

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • What business activities are in scope?
  • Do you know your exposures?
  • Who are your customers and what are their expectations?
  • What is your reliance on critical vendors?
  • What is your reliance on critical infrastructure, clearing firms, administrators?
  • What functions/operations/products are critical?
  • What are the minimal resources required to maintain the business for a selected time period?
  • What immediately non-critical functions become critical after a given time period?
  • What is the “proximity” risk to your firm (internal and external)?
[/nz_il] [nz_gap height="25" /]

5. terms:

[nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Investment Adviser: the “adviser” to a private fund, is specifically understood, in the legal sense, to be responsible for compliance to the Investment Advsier Act, as well as to the investment clients they represent.
  • Mission critical system: means any system that is necessary, depending on the nature of a member's business, to ensure prompt and accurate processing of securities transactions, including, but not limited to, order taking, order entry, execution, comparison, allocation, clearance and settlement of securities transactions, the maintenance of customer accounts, access to customer accounts and the delivery of funds and securities.
  • Financial and operational assessment: means a set of written procedures that allow a member to identify changes in its operational, financial, and credit risk exposures. public register those securities and provide prospective investors with adequate disclosure in the form of an investment prospectus (5).
  • Investment Advisers Act of 1940 (As it relates to the Private Fund Investment Advisers Registration Act of 2010): Another act requires the registration of anyone in the business of offering investment advice per se, such as the adviser to an investment company, as well as advisers to institutional and individual clients. The Investment Advisers Act of 1940 promulgates disclosure rules with respect to the adviser’s interests in all transactions it undertakes, and also contains anti-fraud provisions.
[/nz_il] [nz_gap height="25" /]

6. Approach:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Obtain executive level commitment and strategic insight prior to implementation
  • Decide the business and technology mix for the solution and thus the implementation project planning:
    • Will application resiliency drive the strategy?
    • Will business impact analysis drive the strategy?
  • Secure essential ad hoc resources required to manage an effective implementation:
    • Legal counsel and compliance assessment
    • Operations and IT project management
[/nz_il] [nz_gap height="25" /]

7. Benefits:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Portfolio Management and Trading: codification of clearly defined backup processes and reduced business risk
  • Risk and Compliance: Recovery platform designed to mitigate key risks and provide an up-to-date risk and regulatory mechanism for regulatory inquiries
  • Client Services: Up-to-date risk management and client reporting transparency for client inquiries and new business requests
  • Operations and IT: codification of clearly defined backup processes and reduced operational risk
[/nz_il] [nz_gap height="25" /]

8. Citations:

(1) Mallon, Bart. Business Continuity Plans (Disaster Recovery Plans) | Investment Adviser Registration. Retrieved October 18, 2010, from (2) Amended by SR-FINRA-2009-036 eff. Dec. 14, 2009. (3) SIMFA (2008) The Business Continuity Program - Expanded Practices Guidelines. New York. Business Continuity Planning Committee (4) Securities and Exchange Commission, Division of Investment Management website ( SME, legal & industry interpretations appended. (5) “Protecting Investors: A Half Century of Investment Company Regulation”, United Sates Securities and Exchange Commission, Division of Investment Management, May 1992

Case Study for Improving Quality Control

1. Executive Summary:

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] Comprehensive manual testing of an order management system can be tedious and time consuming. This is especially true when there are custom workflows. If not automated, comprehensive testing can require one or more resources to be completely devoted to performing test cases and manually verifying output. Accuracy can be difficult to ensure under these circumstances due to the number of test iterations that need to be correctly executed and tracked. [nz_gap height="25" /] [nz_gap height="25" /]

2. Solution:

Utilizing the client's purchased automated testing tool, TestComplete, OmniVista designed and implemented a completely automated testing solution to perform all required order management tests. Using the order management system’s user interface, the test automation solution performs button clicks and data entry. The automated testing uses smart delays to ensure custom and standard flows are tested accurately. After each step, data is validated in the database to verify that actual results match expected results. [nz_gap height="25" /]

3. Benefits:

Automating testing freed the client’s resources to work on other projects and significantly increased the confidence in and speed of deployments. Comprehensive regression testing, which previously took multiple days and tens of thousands of dollars, is now completed in less than an hour and at a fraction of the cost. The accuracy, reporting, and transparency of testing operations also increased significantly. Each test was automatically tracked with a success or failure status. At the end of a test run, a chart was generated showing the aggregated results. [nz_gap height="25" /]

4. Leveraged Expertise

[nz_sep top="0" bottom="20" width="100" height="2" type="solid" color="#f0634c" align="left" /] [nz_il type="none" icon="icon-checkmark" icon_color="#f0634c" background_color="" ]
  • Intimate knowledge of client’s business workflows
  • Comprehensive, best in class quality assurance practices
  • Extensive familiarity with TestComplete and scripting languages
  • Years of experience with Order Management Systems
  • In depth understanding of how Order Management Systems uses and interacts with data on the backend [/nz_il]