How does digital diligence help ManCos meet regulator’s expectations on delegate oversight?
At DiligenceVault, we are about all things due diligence related. While our roots started in the traditional exchange of qualitative and quantitative data during the DDQ process between an asset owner and their asset managers, we are seeing an increasing demand for asset management companies (typically referred as ManCos) to demonstrate that they have effective oversight of their delegated activities. The demand for ManCos has been growing because asset managers, both traditional and alternative, use them to delegate activities such as portfolio management, fund administration, and marketing of UCITS and/or alternative investment funds.
Although ManCos have benefited from the impact of Brexit as UK managers look for a workaround to keep offering their funds into the EU market, Brexit has made regulators more sensitive to EU ManCos that could be perceived as “letterbox entities”. Regulators in Ireland and Luxembourg, the two largest fund markets in Europe with a combined €6.8tn of fund assets, have identified a number of risks - operational, financial, legal and reputational - that ManCos must address. In 2018, Luxembourg issued the CSSF 18/698, a prescriptive circular on what is required in terms of delegations and oversight, and how it has to be carried out. In Ireland, the Bank of Ireland issued the CP86, a similar piece of legislation. After extensive studies, the Bank of Ireland fired a warning shot on October 22nd, 2020 which called out the need for better due diligence of delegates before appointment and on an ongoing basis. The regulator found out that a significant number of ManCos have not yet fully implemented the framework issued in the CP86 regulations two years after it came into force.
ManCos have a responsibility to identify and assess all risks from their investment management delegation. So, what challenges do ManCos face when putting the theory into practice?
1) First, ManCos are required to put in place an initial due diligence framework which enables the delegating entity to understand the structure and operating model of each delegate, and to identify potential sources of risks.
2) In practice, they build a DDQ questionnaire to collect all of this information. The DDQ is not the objective of the process but rather an essential tool for the delegation process. It must be comprehensive, precise and above all, enable the delegating entity to understand the structure and the operating model of the delegate, and to identify potential sources of risk. In addition, they must show a record of personalised interviews. The need for an onsite visit is not required in the Circular 18/698, and pretty difficult whilst Covid-19 is still around, but video conferencing facilities are very effective, especially for ongoing monitoring. It is more challenging for initial due diligence of the delegates and for those deemed as high risk.
3) Third, the ManCo needs to produce a formal full delegation report which includes not only the completed DDQ, its analysis and related documents, but also reviews of the policies, procedures and operating processes in place and controls carried out at the delegate’s premises, as well as any interviews.
4) ManCos must also define their risk-based approach and the corresponding assessment grid which need to be integrated into a global and coherent delegation and oversight process. This final piece aims to assess the quality of the proposed delegate based on a collection of information that is covered during the due diligence process.
5) The level of oversight does not stop there. ManCos are required to conduct periodic reviews of their delegates. Regarding frequency, an update every 18 months could be considered for a low risk delegate, compared to a standard annual frequency or more often in the event of a higher level of risk. The overall number of delegates should also be considered in determining the optimal on-going review frequency.
How can a ManCo show evidence that they are tracking, challenging and taking actions when issues arise?
DDQs have been around for a long time, but the level of complexity and depth that ManCos need to conduct this process is rapidly increasing. With so much information to analyse, we have seen Delegate Oversight Questionnaires contain several hundred questions. Additionally, there are documents delegates attach to the questionnaires when submitting their responses. Monel Amin, CEO and Founder of DiligenceVault, had the pleasure of speaking with Dan Lawlor during an AQuest Podcast about how technology can help streamline a document-heavy and administrative burdensome process.
When it becomes too labour intensive or too time consuming for both parties to cope with the increasing volume of activity and data, technology is here to help. The internal operational risks are just too great if data gets lost, people leave organisations with their knowledge or the Manco is unable to access all their data because it is stored in disparate folders or even emails! DiligenceVault can help reduce these risks and provide an efficient, digital due diligence framework that is suitable for any ManCo. With DiligenceVault, users can:
If you are looking to move away from multiple spreadsheets, documents, emails and shared drives, and centralise the process for oversight due diligence, contact us for a demo today.