Are Fund Administrators doing enough to minimize Operational Risk?
As regulations have become more stringent, fund managers are under the spotlight to deliver a huge array of complex information accurately and on time and are turning to fund administrators to fulfil these ever-increasing obligations. Centaur looks at five operational risks that were recently highlighted by a survey conducted by Risk.net and assesses if administrators are doing enough to minimize operational risk for their clients.
- Cyber Security Risk
Not only are cyber attacks more prevalent, but they are becoming ever more sophisticated and destructive. As a result, regulators are increasingly penalizing firms over data leaks or for inadequate and ineffective controls for data security. Fund administrators must strive for no less than a 100% safe and secure environment for their stakeholders.“At Centaur, we constantly review and assess the technology we use as well as the security policies and provisions in place, with our expert technology partners. Our IT security controls are tested as part of our annual ISAE3402 examination and our infrastructure undergoes rigorous pen tests by an external reputable firm to evaluate the security provisions in place.” says Karen Malone, Founding Partner of Centaur Fund Services.
- Risks from Regulation
Faced with the constant threat of sanctions for non-compliance, fund managers often look to their administrators to guide and assist them to deliver on their regulatory obligations. Clients need administrators to provide robust and accurate regulatory reporting, backed by effective compliance monitoring programs to provide assurances that all regulatory requirements are being met.“Centaur keeps abreast of regulatory developments affecting our clients and proactively assesses how the services we provide can be tailored to meet their compliance requirements. Each client is assigned a dedicated team that ensures compliance monitoring programs are in place to meet their specific regulatory needs.” says Karen.
- The Risk of Outsourcing Services
Outsourcing services to a third party is commonplace across the fund administration industry. Outsourcing brings its own risks and challenges and, as a result, outsourced relationships are gaining greater regulatory scrutiny with an increasing emphasis on service provider management, internal controls, liability, risk management, compliance oversight and data security.Karen states,“At Centaur, whilst we acknowledge the merits of many outsourcing models, we choose not to outsource any of our fund administration services to external third parties. We remain fully in control and accountable for all of the services we provide to our clients”.
- Organizational Changes
Even the smallest organizational changes, if not properly managed, can have a significant adverse impact on the day-to-day functioning of the firm and the services it provides. Fund administrators need to be flexible, be open to change and have a robust change management process in place to identify and mitigate the associated risks when changes need to occur.“Centaur prides itself on its flexibility and ability to keep up with market changes, whether these are in the form of new regulation, technology changes or internal restructuring,” says Karen. “Our approach to change management ensures that all organisational changes are clearly defined, the risks and the impact on the business are assessed and implemented in line with the agreed objectives.”
- Risk from IT Failures
Although technology and automation are powerful tools for reducing operational risks associated with manual error, they can also present their own unique risks if not properly controlled. Risk management forms an integral part of all technology related initiatives to avoid disruption to the provision of services.Karen states, “Centaur invests heavily in designing, implementing, updating and testing our various technology solutions. Our team and technology partners adhere to a strict change management and approval policy in respect of all changes to our system infrastructure. We continually liaise with our technology partners, who are amongst the best in their field, to ensure adequate and effective business continuity planning and disaster recovery processes are in place and regularly tested.”
Karen concludes, “At Centaur, we are never complacent and we believe that a pro-active approach to identifying and managing operational risk is a must. By hiring the best staff, implementing best practices and continually investing in our technology, we consider ourselves well placed to help our clients mange their risks, through the provision of our award winning services. We continually monitor developments and evolving risks in the industry because we place a high priority on maintaining effective long-term business relationship with our clients. This means we are open to change and able to quickly adapt our service offering, in response to changes to the marketplace and the needs of our clients. ”