PRISM INSIGHTS #106
When conducting operational due diligence on hedge funds and p/e funds, it is important to understand the firm’s key compliance policies, but it is also important to assess the nature of the firm’s compliance procedures and the monitoring of those procedures. PRISM notes that outsourcing the monitoring of personal trading, email surveillance, best execution, cyber security, expert network chaperoning, and expense allocations are all best practices. The outsourcing of these highly important regulatory risk areas helps CCOs and managers reduce the conflicts of interest that arise out of finding employee violations to the policies and communicating them to the employee and the firm’s management. It also ensures capacity to have the monitoring completed, as in reality, other in-house initiatives can take precedence over the routine compliance monitoring. If outsourced, confirmation of the monitoring can be vetted with the outside compliance consultant. If done internally, ODD professionals can interview CCOs and if available, request policies, procedures, logs, regulatory exam reports, and other documentation. Compliance monitoring software applications, such as “ComplySci” have also recently greatly helped the asset management community organize their process and their files.
It is one thing to produce applicable compliance policies, but managers do need to demonstrate that they have effective procedures that adhere to the policies, and the monitoring, both internally and externally, is being done routinely.
Policies, procedures, and monitoring are the 3 tenets of compliance.
Compliance has become more of a science, and today compliance monitoring is often outsourced and automated.