A Quick Guide to Risk Management and Compliance

Risk management and compliance are now integral parts of the investment process. The 2008 financial crisis emphasized the importance of effective risk and compliance processes that ensure the safety of assets while allowing for proper asset management. This involves meeting legal and regulatory requirements, maintaining accurate records, establishing an independent compliance function, allocating adequate resources, conducting third-party reviews, and having disaster management and recovery plans in place.

Basics

Risk management and compliance have evolved significantly in the investment management industry. Previously regarded as mere inconveniences, they are now recognized as integral parts of the investment process. The aftermath of the 2008 financial crisis and the implementation of the Department of Labor's Fiduciary Rule played key roles in solidifying the importance of compliance and risk management across all advisory practices.

Impact of the 2008 Financial Crisis

The financial crisis of 2008 revealed the severe impact that poor management and illegal activities could have on the market. Before this crisis, occasional incidents had occurred, but the breadth of the housing crisis left no one unaffected. Investors discovered that their supposedly diversified portfolios were highly correlated, and risk procedures failed to protect them from unlikely scenarios.

Although some investment managers and financial advisors may argue that the crisis was a unique event from which lessons have been learned, clients are unwilling to accept even the slightest possibility of a similar occurrence given the magnitude of the damage caused. Consequently, clients now demand stronger assurances regarding the safety of their assets. As a result, money managers and advisors must develop more effective risk and compliance processes that adequately manage and mitigate risk without unnecessarily restricting their ability to manage assets.

Compliance and Risk Management Procedures

The CFA Institute, in collaboration with the Securities and Exchange Commission (SEC), has developed guidelines to enhance the effectiveness of compliance directives. The key objectives of compliance and risk management procedures include:

Legal and Regulatory Requirements

Compliance policies and procedures are crucial for ensuring that investment activities comply with relevant laws and regulations. While there may be slight variations in internal controls among asset managers, they are all held to similar guidelines established by the Department of Labor. These guidelines aim to promote consistency and accountability across firms of different sizes and investment focuses.

Document Maintenance

Accurate and accessible record-keeping is essential for compliance and risk management purposes. It involves retaining records that support investment activities, research scope, conclusions, and client actions. Transparency and meticulous record-keeping align with the Department of Labor's Fiduciary Rule. Additionally, these accurate records help in back-testing different risk scenarios to assess correlation and other risk metrics.

Separate Function

Having an independent compliance function, separate from the investment team, is a valuable way to implement effective procedures. The compliance officer is responsible for designing, implementing, and overseeing these procedures and policies. They ensure that client interests are a top priority by reviewing transactions, while the risk manager develops a tool to monitor investments and address potential risks. It is important to communicate to all employees the significance of complying with policies and the consequences of violations.

Proper Resources

To effectively monitor investments, qualified staff, and adequate technological resources are essential. The tracking tools should prioritize client interests and ensure compliance with agreed-upon terms. Internal controls prevent illegal activities and maintain a trustworthy client relationship. Resources include both skilled staff and approved money management tools. Risk management requires competent research and analysis, supported by human and technological resources. Regular portfolio monitoring is crucial to uphold client guidelines, especially when dealing with complex securities.

Third-Party Review

Third-party review is essential for ensuring the accuracy and completeness of client portfolio information. This verification process serves two purposes: enhancing the credibility of the manager and identifying potential areas of risk. It can be achieved through an annual audit or by obtaining trade confirmations from a custodian.

Planning for the Rainy Day

Having a disaster management and recovery plan in place was shown to be crucial after the 2008 financial crisis. Safeguarding client interests involves implementing procedures such as establishing offsite backup facilities, creating secondary monitoring and trading systems, and developing communication plans for employees. Everyone in the company must participate in the development, regular review, and periodic testing of these plans.

Conclusion

In today's global markets, the probability of unexpected events like market crashes has increased. This highlights the importance of robust risk and compliance processes in every organization. Implementing these processes enhances the diligence and care with which managers handle clients' assets. Regular review and testing of procedures are essential components of these processes.