The Hedge Fund Law Report

The definitive source of actionable intelligence on hedge fund law and regulation

Articles By Topic

By Topic: Business Continuity Plans

  • From Vol. 9 No.40 (Oct. 13, 2016)

    How Developments With California’s Pension Plan Disclosure Law, the SEC’s Rules and FINRA’s CAB License May Impact Hedge Fund Managers and Third-Party Marketers

    Hedge fund managers and many service providers have faced a wave of new regulatory requirements since the 2008 global financial crisis. This is particularly true for third-party marketers engaged by hedge fund managers to solicit clients and fund investors, which may be subject to a barrage of regulations at the federal, state and local level depending on the nature of their business. To explore some of the latest regulatory challenges faced by funds and their marketers, The Hedge Fund Law Report recently interviewed Susan E. Bryant, counsel at Verrill Dana LLP, and Richard M. Morris, partner at Herrick, Feinstein LLP. This article sets forth the participants’ thoughts on a host of issues, including new disclosure requirements for state pension plan investors; recent enforcement trends; and new rules adopted by the SEC, FINRA, Municipal Securities Rulemaking Board (MSRB) and state regulators. On Thursday, October 20, 2016, from 10:30 a.m. to 11:30 a.m. EDT, Morris and Bryant will expand on the topics in this article – as well as other issues that affect hedge fund managers and third-party marketers – during a panel moderated by Kara Bingham, Associate Editor of the HFLR, at the Third Party Marketers Association (3PM) 2016 Annual Conference. For more information on the conference, click here. To take advantage of the HFLR’s $300 discount when registering for the conference, click the link available in the article. For prior coverage of a conference sponsored by 3PM, see “Third Party Marketers Association 2011 Annual Conference Focuses on Hedge Fund Capital Raising Strategies, Manager Due Diligence, Structuring Hedge Fund Marketer Compensation and Marketing Regulation” (Dec. 1, 2011).

    Read Full Article …
  • From Vol. 7 No.47 (Dec. 18, 2014)

    SEC Chair White Describes the SEC’s Game Plan with Respect to the Asset Management Industry

    In a speech at a December 11, 2014 event sponsored by The New York Times DealBook, SEC Chair Mary Jo White laid out her agency’s agenda concerning the asset management industry.  First, White summarized the recent growth of the asset management industry and the SEC’s current tools to address conflicts of interest, registration, reporting and disclosure.  Second, White focused on the SEC’s plan to improve its grasp of portfolio composition risks and operational risks by: requiring better data reporting and risk controls, particularly with respect to derivatives; mandating that investment advisers create transition plans to prepare for major business disruptions; and requiring large investment advisers and funds to submit to annual stress testing.  For additional recent insight on SEC regulatory and enforcement priorities, see “SEC Investment Management Division Director Norm Champ Details Disclosure Challenges Facing Hedge and Alternative Mutual Fund Managers,” The Hedge Fund Law Report, Vol. 7, No. 46 (Dec. 11, 2014).

    Read Full Article …
  • From Vol. 6 No.37 (Sep. 26, 2013)

    SEC Risk Alert Describes Deficiencies Found During Reviews of Investment Advisers’ Business Continuity and Disaster Recovery Plans and Recommends Best Practices for Such Plans

    Almost one year ago, Hurricane Sandy caused widespread disruption and damage to businesses, including the two-day closure of equities and options markets.  For weeks, Lower Manhattan – where the New York Stock Exchange and numerous financial firms are based – was without power and had limited public transportation.  Largely in response to those disruptions, the SEC’s Office of Compliance Inspections and Examinations (OCIE) recently reviewed the disaster recovery/business continuity plans (together, BCPs) of 40 registered investment advisers.  Its recent Risk Alert (Alert) provides valuable insight into what the SEC considers best practices for BCPs.  The Alert is a targeted follow-up to the August 2013 Joint Report issued by OCIE, the Commodity Futures Trading Commission’s Division of Swap Dealers and Intermediary Oversight and the Financial Industry Regulatory Authority with regard to the business continuity and disaster recovery planning of financial firms.  This article summarizes OCIE’s findings and recommended best practices, and includes relevant insights from the Joint Report.  For a comprehensive look at BCPs and disaster preparedness, see “What Are the Key Elements of a Comprehensive Hedge Fund Adviser Disaster Recovery Plan, and Why Are Such Plans a Business Imperative?,” The Hedge Fund Law Report, Vol. 3, No. 8 (Feb. 25, 2010); and “Key Elements of a Hedge Fund Adviser Business Continuity Plan,” The Hedge Fund Law Report, Vol. 3, No. 7 (Feb. 17, 2010).

    Read Full Article …
  • From Vol. 6 No.17 (Apr. 25, 2013)

    Roundtable Addresses Trends in Hedge Fund Operational Due Diligence, Fund Expenses, Administrator Shadowing, Business Continuity Planning and Cloud Computing

    At a recent roundtable, hedge fund investor due diligence experts offered their perspectives on evolving hedge fund manager operations and investor due diligence practices.  The panelists addressed various specific topics, including: the impact of regulations on investor due diligence processes; investor responses to increased insider trading risks; scrutiny of fund expenses; administrator shadowing; business continuity planning for hedge fund managers; and the benefits and risks of cloud computing services.  These investor perspectives can provide useful information for hedge fund managers looking to refine their capital raising efforts.  This article highlights the salient points discussed on each of the foregoing topics.

    Read Full Article …
  • From Vol. 3 No.8 (Feb. 25, 2010)

    What Are the Key Elements of a Comprehensive Hedge Fund Adviser Disaster Recovery Plan, and Why Are Such Plans a Business Imperative?

    Last week’s issue of The Hedge Fund Law Report included a comprehensive analysis of business continuity plans (BCPs) in the hedge fund context.  See “Key Elements of a Hedge Fund Adviser Business Continuity Plan,” The Hedge Fund Law Report, Vol. 3, No. 7 (Feb. 17, 2010).  That analysis enumerated the key elements of such plans, identified the rationale for each element and highlighted various practical considerations (including the increased focus of institutional investors on BCPs during due diligence and the related focus of the SEC on such plans during inspections and examinations).  As the article noted, one of the key elements of any hedge fund adviser BCP is the disaster recovery plan (DRP).  Generally, DRPs are – conceptually and literally – subsets of BCPs, which in turn generally are subsets of a hedge fund adviser’s compliance manual.  BCPs, as the name implies, focus on procedures to enable a hedge fund manager to continue its business operations and investments without interruption in the event of a range of identified risks and events.  Such events may be natural (e.g., hurricanes, earthquakes, pandemics), man-made (e.g., terrorism, theft, other crimes) or technological (e.g., power outages, disruption of exchanges, computer viruses).  DRPs, by contrast, focus on procedures to enable a hedge fund manager to get back to business as quickly as possible following a business interruption occasioned by one of the listed categories of risks and events.  BCPs are about avoiding disasters; DRPs are about recovering from them.  Yet despite the conceptual difference, in practice, they are two sides of the same coin, are often mentioned in the same breath, would both be triggered in many similar circumstances and would call for many of the same actions.  Institutional investors are focusing with renewed vigor on DRPs (as they are on BCPs) in the course of their initial and ongoing due diligence.  (By “ongoing due diligence,” we mean that a savvy current investor may ask to see a robust DRP as a condition of remaining invested.)  There are at least five reasons for this.  First, recently uncovered frauds have demonstrated that man-made “disasters” pose serious investment risks.  See “Federal Judge Approves Settlement Agreements Arising out of Marc Dreier’s Criminal Fraud; Hedge Fund Victims ‘Squabble’ Over Proposed Recovery,” The Hedge Fund Law Report, Vol. 3, No. 7 (Feb. 17, 2010).  Second, institutional investors are starting to perceive and prepare for disasters from an insurance perspective, as quintessential “catastrophes” – high magnitude, low probability events against which precautions can be taken.  In this analogy, having a workable DRP is like moving away from beachfront property in a hurricane-prone region.  See “The Hedge Fund Transparency Act and its Unintended Consequences for Cat Bonds,” The Hedge Fund Law Report, Vol. 2, No. 20 (May 20, 2009).  Third, as a practical matter, many institutional investors outsource a portion of their due diligence to consultants (such as pension consultants) or operational risk due diligence providers.  If such service providers perceive the benefits of a DRP at one hedge fund manager on who they perform due diligence, they will look for DRPs at other hedge fund managers.  See “How Can Hedge Fund Investors Hone Their Due Diligence in Light of Alarming Rate of  ‘Verification Problems’ Discovered in Recent Study of Hedge Fund Due Diligence Reports?,” The Hedge Fund Law Report, Vol. 2, No. 44 (Nov. 5, 2009).  Fourth, many hedge fund managers have grown to rely to an increasing degree on technology.  Such managers can be adversely and more severely impacted by technological interruptions, but by the same token, they generally can recover from such interruptions faster.  Finally, there is the issue of fiduciary duty: a hedge fund manager has a fiduciary duty to its clients (which for most purposes in the hedge fund world means its hedge funds or managed accounts), and no provision in the Investment Advisers Act or at common law provides an exception to that duty during disasters.  Put another way, hedge fund managers are required by their fiduciary duties to prepare for foreseeable adverse events.  See “For Hedge Fund Managers, How Would a Statutory Definition of ‘Fiduciary Duty’ Affect the Scope of the Duty and the Standard for Breach?,” The Hedge Fund Law Report, Vol. 2, No. 34 (Aug. 27, 2009).  In recognition of the practical and marketing imperatives to hedge fund managers of having in place robust and best-of-breed DRPs, this article discusses: a more comprehensive definition of a DRP; the key elements of a hedge fund manager DRP (including recovery point objectives, recovery time objectives and the importance to smaller hedge fund managers of coordinating with service providers); the impact of a hedge fund’s strategy on design of its manager’s DRP; the role played by DRPs in institutional investor due diligence; specific technology issues (including the roles of Blackberries, trading, trade capture and accounting systems, and IT personnel); the potentially paradigm-shifting utility of “cloud computing” in disaster recovery planning; and testing and maintenance of DRPs.

    Read Full Article …
  • From Vol. 3 No.7 (Feb. 17, 2010)

    Key Elements of a Hedge Fund Adviser Business Continuity Plan

    The credit crisis changed the nature of institutional investor due diligence of hedge fund managers.  While performance remains a critical diligence point, aspects of the hedge fund advisory business other than performance now play a more prominent role in the investment decision-making process of institutional investors.  See “How Can Start-Up Hedge Fund Managers Use Past Performance Information to Market New Funds?,” The Hedge Fund Law Report, Vol. 2, No. 50 (Dec. 17, 2009).  The idea is that even hedge fund managers with years of competitive fund performance and deep benches of investment talent can be laid low by inadequate risk management, compliance and controls.  Galleon is the paradigmatic example.  See “Best Practices for a Hedge Fund Manager General Counsel or Chief Compliance Officer that Suspects or Discovers Insider Trading by Manager Employees or Principals,” The Hedge Fund Law Report, Vol. 2, No. 48 (Dec. 3, 2009).  One element of hedge fund adviser infrastructure that has received significant attention of late from institutional investors (as well as regulators) is the business continuity plan (BCP).  Broadly, as the name implies, a BCP is a written plan (often included in the compliance manual) in which a hedge fund manager identifies the range of events and risks that can interrupt business operations and investment activities, and details the steps that the manager will take if those events or risks come to fruition.  Events that may trigger the procedures in a BCP can be natural (e.g., hurricanes, earthquakes, pandemics), man-made (e.g., terrorism, theft, other crimes) or technological (e.g., power outages, disruption of exchanges, computer viruses).  And the procedures used to address those risks must be tailored to the manager’s strategy, technology, network of service providers and geographic location.  Moreover, the BCP has to be a living document – something that is tested, communicated to employees and other constituents, and updated as relevant.  It cannot be boilerplate: at this point, institutional investors have seen a healthy number of BCPs, and they will know when they see a BCP that reflects inadequate customization – and that can make the difference between investment and non-investment.  This article offers a comprehensive analysis of BCPs in the hedge fund context, as well as reporting from a recent webinar on the topic hosted by hedge fund technology firm Eze Castle Integration and prime broker Pershing Prime Services.  In particular, this article: defines a BCP more particularly; enumerates key elements of a hedge fund manager BCP (including, among others, development of an impact analysis, communications plans, backup facilities, coordination with third-party service providers and succession planning); and discusses: the impact of a hedge fund’s strategy on its manager’s BCP; regulatory requirements, including what the SEC looks for with respect to BPCs in the course of inspections and examinations; institutional investor expectations; disclosure considerations; communicating a BCP to hedge fund manager employees; and the frequency with which a BCP should be reviewed and updated.  This article is the first in a two-part series.  The second article in the series will deal with disaster recovery plans, which are close cousins of BCPs and are outlined in this article.

    Read Full Article …