As we enter the New Year, one trend we see clearly emerging is that hedge fund compliance risk management is being revised and reinvented, driven by a set of interrelated dynamics connected to regulations and operations, as well as their own cultural DNA and business focus.
Hedge fund firms are caught up in a tangled web of global regulations – often overlapping and sometimes disparate – that govern their business and their operations. Additionally, hedge funds find themselves adapting to what I call the “hedge fund chameleon” business model, in which funds wear, in certain instances, sell-side clothing, resulting in their having to deal with new or hidden compliance risks.
In reaction to the global financial crisis, the potential for insider dealing, plus various benchmark and FX debacles, the “buy side,” especially hedge funds, found themselves in the crosshairs of new and far-reaching regulatory schemes. The extraterritorial reach of global regulations is no longer the exception, but the norm. One could easily make the argument that hedge funds are subject to a far more encompassing, complicated and complex regulatory framework than their counterparts on the sell side.
Case in point: the sell side and the buy side are both equally subject to various types of market manipulation, market abuse and market conduct rules, including the SEC Exchange Act, the Commodities Exchange Act, Dodd-Frank, MAR, MAD II and MiFID II, along with other rules established by the Financial Conduct Authority (FCA) and the Securities and Futures Commission (SFC). The buy side, however, is further subject to numerous rules and regulations specific to the asset/fund management industry, including but not limited to the SEC Advisers Act, UCITS, the EU AIFMD and the FIEA in Japan. Collectively, this global regulatory framework has had a daunting effect, both resource intensive and capital expensive, on hedgies subject to multiple regulatory jurisdictions.
Consequently, hedge fund firms are faced with the choice of buying or building “siloed” risk controls at the “country/regional level” or, alternatively and preferably, “holistic” compliance controls at the enterprise level. The holistic enterprise model goes a long way in alleviating the regulatory extraterritorial reach issue while mitigating liability for those with both gatekeeping management responsibilities and corporate governance accountabilities.
In large part because of the structural changes to the markets brought about by either regulations (e.g., Dodd-Frank) or opportunities (e.g., the voids created by banks de-risking and retreating from market making and providing liquidity), hedge funds have been aggressive not only in scooping up sell-side prop traders, but also in becoming a bigger force as liquidity providers and in market making, particularly in FICC markets. Along with expanded roles come expanded compliance risks that, in all likelihood, were not initially contemplated by the risk systems/controls of the hedge fund community. These changes resulted in new risk assessments, gap identifications and effective gap remediation via in-house development or by sourcing commercial vendors with proven FICC expertise.
Today’s hedgies need a solution not only that covers all asset classes within and outside of FICC, but also that provides a holistic compliance framework that cuts across all buy-side and sell-side enterprise risk. Additionally, the solution should demonstrate that it recognizes that the risk at the strategy level (e.g., macro vs. micro) and at the decisioning level (discretionary vs. systematic) are indeed different from one another, requiring different risk analytics/controls. This approach may require a bigger spend, but in the end it will provide a much larger ROI than mere “tick the box” approaches could. To believe otherwise is perhaps a short-sighted view over the long haul.
To borrow an old, and perhaps corny, cliché: “Good compliance is good business.” The perils of noncompliance are well understood, and one need not look any further than the sell-side casualties that resulted from the regulators/enforcement authorities that began and continued post the 2008 crisis.
At this point in time, “good business” for hedge funds dictates perfecting risk controls with a holistic compliance risk infrastructure that connects the dots from an “intent” perspective and that identifies risk and/or supports compliance risk analytics with an all-encompassing and sophisticated communications surveillance program. This approach is integrated with those compliance risk analytics that identify hidden risk through cognitive analytics, which munch through big data (internal and external) through profiling, trending, behavioral deviation and emerging, predictive (“before the fact”) technologies.
There is an oft-cited saying that works well to describe past attempts to redefine compliance risk management: “The more things change, the more they remain the same.” Happily, I am seeing abundant evidence that this current reinvention in the hedge fund domain is proceeding differently and appears to be a real game-changer of the sort that will bring enormous dividends to all compliance risk stakeholders. I believe this change will allow for the effective delegation and discharge of compliance responsibilities in compliance risk identification, deterrence and prevention, whether you are focused on front-, middle- or back-office functions.