The Hedge Fund Law Report

The definitive source of actionable intelligence on hedge fund law and regulation

Articles By Topic

By Topic: Disaster Recovery Plans

  • From Vol. 9 No.40 (Oct. 13, 2016)

    How Developments With California’s Pension Plan Disclosure Law, the SEC’s Rules and FINRA’s CAB License May Impact Hedge Fund Managers and Third-Party Marketers

    Hedge fund managers and many service providers have faced a wave of new regulatory requirements since the 2008 global financial crisis. This is particularly true for third-party marketers engaged by hedge fund managers to solicit clients and fund investors, which may be subject to a barrage of regulations at the federal, state and local level depending on the nature of their business. To explore some of the latest regulatory challenges faced by funds and their marketers, The Hedge Fund Law Report recently interviewed Susan E. Bryant, counsel at Verrill Dana LLP, and Richard M. Morris, partner at Herrick, Feinstein LLP. This article sets forth the participants’ thoughts on a host of issues, including new disclosure requirements for state pension plan investors; recent enforcement trends; and new rules adopted by the SEC, FINRA, Municipal Securities Rulemaking Board (MSRB) and state regulators. On Thursday, October 20, 2016, from 10:30 a.m. to 11:30 a.m. EDT, Morris and Bryant will expand on the topics in this article – as well as other issues that affect hedge fund managers and third-party marketers – during a panel moderated by Kara Bingham, Associate Editor of the HFLR, at the Third Party Marketers Association (3PM) 2016 Annual Conference. For more information on the conference, click here. To take advantage of the HFLR’s $300 discount when registering for the conference, click the link available in the article. For prior coverage of a conference sponsored by 3PM, see “Third Party Marketers Association 2011 Annual Conference Focuses on Hedge Fund Capital Raising Strategies, Manager Due Diligence, Structuring Hedge Fund Marketer Compensation and Marketing Regulation” (Dec. 1, 2011).

    Read Full Article …
  • From Vol. 8 No.6 (Feb. 12, 2015)

    Why Should Hedge Fund Investors Perform On-Site Due Diligence in Addition to Remote Gathering of Information on Managers and Funds? (Part Three of Three)

    On-site visits have become de rigueur in operational due diligence, with many investors putting a high premium on face-to-face meetings with fund managers.  But the difference between a superficial and an effective on-site visit can be profound.  Merely showing up is not sufficient.  In fact, going on site without the right strategy can create the illusion of a “deep dive” without the substance.  Effective on-site due diligence is not just a matter of staying longer, asking more questions and reviewing more documents.  It is a discipline unto itself, with techniques that are proven to work.  Usually, those techniques can only be learned through trial and error.  This article, the third in a three-part series, aims to minimize the “error” part of that learning process by revealing best practices learned by long-time ODD practitioners.  Specifically, this article details: workable and effective on-site diligence procedures, including evaluating cybersecurity programs; red flags to identify; and an investor’s options following the on-site visit.  The first article focused on the rationale for the on-site visit and the mechanics of preparation.  The second article discussed how investors should conduct due diligence visits, and how managers can prepare for them effectively.  See also “Operational Due Diligence from the Hedge Fund Investor Perspective: Deal Breakers, Liquidity, Valuation, Consultants and On-Site Visits,” The Hedge Fund Law Report, Vol. 7, No. 16 (Apr. 25, 2014).

    Read Full Article …
  • From Vol. 7 No.13 (Apr. 4, 2014)

    How Can Hedge Fund Managers Reconcile Effective Monitoring of Electronic Communications with Employees’ Privacy Rights? (Part One of Three)

    Information is the raw material out of which hedge fund managers fashion their finished products – compelling investment ideas and, one hopes, absolute returns.  As such, managers and their personnel are continuously engaged in collecting, refining and transmitting information, that is, communicating.  Today, the vast majority of such communications occur electronically – via e-mail, chat, text, social media and similar channels.  From an investment perspective, this increases opportunities but at the same time competition.  From a compliance perspective, the proliferation of electronic communications has dramatically expanded the range of opportunities for legal and regulatory violations.  Hedge fund managers are not unique among businesses in contending with the compliance challenges raised by electronic communications, but many of the specific compliance challenges faced by hedge fund managers are industry-specific.  Accordingly, The Hedge Fund Law Report is undertaking a three-part series intended to identify the specific compliance challenges for hedge fund managers raised by electronic communications and to outline best practices for surmounting those challenges.  This article – the first in the series – catalogues six reasons why hedge fund managers need to monitor electronic communications of employees and highlights two settings in which procedures other than electronic communication monitoring are most effective.  Subsequent articles in the series will discuss the sources of employees’ privacy rights, factors bearing on the reasonableness of an employee’s expectation of privacy, the benefits and limits of specific policies regarding electronic communication monitoring and best practices in this area.  See also “Key Elements of Electronic Communications Policies and Procedures for Hedge Fund Managers,” The Hedge Fund Law Report, Vol. 3, No. 44 (Nov. 12, 2010).

    Read Full Article …
  • From Vol. 6 No.37 (Sep. 26, 2013)

    SEC Risk Alert Describes Deficiencies Found During Reviews of Investment Advisers’ Business Continuity and Disaster Recovery Plans and Recommends Best Practices for Such Plans

    Almost one year ago, Hurricane Sandy caused widespread disruption and damage to businesses, including the two-day closure of equities and options markets.  For weeks, Lower Manhattan – where the New York Stock Exchange and numerous financial firms are based – was without power and had limited public transportation.  Largely in response to those disruptions, the SEC’s Office of Compliance Inspections and Examinations (OCIE) recently reviewed the disaster recovery/business continuity plans (together, BCPs) of 40 registered investment advisers.  Its recent Risk Alert (Alert) provides valuable insight into what the SEC considers best practices for BCPs.  The Alert is a targeted follow-up to the August 2013 Joint Report issued by OCIE, the Commodity Futures Trading Commission’s Division of Swap Dealers and Intermediary Oversight and the Financial Industry Regulatory Authority with regard to the business continuity and disaster recovery planning of financial firms.  This article summarizes OCIE’s findings and recommended best practices, and includes relevant insights from the Joint Report.  For a comprehensive look at BCPs and disaster preparedness, see “What Are the Key Elements of a Comprehensive Hedge Fund Adviser Disaster Recovery Plan, and Why Are Such Plans a Business Imperative?,” The Hedge Fund Law Report, Vol. 3, No. 8 (Feb. 25, 2010); and “Key Elements of a Hedge Fund Adviser Business Continuity Plan,” The Hedge Fund Law Report, Vol. 3, No. 7 (Feb. 17, 2010).

    Read Full Article …
  • From Vol. 6 No.17 (Apr. 25, 2013)

    Roundtable Addresses Trends in Hedge Fund Operational Due Diligence, Fund Expenses, Administrator Shadowing, Business Continuity Planning and Cloud Computing

    At a recent roundtable, hedge fund investor due diligence experts offered their perspectives on evolving hedge fund manager operations and investor due diligence practices.  The panelists addressed various specific topics, including: the impact of regulations on investor due diligence processes; investor responses to increased insider trading risks; scrutiny of fund expenses; administrator shadowing; business continuity planning for hedge fund managers; and the benefits and risks of cloud computing services.  These investor perspectives can provide useful information for hedge fund managers looking to refine their capital raising efforts.  This article highlights the salient points discussed on each of the foregoing topics.

    Read Full Article …
  • From Vol. 3 No.8 (Feb. 25, 2010)

    What Are the Key Elements of a Comprehensive Hedge Fund Adviser Disaster Recovery Plan, and Why Are Such Plans a Business Imperative?

    Last week’s issue of The Hedge Fund Law Report included a comprehensive analysis of business continuity plans (BCPs) in the hedge fund context.  See “Key Elements of a Hedge Fund Adviser Business Continuity Plan,” The Hedge Fund Law Report, Vol. 3, No. 7 (Feb. 17, 2010).  That analysis enumerated the key elements of such plans, identified the rationale for each element and highlighted various practical considerations (including the increased focus of institutional investors on BCPs during due diligence and the related focus of the SEC on such plans during inspections and examinations).  As the article noted, one of the key elements of any hedge fund adviser BCP is the disaster recovery plan (DRP).  Generally, DRPs are – conceptually and literally – subsets of BCPs, which in turn generally are subsets of a hedge fund adviser’s compliance manual.  BCPs, as the name implies, focus on procedures to enable a hedge fund manager to continue its business operations and investments without interruption in the event of a range of identified risks and events.  Such events may be natural (e.g., hurricanes, earthquakes, pandemics), man-made (e.g., terrorism, theft, other crimes) or technological (e.g., power outages, disruption of exchanges, computer viruses).  DRPs, by contrast, focus on procedures to enable a hedge fund manager to get back to business as quickly as possible following a business interruption occasioned by one of the listed categories of risks and events.  BCPs are about avoiding disasters; DRPs are about recovering from them.  Yet despite the conceptual difference, in practice, they are two sides of the same coin, are often mentioned in the same breath, would both be triggered in many similar circumstances and would call for many of the same actions.  Institutional investors are focusing with renewed vigor on DRPs (as they are on BCPs) in the course of their initial and ongoing due diligence.  (By “ongoing due diligence,” we mean that a savvy current investor may ask to see a robust DRP as a condition of remaining invested.)  There are at least five reasons for this.  First, recently uncovered frauds have demonstrated that man-made “disasters” pose serious investment risks.  See “Federal Judge Approves Settlement Agreements Arising out of Marc Dreier’s Criminal Fraud; Hedge Fund Victims ‘Squabble’ Over Proposed Recovery,” The Hedge Fund Law Report, Vol. 3, No. 7 (Feb. 17, 2010).  Second, institutional investors are starting to perceive and prepare for disasters from an insurance perspective, as quintessential “catastrophes” – high magnitude, low probability events against which precautions can be taken.  In this analogy, having a workable DRP is like moving away from beachfront property in a hurricane-prone region.  See “The Hedge Fund Transparency Act and its Unintended Consequences for Cat Bonds,” The Hedge Fund Law Report, Vol. 2, No. 20 (May 20, 2009).  Third, as a practical matter, many institutional investors outsource a portion of their due diligence to consultants (such as pension consultants) or operational risk due diligence providers.  If such service providers perceive the benefits of a DRP at one hedge fund manager on who they perform due diligence, they will look for DRPs at other hedge fund managers.  See “How Can Hedge Fund Investors Hone Their Due Diligence in Light of Alarming Rate of  ‘Verification Problems’ Discovered in Recent Study of Hedge Fund Due Diligence Reports?,” The Hedge Fund Law Report, Vol. 2, No. 44 (Nov. 5, 2009).  Fourth, many hedge fund managers have grown to rely to an increasing degree on technology.  Such managers can be adversely and more severely impacted by technological interruptions, but by the same token, they generally can recover from such interruptions faster.  Finally, there is the issue of fiduciary duty: a hedge fund manager has a fiduciary duty to its clients (which for most purposes in the hedge fund world means its hedge funds or managed accounts), and no provision in the Investment Advisers Act or at common law provides an exception to that duty during disasters.  Put another way, hedge fund managers are required by their fiduciary duties to prepare for foreseeable adverse events.  See “For Hedge Fund Managers, How Would a Statutory Definition of ‘Fiduciary Duty’ Affect the Scope of the Duty and the Standard for Breach?,” The Hedge Fund Law Report, Vol. 2, No. 34 (Aug. 27, 2009).  In recognition of the practical and marketing imperatives to hedge fund managers of having in place robust and best-of-breed DRPs, this article discusses: a more comprehensive definition of a DRP; the key elements of a hedge fund manager DRP (including recovery point objectives, recovery time objectives and the importance to smaller hedge fund managers of coordinating with service providers); the impact of a hedge fund’s strategy on design of its manager’s DRP; the role played by DRPs in institutional investor due diligence; specific technology issues (including the roles of Blackberries, trading, trade capture and accounting systems, and IT personnel); the potentially paradigm-shifting utility of “cloud computing” in disaster recovery planning; and testing and maintenance of DRPs.

    Read Full Article …