The Importance of Operational Due Diligence
When overseeing an institutional investment program, the predominant focus is invariably on investment returns and risk management. Asset owners are inundated with information and resources to help manage their investment portfolios. In contrast, operational risks and costs associated with investment implementation and the use of third-party service providers have typically received limited attention in the past. However, prescient investors recognize the increasing complexity of operational processes, regulations and compliance and the costs and risks associated with the same.
Mercer is of the opinion that a comprehensive risk assessment should include a thorough overview of the front, middle and back office functions — that is, investment due diligence (IDD) focusing on “alpha generation” AND operational due diligence (ODD) focusing on the risks and costs of execution that could result in “alpha erosion.” The focus of this article is ODD, or the elements of “alpha erosion,” which are typically less understood and addressed vis-à-vis IDD. It is also worth noting that expert resources in this space are less readily available than in the IDD sector.
Mercer defines ”operational risk” as the risk of inadequate or failed procedures or policies, systems failures, employee errors and fraud or other criminal activity. In recent times, several instances of lax due diligence in the operations space have resulted in sizeable losses for companies and their investors. Recent headline-grabbing examples include the case of the Madoff Ponzi scheme in 2008, which resulted in $50 billion losses; Axa Rosenberg in 2010, with $217 million losses due to an IT coding error; MF Global in 2011, with $2 billion losses stemming from an alleged failure to protect segregated client accounts; and Chase in 2012, with $6 billion losses due to a failure of risk management.
WHAT IS CHANGING
However, the historical lack of attention to ODD is changing, particularly in the face of new and evolving regulations that mandate a thorough assessment of operational processes and controls and require institutions to judiciously manage and oversee external service providers. For instance, the Australian Prudential Regulation Authority explicitly states that the appointment of an external service provider does not absolve an institution of accountability for said functions, whether it is investment management or operations management, such as trustee, custodian functions. Similarly, in Singapore, the Guidelines on Outsourcing issued by the Monetary Authority of Singapore (MAS) indicate that any organization outsourcing any of its business activities, but particularly material outsourcing arrangements, to an external service provider is required to conduct a self-assessment using these guidelines as a standard. In addition to the internal controls and risk management processes, the MAS also pays close attention to the quality of these institutions’ boards and the oversight and governance provided by senior management.
HOW TO GET STARTED
An institutional-quality due diligence assessment of operational risks is no different than a comprehensive IDD exercise. It requires specialist resources with an in-depth understanding of industry best practices to evaluate a firm’s control environment and asset administration processes within the context of the surrounding investment organization and key service provider relationships. It should include detailed assessment of various key subjects including but not limited to governance and organizational structure; regulation; compliance and audit; transaction execution; valuation and administration; technology; and third-party relationships.
The primary purpose of an ODD assessment is to benchmark operations and organizational governance against globally accepted safe and sound practices across a broad range of operating procedures, execution practices and internal controls. The outcome of such an exercise is twofold. First, it serves to identify red flags to help an organization avoid substantial financial losses due to operational and organizational deficiencies. Second, it can communicate areas of improvement to the organization to support changes to investment operations that can potentially aid performance and reduce non-investment-related risks.
In the face of a rapidly changing investment and regulatory environment, institutions are being held equally accountable for managing both investment and non-investment risks. Prudent institutions can no longer afford to be complacent about non-investment-related risks and the potential consequences of ignoring the same. Good governance dictates that ODD assessments receive greater focus as institutions seek to meet their fiduciary commitment to their investors. Despite the relative lack of expert resources in this space, institutions are required to be aware of these risks and to actively manage them. The previously prevalent approach of a superficial “check the box” exercise will no longer meet regulatory scrutiny and institutions’ fiduciary burden to investors. Organizations will now be required to conduct a comprehensive ODD exercise. This exercise should include an assessment of the following factors vis-à-vis global standards and best practices: governance; controls and processes; investment operations and execution risks; and service providers.
Last but not least, an ODD should not be viewed as a static exercise; rather, it is a
constantly evolving framework of key elements that are critical to the assessment of an organization’s middle and back office operations and functions. The risks faced by the organization will continue to grow and morph as the market dynamics evolve and the investment and regulatory environments change. A recent case in point is the inclusion of cybersecurity to the ODD assessment in light of the growing recognition that cybersecurity has expanded from being a purely technological risk to become a key business risk. A far-sighted and comprehensive ODD process should therefore continually develop in line with the environment and incorporate new critical aspects of due diligence.
For further information, please contact your local Mercer office or visit our website at www.mercer.com.
References to Mercer shall be construed to include Mercer LLC and/or its associated companies.
© 2018 Mercer LLC. All rights reserved.
This contains confidential and proprietary information of Mercer and is intended for the exclusive use of the parties to whom it was provided by Mercer. Its content may not be modified, sold or otherwise provided, in whole or in part, to any other person or entity, without Mercer’s written permission. The findings, ratings and/or opinions expressed herein are the intellectual property of Mercer and are subject to change without notice. They are not intended to convey any guarantees as to the future performance of the investment products, asset classes or capital markets discussed. Past performance does not guarantee future results.
This does not contain investment advice or constitute individualized investment advice relating to your particular circumstances. No investment decision should be made based on this information without first obtaining appropriate professional advice and considering your circumstances.
Information contained herein has been obtained from a range of third party sources. While the information is believed to be reliable, Mercer has not sought to verify it. As such, Mercer makes no representations or warranties as to the accuracy of the information presented and takes no responsibility or liability (including for indirect, consequential or incidental damages), for any error, omission or inaccuracy in the data supplied by any third party.
This does not constitute an offer or a solicitation of an offer to buy or sell securities, commodities and/or any other financial instruments or products or constitute a solicitation on behalf of any of the investment managers, their affiliates, products or strategies the information of which may be contained herein. Such an offer may be made only by delivery of separate confidential offering documents to accredited investors, professional investors or other qualified institutional investors pursuant to the applicable private placement provisions in each jurisdiction. The contents and information contained herein have not been endorsed nor is it intended that they will be endorsed by the SEC, any State securities administrator and/or any other regulatory authorities.
The information contained herein may not adequately take into account the recipient’s particular investment objectives, financial situations, or needs. Prospective investors should consult their legal, tax and financial advisers as to the consequences of an investment. Any manager mix and portfolio structure which may be provided herein are for illustrative purposes only and subject to change. The inclusion of any investment herein does not represent a recommendation of that investment. All investments experience gain or loss. An investor may lose all or a substantial part of its investment in any private investment vehicle. There can be no assurance that the investment objectives of any fund managed by Mercer will be achieved.
For Mercer’s conflict of interest disclosures, contact your Mercer representative or see www.mercer.com/conflictsofinterest.
For the most recent approved ratings of an investment strategy, and a fuller explanation of their meanings, contact your Mercer representative.
Mercer’s universes are intended to provide collective samples of strategies that best allow for robust peer group comparisons over a chosen timeframe. Mercer does not assert that the peer groups are wholly representative of and applicable to all strategies available to investors.