EY Risk Management for Asset Management Survey 2013

Risk management for asset managementEY EMEIA survey 2013

Contents

Introduction 1

Executive summary 4

‘Top 10’ action list to achieve better risk management 10

Survey findings 14

Summary of findings — 2013 survey vs. 2012 survey 40

Glossary of acronyms 42

Contacts 44

1Risk management for asset management EY survey 2013

Introduction

The cycle of cost growth, fee competition, squeezed margins and the need for greater scale was a feature over 2012, and the trend was set to accelerate during 2013, challenging asset managers to innovate to safeguard sustainable profits. Innovation among European asset managers and asset servicers was becoming increasingly complex, often driven by specialized entrants from the US. The asset management industry was also ripe for consolidation, with smaller players the most likely targets. As change was constant, the need for proportionate risk management — in the form of appropriate governance, risk appetite, embedded procedures and effective use of risk management frameworks/KRIs — was never greater in the current business climate.

Examples of innovation seen in the survey consisted of loan ETFs, post-RDR share classes, portable alpha, LDI-variant and smart beta strategies. Given that successful innovators stood to gain first-mover advantage, higher fees and greater customer loyalty, innovation coupled with effective risk mitigation was seen as a vital source of differentiation and/or a compelling route to direct market entry. In addition asset managers and asset servicers were being impacted by a plethora of regulations with varying effects, some significant and others contradictory. What these regulations had in common, however, was a tendency to push up costs. The most successful firms proved to be those that managed to keep their cost/income (C/I) ratio in the range 55–65 in this environment.

For example, at a macro-prudential level, approaches were proposed to address the need for provisioning high-quality capital to mitigate pro-cyclicality, particularly for significant influence financial institutions (SIFIs), to reform risk management, to bolster compensation practices and to strengthen crisis management procedures. Regulators in the UK and Germany in particular were more keen to see evidence of advanced, externally validated capital modeling and reverse stress testing (RST). In response, firms recognized that extra capital provisioning and shoring up procedures would not come free, and costs would inevitably need to be passed on to end investors.

At a macro conduct level, European asset managers remained keen to expand globally, but as yet, there was no consensus on how to overcome the problem of fragmented product regulations despite high-level agreements from G20 governments on the critical issues to be tackled. Most argued the case that their interests were auto-aligned with the interests of their clients, but to little avail. As the G20 deadline of 31 December 2012 expired, asset managers seemed challenged to handle more complexities than ever before against a backdrop of competing regulatory approaches and desires for greater transparency. The latter were anything but convergent.

Several respondents commented that if this process was left unmanaged moving forward, competing regulatory changes could limit the industry’s innovative zeal. Recent topical examples included the use of substituted compliance involving entity- and transaction-level tests (employed by the US regulators), third-country equivalence tests/mutual recognition (employed by the EC/Trilogue processes), use of regulatory colleges (in Europe, typically used when evaluating CCPs), and finally thematic reviews undertaken by individual competent authorities such as the AMF or CNMV (for managing conflicts in France and Spain, respectively) or CMVM for sale of complex products ahead of MiFID II in Portugal.

“The biggest difference from 2012 is that the tidal wave of regulation is even higher, and more tentative,

meaning that the impact of the regulations is even bigger while

the detail is less clear. We expect this firm to be caught with the full force of Dodd-Frank — registration,

Volcker Rule on covered funds and OTC derivative measures — while the precise rulemaking is

still work in progress.”

“There is a big focus to ensure that products should be priced appropriately, and if we cannot

rely on the safety and soundness of our intermediaries, this will

have a radical effect on our business models.”

“The regulators are pushing for the asset management

industry to become unviable at a time when returns are falling. Some are asking whether fees

levied should be reflective of performance or risk. Others are

pushing for firms to be penalized if the expected outcome is

not delivered.”

2 Risk management for asset management EY survey 2013

As the investment management industry was maturing, tax was equally becoming an increasingly complex issue, both in terms of reporting and at an investment portfolio level. The proposed introduction of a financial transaction tax (FTT), in the potential form of a directive spooked many asset managers this year, who were not at all clear on the intended impacts, much less the unintended ones. There were several factors at work, not least because FTT was presented as a tax information sharing scheme (like FATCA) but also because the FTT would seemingly apply to cases involving a “riskless principal” transaction (where the current understanding is that both parties to the transaction will be liable to pay the FTT, giving rise to a cascade effect). Scenario modeling will be key.

It was clear that running a successful asset management business was equally about the need for sound risk management and innovation as sound returns and profitability. Regulators had migrated from the mindset of “tick-box” compliance per the rulebooks to feature two additional mindsets: a) firms to demonstrate that the products or services offered did not lead to customer detriment under various market conditions, and b) firms to provide evidence of the value-add per the fees being charged.

Given the open-ended and ongoing nature of these “asks” above, respondents in 2013 wanted to know how much is enough allocating FTE numbers and assessing the quality of expertise required to keep pace with complex and shifting rules. There was a significant desire for benchmarking effectiveness, fitness for purpose and market “best practices.” Indeed counting resources, noting where they were located and measuring how they would respond to a crisis became a functional pastime this year. Where some firms saw challenges given the pace of innovation and regulatory impact, a top quartile of firms expressed excitement at new opportunities, designing asset management solutions to win share of mind and market.

Moving forward, we believe that careful thought about future developments and possible improvements in risk management should be extremely valuable for firms of all sizes and locations, covering active, passive, quantitative, alternative/hedge fund, real estate, investment trust, LDI, SRI, ETF or other styles of managing assets. We also believe that third parties, such as asset servicers, fund administrators, outsourcing providers, transfer agents, platform providers and prime brokers who service asset managers, could greatly benefit from this knowledge and thus serve their clients better.

“The lack of decent-quality collateral is our primary concern.

We are doing a lot of work around SBL, repo and collateral because

we are worried about the position of the banks, and the amount of collateral shortfall runs into the

trillions of dollars.”

“Risk officers will need to do a lot more than act as the

boundary between Portfolio Risk management and Internal Audit.”


In conducting this survey, we interviewed 54 heads of risk and chief risk officers representing a selection of large, medium and small traditional and alternative investment management firms (by AuM) operating in the UK/Ireland, France, Germany, Luxembourg, The Netherlands, Switzerland and Italy. The survey built on the results recorded during the four previous risk management for asset management surveys, which were conducted from 2009 to 2012. Our interviews covered strategy, horizon risk, risk appetite and governance, themed risk areas, such as investment risk, product/conduct risk, prudential risk, counterparty credit risk, operational risk, tax (FATCA/FTT) risk and reputational risk. The survey also covered practical areas, such as resourcing, prioritization, risk monitoring, systems and controls, and data/management information. Interviews gave respondents the scope to offer their full opinions under conditions of anonymity. Once again, we are most grateful to them for their continued patience and considerable support behind this endeavour.

We have also added EY’s view of the “Top 10” actions that we believe will help firms to improve their risk management processes still further. Critical conclusions are featured in the executive summary for ready reference by seniors, particularly from the boards, non-executive directors (NEDs) or the business. This survey complements the Compliance Management for Asset Management 2012 survey.

We hope that you and your colleagues enjoy reading this report and that you find it constructive and thought-provoking in helping your firm raise its game against your peers and mitigate risks effectively to innovate, offering new products and services without fear of reputational damage.

As ever, we welcome your comments, feedback and continued dialogue. If you would like to discuss any aspect of the survey, please get in touch using the contact details at the back of the report.

“The direction of travel of regulators and policy-makers is that they work on the assumption that the markets don’t function efficiently. What concerns me is that regulation is becoming more frequent, more evidence-based, and it is insufficient that a firm demonstrates lack of customer detriment. Regulators want to see that value was added, but then our buyers are looking for strong performance asset management.”

“Pay and bonuses are all a red herring. This is about demonstrating the value of intermediation to the regulator. The current focus on sell-side commissions, paying for company visits or the margins of the FX business all arise from the same suspicion.”

Risk management for asset management EY survey 20134

Executive summaryEY’s risk management for asset management 2013 survey offers a revealing insight into the unique set of challenges currently confronting our industry’s risk management professionals. In comparing the views of more than 54 heads of risk and chief risk officers at many of the most recognized traditional and alternative asset managers in the UK and continental Europe, the survey provides indications about the future development of the continued evolution and strategic importance of the risk function for asset management firms.


Executive summary

1. Given the tsunami of new directives and regulatory measures at global, regional and local levels, the gap between risk management and regulatory management is narrowing; both the regulators and NEDs were becoming critical drivers.

Running a successful asset management business is equally about the need for forward-facing, sound risk management and innovation as sound returns and profitability. Respondents in this year’s survey commented how regulatory risk was now considered to be the number one risk. Nearly every firm mentioned challenges that their firms are facing by trying to comply with a torrent of global, regional and local/thematic prudential and conduct regulations, applied in the form of rule-making, principles and recommendations, sometimes over varying timelines and sometimes expressed at citizens or entities located cross-border (extraterritorially). As a result, we noted how the gap between risk and compliance functions was narrowing, with more risk professionals involving themselves in regulatory reform and compliance issues.

Another new feature in the survey was the interest of NEDs in the top horizon risks impacting firms, arising from macroeconomic factors, geopolitical changes to regulations at a local or regional level, or tax legislation changes. Leading firms were able to route horizon risk outputs directly into their decisioning through their analysts and desk-heads. Intrusive regulations and legal risks were the top two horizon risks on the radar, with the AIFMD and UCITS V/VI measures representing regulatory implementations with the highest priority and impact for asset managers in general. Satisfying the needs of NEDs for guidance and challenge at board level was certainly a primary motivation behind firms in the UK raising their game in this way.

2. Proving that investment risk was ring-fenced from bias and conviction became a badge of honor in 2013. Responses were varied when it came to the management of certain strands of investment risk, e.g., risk budgeting, single portfolio views, advanced risk metrics, sensitivity analyses and management of model risks.

Investment risk arises from the promise of performance, which remains undelivered. A key element of the overall investment risk framework is the clear identification, documentation and communication of the client’s risk appetite, as explained above. However, the governance of the investment risk function is a critical component of this framework, taking into account the different criteria that are used across different styles of asset managers. Many of the larger firms claimed that their investment risk function was truly independent, but this was in evidence only if there was qualified headcount located in the second line of defense (2LD) able to provide effect challenge against bias and conviction decisioning on the part of the portfolio managers. By contrast, many smaller firms still provided investment risk monitoring from within the front office teams.

The top quartile of respondents in this regard featured dedicated investment risk individuals with 1) the skillsets to analyze and support portfolio managers, and 2) the personalities to challenge the business robustly and evidentially when called to do so. Given the competition for this skillset, we discovered that many of the individuals might need to be on remuneration packages more aligned to front office or banking. The leading firms provided deep technical analysis into investment risk issues, developing investment risk parameters for products; conducting independent reviews and analysis of investment risk within products, models and portfolios; and developing the reporting and risk analytics capability to support portfolio managers. Respondents also commented on the need to derive quality management information from interlinked systems (allowing a “single portfolio view” to be drawn) — a critical differentiator between firms in the survey.

“The sheer volume of current regulations is the problem.

More research is needed on how dangerous this situation is

becoming, given that regulation comes from a huge political

agenda. In the UK, we are losing the notion of a relationship with the regulator. Given the spate of thematic reviews, the narrative

remains ‘be afraid, be very afraid’ under the FCA.”

“The world has moved on from the historic view of OpR as

pertaining to people, processes and systems; today, OpR can span

anything from counterparty CrR oversight to business risk, which

we would see as strategy risk.”

“Previous FSA visits had focused on governance, platforms, ICAAP

and client assets/s166 client money. This time around, the

3LD was hammered owing to a lack of evidence of meaningful

challenge in existence and a need for a stronger risk management

framework. The Business Risk team was a particular focus

because the business had of late de-emphasized the need for

business champions working with the risk team.”


Executive summary

“Having prepared well in advance for Solvency II and seen the

deadline pushed back a couple of years, we are now in search

of last mover advantage. We feel that some capital modeling

benefits to be gained from Solvency II, but we also need to

answer a lot of questions around whether the money could have

been spent differently.”

“We don’t do things in Risk and Compliance for the sake

of regulators, actually. We do things because they make sound

commercial sense, and that reputation attracts and retains

our clients.”

“We have thought about the AIFM/MiFID firm separation and

have decided for now to keep the entities separate because we don’t think that dual registration

will be a constraint, but the capital costs are a nuisance.”

3. Regulatory approaches showed signs of divergence. In the US, there is the prospect of extraterritorial impacts. In France and Luxembourg, competent authorities are focusing on liability. In the UK, there is the prospect of more thematic approaches — for example, assessing the risk from asset management firms outsourcing operational activities to external service providers as part of complex international banking groups.

Many of the larger asset managers and entities that outsourced material functions to third-party agents (TPAs) were considering the implications of outsourcing to external suppliers, while deliberating on the activities they performed and deciding which ones they would be able to continue in the event of the failure of a bank to which they subcontracted. As a majority of the respondents depended on an outsourcer, transfer agent or prime broker/fund administrator for conducting a critical operation, this hardly came as a surprise. The results of this year’s survey showed that 56% of the respondents were concerned about managing regulatory expectations around outsourcing risk in particular, and despite the recent focus on living wills, majority of the respondents were aware that their outsourcing agents maintained recovery and resolution plans without having an opportunity to study the same.

There was widespread skepticism as to whether the failure of an outsourcing agent per se was a realistic outcome, given that the failure of an investment or retail banking entity would be the more realistic possibility, creating significant potential for banking contagion. In view of last year’s scenario of modeling and contingency planning around failures developing in the Eurozone, many respondents commented that they felt prepared. Most had already devised adequate contingency plans that they felt to be viable, robust and realistic in the event of a termination of outsourced activity under any circumstances, including stressed market conditions. Responses were much more tentative concerning the determination of risk under normal and stressed market conditions, the commercials around “step-in” or “warm second provider” arrangements, or the direction of travel that global custodians were taking to evaluate the liability arrangements to cover cases of fraud and/or insolvency of any end agents, such as sub-custodians.


4. Respondents commented on how they dealt with reputational risks in different ways, some exercising management through cross-functional and multidisciplinary approaches, while others treated reputational risk more monochromatically, either driven by events or powered by corporate communication.

Reputation risk for an asset manager can arise from a variety of contributions, ranging from market risk, counterparty risk, operational risk, regulatory risk, fiduciary risk or fraud. True reputational failures in asset management are hardly numerous — Morgan Grenfell, Long-Term Capital Management, Gartmore and New Star are some of the few that come to mind. Reputation is a fragile asset, as much about perception as it is about fact — which means that a reputation can be gained over a considerable period of time and lost in considerably less time. Reputation is a wider concept than brand alone, impacting ethics, trust, relationships and, above all, the ethos of a firm — by way of its culture, values, integrity and its confidence behind how these concepts are communicated to clients and regulators.

Although reputational risk was generally seen as one of the most important risk types, the survey showed that the explicit monitoring and management of reputational risks were inconsistent to date. We found that reputational risk is usually “owned” by either the CEO, the board, or both, but the processes were often driven and managed by risk. This sometimes created a disconnect that impacted the effectiveness of managing reputational risk. For example, many firms remained reactive to events, and only 24% of respondents regarded reputation risk in a category of its own, potentially as both an impact and a driver of new risks. Reputation worthiness derived from brand value or goodwill was seldom considered at a bottom-up level — for instance, by adopting a reputational risk framework (such as what is offered by COSO or the ABI) and collecting data on media hits (such as on news sites and blogs, as well as brand evaluations) to assess the likely extent and impacts of reputational consequences. All of which left scope for exposure and room for remediation.

“HR are involved and leading the discussions on remuneration in the wake of AIFMD. This is the first directive I can recall that involves pretty much all the functions within a company.”

“Remuneration is a huge focus — struggling to see where the agreement lies between Dodd-Frank (disclosure, transparency, clawback), CRD/AIFMD prescriptions, FSA approaches, and bonus caps recommended by MEPs, for example.”

“There are too many options for remuneration — FSA, AIFMD, CRD, UCITS V — necessitating too many systems. Conflicts will arise from managers with personal interest to be paid on performance not linked to funds.”


Executive summary

5. The tail risk of FATCA-like measures in the US (and potentially elsewhere), coupled with the political will to impose a financial transaction tax across Europe, has buoyed senior management to ensure that “tax risk” is managed effectively.

A majority of the respondents indicated that they thought tax risk was a key horizon risk, although most thought that there would no longer be a high impact on their business and operating models through the introduction of either FATCA or a Euro-FATCA on account of the intergovernmental agreements (IGAs) in place. While firms in the main were relatively well-advanced by way of preparations for FATCA, the general level of understanding and preparation to manage risks arising from the potential introduction of the FTT vs. the introduction of local FTT measures in individual countries, such as France or Italy, was comparatively low. Even if their CEOs or boards remained unconvinced, many CROs believed the prospect of an FTT Directive to be a potential game changer to their business model.

Most respondents were perturbed by the prospect of the introduction of the FTT. As currently proposed, the FTT would apply to secondary market transactions in equities, bonds, fund units, and repos and stock loans, as well as entry into derivatives transactions. There would be no exemptions for items such as intra-group transactions, intermediaries/market-makers, stock loan or repo transactions. One of the biggest concerns for respondents would be a “cascade effect,” whereby multiple charges would bite where a number of brokers act in transferring securities between two counterparties. Although it was envisaged under the draft Directive that the EU Member States would transpose the relevant rules expressed under COM(2013)71 into their national law, with the tax having a “go live” date potentially as early as 1 January 2014, only one respondent was of the view that this would actually happen by that effective date.

“We see opportunities arising from regulation and are building a stockbroking capability offered

to clients who are prepared to pay a premium — which

could result in ‘channel conflict’ between products offered via

brokers vs. direct (e.g., platform/stockbroking) if left unmanaged.”

“The founder is very blasé about the FTT, saying it’ll never happen, but I am very concerned because

of its potential to shift models if it does.”

“Value may be added, but questions remain legally as to

when guidance become advice. For example, investment guidance

is treated differently in Germany. This is particularly relevant

when differentiating the offer of our badged funds vs.

third-party funds.”


6. Risk management is all about access to the right data. In 2013 risk management is increasingly about guarding your data too.

In 2013, we saw a shift toward more focus on data security and cyber risk. There was increasing awareness among risk professionals of the importance of “big data,” particularly from the point of view of innovation opportunity, of safeguarding data, or of generating the supporting data to enable firms to conduct back-testing. Respondents still differed as to the usefulness of data indicators. Supporters of KRIs expressed the view that they were generally helpful, a good discipline to help the risk function decide where to pay more attention to structural or significant changes and a good tool to summarize issues for management, the board, the NEDs, the clients and the regulators. Managing data was no longer an issue of merely managing static (reference) data or filtering stale data, but as equal to the lifeblood of innovation and therefore the golden source of economic value for the business.

Further, data security (whether concerning the firm, data warehouse, outsourcer or surrounding hacking, impersonations or cybersecurity) was a new concern as reported by 49% of the respondents. Historically, the focus was on the quality, robustness and completeness of data. However, the percentage of firms experiencing issues with flexibility/IT change requests remained quite high this year at 46%. “Top-quartile” asset managers (by way of automated risk prevention) were able link their portfolio management systems (PMS), order management systems (OMS) and general ledger systems (GL) into a seamless system architecture, enabling them to perform “what if” scenarios according to model, product or portfolio criteria. The leading firms were also digitizing documentation for “on-demand” retrieval of records for audit and control purposes. It was little surprise, therefore, that this year’s survey found more firms maintaining a wider range of KRIs/KPIs than ever before — spanning traditional investments, alternatives, real estate/private equity and multi-strategy.

Overcoming these challenges to be able to provide a holistic approach to risk management that is so vitally needed is now of foremost concern — and the rationale for running this survey.

“Consultants are a real nuisance as they introduce mandate risk into the mix because of inflating the expectations of plan sponsors, pension funds and SWFs!”

“For the part of reputation risk that is seen as impact/consequence, it is the function responsible for the specific risks. For the other, more isolated, externally driven reputation risk, it is at board level. A good, very recent example was negative publicity because of IT problems within the bank.”

“Reputational risk is considered very important … because it is the only thing you have.”

“Recruiting skilled and knowledgeable risk professionals is quite difficult. [The functions] need specialists without management ambition. Remuneration and image can be an issue.”


“Top 10” action list to achieve better risk management

1 With more than 38 regulatory measures currently in process in the EU alone, the quantity, types and intrusiveness of regulations have become a critical issue for respondents. More firms should ensure that horizon risk outputs are linked not only to control functions but to the business (and particularly portfolio managers and analysts) to reinforce a “one risk” approach.

All respondents mentioned challenges that their firms were facing in trying to comply with a torrent of global, regional and local/thematic prudential and conduct regulations, applied in the form of rule-making, principles and recommendations, sometimes over varying timelines and expressed at citizens or entities located cross-border (extraterritorially). Most firms acknowledged the particular importance of managing so-called “third-country” issues (i.e., measures that are dependent on private placement regimes, requiring mutual cooperation agreements, arising from the function of “regulatory colleges” or the consequences of extraterritoriality).

When the risk management for ssset management surveys started in 2009, risk managers functioned in an environment of one significant regulatory change per year, and the notion of a “regulatory reform” function to help determine horizon risks was rare. Now, as firms are confronted with incremental regulatory changes every month, it is vital. In 2013, most firms had already taken the steps to create and reinforce a “one-risk” culture across group/business unit and regional structures, ensuring that risk management should align with how clients had been sold products. When it came to managing the “horizon risk” radar, a “best practice” idea consisted of routing the outputs not just to the control functions (2LD/3LD) but to the portfolio managers and analysts to educate and inform the business of the impacts of regulatory changes in parallel.

2 The profile and scope of the risk management function has been raised and broadened, with the debate around remuneration coming to the fore. Firms should revisit tolerances, limits and how they apply the use test in practice.

A robust model for corporate governance and ethics goes hand in hand with sound hygiene around effective risk management. The corollary is true too — good risk management reflects a good governance culture, and this is increasingly evident to end investors and regulators alike. There was greater evidence of the risk function being treated even more seriously this year. Not only was the skillset broadening out from operational risk to feature investment risk and regulation risk management, but there was more solid evidence of the use test being applied in all its facets, particularly as far as scenario modeling (e.g., Eurozone, FTT) or reputation risk modeling was concerned.

There was also more awareness in general (particularly among hedge funds) regarding firms articulating their risk appetites effectively to allocate technical resources to where they were needed (e.g., partitioned between the firm/outsourcing agents) or to avoid shocks to future earnings. The CRO was continuing to offer challenge to the 1LD as a “critical friend” but, equally, the CRO was aware of when to apply judgments to tolerances (discrimination as per “hard” or “soft” risk limits) and to intervene more forcefully when needed. This was amply demonstrated in the product arena (see later, with earlier involvement of the CRO in the manufacturing cycle or demonstrating their veto), but a minority of firms indicated CRO involvements in strategic planning, M&A and setting budgets or remuneration, a notable departure from the 2012 survey.

On the basis of the results of the survey and the experience of our own EY practice professionals, we have identified the “top 10” actions to help firms better manage the risks they face. This list is not a definitive action plan, but we hope it will offer a useful starting point for identifying the steps that would most benefit your firm.

“The tone from the top percolates the business — to do the right

thing for clients. We survey every client on a rolling three-year

basis, and our code of ethics is imbued within our partnership culture. The measures are tied

into the risk appetite and six TCF outcomes, and we feature

mentoring for the business and control functions, and adopt a

partnership liability approach to risk as appropriate.”

“We are a midsize firm with a simplified structure and we are

not looking to separate our UCITS from our AIF or MiFID business.”

“We’ve spent the last year embedding the risk culture

between teams. We are much more proactive than previously — our current focus is 75-25 forward-

looking to backward-looking, which is a huge change. We started the

other way one year ago.”

“The regulators are forcing us to think more about what is

appropriate for the end client.”

“I am really not happy about the direction that the UK regulator is

taking during the FSA’s fishing trips. Conduct risk is a high priority and firms don’t just

have to evidence that they are preventing customer detriment; they also need to evidence that they are adding value and also

paying attention to the needs of their clients’ clients.”


3 Given the greater potential risks from product mis-selling and regulatory intervention, it is even more important to involve both risk and other control functions at the beginning of the product development cycle and to focus on conduct risk, devising appropriate conduct risk frameworks that focus on ethics and behaviors to complement traditional approaches.

Effective risk management should align with the strategic objectives of the firm and the manner in which investors have been sold products. In this year’s survey, respondents confirmed that some European Member States were showing signs of adopting non-convergent courses concerning product regulation and that they could no longer be certain of a consistent direction of travel. The FSA/FCA were touting a product intervention approach. The AMF in France and the CBFA in Belgium were pushing for prescriptive pre-screening, mainly in relation to product intervention around simple/complex products and execution-only (EXO) business. Other EU Member States had introduced product safety warnings (e.g., color coding in Portugal or risk indicator measures in Denmark and Luxembourg).

Moving forward, with the spotlight increasingly turning to the customer, it seems as if short-term national responses will need to be managed against the backdrop of regional regulation. Given recent fines levied for mis-selling of products claiming to be “guaranteed,” “absolute return,” “leveraged,” or “structured” to retail-classified investors, the notion of conduct risk — the risk that an entity mistreats its customers or clients, causing them detriment — has come to the fore. It is clear that business and operating models may need to accommodate multiple ways of conducting business across Europe over the next three years at least. It makes sense for firms to revise their taxonomies and compile product characteristics, while shoring up suitability and appropriateness procedures provide the neccessary evidence to regulators if called to do so.

4 More firms are becoming independent by ensuring that investment risk is ring-fenced from bias and conviction on the part of fund managers or founders. There is still scope for performance improvement among the non top-quartile firms when applying risk budgeting, single portfolio views, risk metrics, performance attribution, liquidity management and treatment of model risks.

Performance is the promise that is not always delivered. Many firms claim that their investment risk function is independent, but this is evidence only if qualified headcount located in the second line of defense (2LD) is able to provide effective challenge against bias and conviction decisioning on the part of the portfolio managers, particularly if their decisioning contravenes regulations or the firms’ stated risk appetite, or both. Firms should ensure that they can derive quality management information from interlinked systems (allowing “single portfolio views” to be drawn) — a critical differentiator between firms in the survey. It is also advisable to populate the 2LD control function with FTEs familiar with the terminology of the portfolio managers (e.g., tracking error, TAA, expected beta, CAPM, Sharpe ratio and sensitivity indicators DV01/IE01). Additionally, the appropriate level of remuneration should be an important consideration when attracting (and retaining) appropriate technical skillsets to perform the investment risk function effectively.

5 The treatment of individual capital guidance (ICG) and capital allocation as per the ICAAP is a perennial focal point. The optimization of capital and evaluation of insurance benefits is a key differentiator between asset managers and a barometer of regulatory standing.

As greater capital charges often correlate with constraining the budget for innovation, it is vital that asset managers take steps to optimize their capital provision, including seed capital provision. This year’s survey recorded a similar “new normal” of 135% to 175% across 40 firms for ICG uplift scores relative to Pillars I and II capital and unwinding effectiveness/charges (the latter sometimes spanning over 12 months). Firms should benchmark themselves to evaluate whether they should take advantage of waivers, such as consolidation (diversification) benefit and the quality of insurance. Although effective optimization is far from trivial, leading asset managers are already looking to compare themselves through capability maturity modeling on what other firms are doing as part of their ICAAP/SREP processes, bearing in mind the type and combination of style factors that might give the regulator cause for setting elevated ICG uplifts.

Regulators in the UK and Germany are in particular more keen to see evidence of advanced, externally validated capital modeling and reverse stress testing (RST) procedures made specific to firms (not just proportionate to market conditions). Firms should be aware of the need to model for regulatory sensitivities; legal entity restructuring, joint ventures, material outsourcing of critical functions at a corporate level; qualifying NEDs or control function representatives from a governance perspective; managing client assets and money, especially those carrying products targeted at retail-classified consumers from a conduct perspective; or firms manufacturing complex, illiquid or non-fungible products or offering “guaranteed” or “absolute return” products to clients.


“Top 10” action list to achieve better risk management

“Our RCSA represents the risks to the firm, linked to the prudential risk; conduct risk models risks to the client. Prudential regulators are becoming more focused on

the former — conduct regulators such as the FCA on the latter.

We believe that ‘vetter controls make better client outcomes,’ but need to persuade regulators that

our interests are aligned with their clients.”

“InvR sits in the second line of defense and the focus varies according to the 1LD and the

quality of people providing quant support; remuneration (such as paying for FTEs with PM or quant skills or both) is

not a problem given the parent compensation structure.”

“The measurement and monitoring of risk occurs both at the

aggregate level and at the factor level. This is done for all active

asset types (EQ, FI, LDI) but not done for index — measurement

and risk monitoring is done daily.”

“Managing outsourcing risk is our top risk priority, partly driven by where the FSA was going,

although this hasn’t been mirrored by the SEC or BaFIN, which are equally critical regulators for us.

We are at the stage of kicking the DR tyres of our outsourcing

provider although really we should be deconstructing their recovery and resolution plan, aided by the

regulator. Asking us to evolve step-in processes is ridiculous, and we

are consulting the IMA on that.”

6 Improved credit risk was a key focus in 2013, with more firms upgrading risk systems to enable them to determine counterparty risk exposure by using CDS spreads as well as CRAs. More firms should run “beauty parades” to help assess the quality of their counterparties under normal and stressed market conditions when it comes to collateral management, repo or clearing.

The gaps between aspiration and realization have narrowed considerably this year, with several asset managers posting improvements in how they were able to determine both intra-day and ex-post counterparty risk exposure. Firms should continue to adopt a more proactive approach to counterparty risk management by increasing the level of monitoring and close scrutiny per credit rating, CDS spreads, tier-1 banking ratios, price movements, etc. There was welcome evidence of more CROs than ever before involving front office colleagues taking responsibility for counterparty risk management. Given the prospect of ad hoc political or legal changes imposed at a local level (e.g., Cyprus), the credit risk of the client should not be relegated to a negligible concern.

It is recommended that firms that are expanding or are contemplating expanding their footprint in alternatives, LDI, OTC derivative or synthetic ETF strategies should conduct a study to look at acceptable forms of collateral if they are yet to do so. The study should focus on the likely factors impacting the supply and demand of quality, fungible collateral, and how asset classes might be priced to support the demands for initial and variation margin by CCPs. Firms worried about any “pinch points” should consult with custodian banks and financial market infrastructure facilitators (such as Euroclear or Clearstream) as to the pacing of infrastructural reform and contemplate whether to run benchmarking exercises such as a “beauty parade” of their brokers and custodian banks to assess the quality and appropriateness of collateral management, execution and prime services.

7 Firms had strengthened the robustness of their operational risk frameworks and the effectiveness of their outsourcing arrangements under normal and stressed market conditions last year but needed to respond to regulators during thematic reviews this year.

Most firms had already devised adequate contingency plans that they felt were viable, robust and realistic in the event of a termination of outsourced activity under any circumstances, including stressed market conditions. Many respondents mentioned for the most part that they had i) agreed to definitions of critical operational functions, ii) agreed to the materiality of such functions per the investment business of firm, iii) agreed to the criticality of outsourced operational functions as per and investment services/activities, iv) revalidated that they were able to monitor and manage the effectiveness of functions carried out against SLAs, v) catalogued SLAs effectively, particularly in the case of service provision and/or outsourcing from third countries, and vi) ensured that catalogs featured procedures from competent authorities in third countries.

Recent statements by the regulators, such as the FSA, expressed the belief that firms’ boards should be able to demonstrate that they have in place an adequate resilience plan that enables the firm to carry out IFCA-regulated activity if a service provider fails. It is recommended that firms should: i) evaluate concentration of risk under normal and stressed market conditions, ii) evaluate contingency planning (such as “step-in” or “standby” arrangements) in the event of an agent hitting financial problems, iii) perform parallel evaluation of the way in which client assets and client monies were segregated and safeguarded, iv) evaluate liability arrangements to cover cases of fraud and/or insolvency of any end agents, such as sub-custodians, v) evaluate horizon risks that regulators might expect that conflict registers/statements of ethics extend to cover third parties, i.e., to sub-contractual agents or outsourcing parties.


8 Compliance measures involving tax, such as, the FTT should be treated concurrently with regulations, and appropriate care and attention needs to be dedicated to client onboarding to ensure that correct and appropriate treatments are applied.

Tax risk1 management came of age two years ago with the introduction of the FATCA, impacting risk and operations departments just as much as tax professionals. While most felt comfortable with the scope of the IGA measures in place catering for country-per-country assessments, managing the ongoing BAU operational tax landscape for funds/fund managers was at least as important as the big headline issues. Tax risk was cited as a current issue by 38% firms (up from 27% last year), which suggested that some tax teams were not ensuring that tax risk was understood and embedded within the business or a lack of knowledge on the part of the CROs. Operational tax risk — covering the SLA relationships with service providers on a technical level, managing the plethora of tax rates applying to investments (and CGT in particular, which could impact performance) — proved key. From the data angle, firms should re-examine legal entity identifier (LEI) indications to differentiate US financial institutions (USFIs) from foreign financial institutions (FFIs) in case of the need to prepare for an EU-FATCA.

While firms in the survey were relatively well-advanced by way of preparation for FATCA, respondents seemed far more uncertain as to the scope of local vs. EU FTT measures. Firms would be wise to apply the “issuance,” “establishment” and “materiality” tests and model the known “worst case” impacts on equities, bonds, fund units, and repos and stock loans, as well as entry into derivatives transactions. Firms should be on the alert for modeling intra-group transactions, transactions involving intermediaries and stock loan or repo transactions on a “what if” basis. Scenario modeling will be particularly important in cases involving a “riskless principal” transaction, where the current understanding is that both parties to the transaction could be liable to pay the FTT, giving rise to a cascade effect.

9 Resourcing should be weighted according to the scope of investment style of the firm, and quality of that resourcing is paramount. Firms should be able to evidence and justify how resources are allocated and why, when called to do so by regulators.

This year’s survey focused more deeply on the balance of risk resources across firms and how those resources were being counted, partly in response to regulators posing deeper questions about skillsets and bench strength to cover all the countries where a firm did business. While 37% of the respondents indicated an expansion in risk resources, majority of the firms (54%) remained flat in terms of risk headcount, and the rate of growth of FTEs was not consistent across all firms. The number of FTEs didn’t vary by overall style, AuM, or size of existing team, and there was a degree of proportionality between the size of the core OpR resource team and scope of investment risk resourcing (see Figure 13 on page 33). Diverse business lines (e.g., multi-strategy, alternatives or REIM) and country coverages (particularly in Asia-Pacific) were considerations for deciding team size and capabilities.

10 Data security is paramount. More firms than ever before recognize that collecting, retrieving and evidencing quality data is a differentiator, not just in terms of ensuring good regulatory compliance but also in terms of innovating service offerings and improving client service.

More firms than ever before made reference to the importance of the risk function overseeing BCP (business continuity planning), a task normally consigned to operations or IT. Indeed, the flexibility and resilience of the latter proved once again to be a major dependency when delivering a sustainable risk infrastructure to respond to the challenges of regulation and demanding client mandates. “Top-quartile” asset managers were either installing “state of the art” system components (such as Aladdin, mentioned by several respondents) or able to link their PMS, OMS and GL into a seamless system architecture, enabling them to perform “what if” scenarios according to model, product or portfolio criteria. They were also digitizing documentation for “on-demand” retrieval of records for audit and control purposes.

This year was also the year of “big data,” particularly from the point of view of either safeguarding data or generating supporting data to enable firms to conduct back-testing or reverse stress testing. Several firms indicated that cybersecurity was an important and growing theme for the risk function, not merely an IT issue. Opinions still varied considerably as to the usefulness of data indicators, such as KRIs or risk data types — such as business, investment risk, credit risk, operational risk, regulatory data or (especially) customer indications. The latter included status-type information (e.g., used to qualify US persons or FTT establishment criteria) as well as taxpayer indications, and were cited as particularly important components of legal entity identification (LEI) this year. Asset managers are advised to design data taxonomies2 for their LEIs in particular and develop master golden copy records that feature “a single version of the truth,” allying more closely with collaborators, such as asset servicers and prime service providers, if need be. Legal permissioning around data privacy will become increasingly important next year.

1 Tax risk management can be thought of as the identification of business risks arising from an organization’s tax-related activity (across all taxes and all jurisdictions) and its effective management and control of those risks.

2 Firm-wide consistent nomenclatures behind specifying unique instrument or legal entity identifiers of parent/child relationships concerning corporate entities or fund structures


Survey findings

Managing complexities from overlapping regional and local regulatory directives, the need to anticipate new horizon risks, the desire to optimize capital and the need to mitigate reputational risks were the prime motivations for maintaining a strong risk function, supported by “fit for purpose” systems.The backdrop to this year’s survey was macroeconomic structural uncertainty and the significant escalation in the intensity and intended effects of global, regional and local regulations. Some of the latter were reflected in political changes to measures (e.g., AIFMD), plus the uncertain third country or extraterritorial implications arising from rushing to legislation. The new mood was one of interventionism and prescription.

The importance of the risk function was underscored by factors that were broadly comparable with the results of last year’s survey, with some departures (see Figure 1). The pace of regulatory change, the desire to avoid reputational impact and the need to manage complexity from overlapping measures were of the most concern in 2013. An example mentioned by several firms was the relative chaos surrounding risk-based supervision of money market funds in Europe, with a plethora of different supervisory approaches, varying type and frequency of periodic reporting by funds, different parameters triggering alerts to identify the risks and prioritize actions, and various degrees of reliance on third-party agents to carry out the monitoring.

Figure 1: Why is the risk management function important in your firm?

Key: Survey 2013Survey 2012


1 2 3

1 2 3

4

4

5

5

Desire to optimize capital and liquidity

Increased shareholder pressure for transparency

Concerns on levels of internal losses

Increase in client interest and scrutiny

Management of third-party arrangements

Pace of regulatory change/increasingregulatory interests

Business continuity issues, e.g., terrorism/fraud

Keep up with market practices, e.g., ISDA, IMA

Desire to avoid reputational impact

Management of complexity from overlapping directives

Corporate restructuring focus

Firm needing to manage G20 gap risk

Extreme event planning, e.g.,redenomination in Eurozone

Offering personalized or differentiatedservices to clients

88%

83%

60%

57%

Remuneration focus

1

2

5

3

43

2

1

4

5

Management of concerns on data/cybersecurity

79%

“There is a feeling on the part of regulators and policy-makers

alike that the way the industry operates is costing the European

pension fund industry far too much.”

“Regulators and politicians are driven by the fear of failure as the

overriding consideration.”

“The hard regulatory impacts are AIFMD, UCITS V and the

entirety of Dodd-Frank; all are transforming the way we offer services to clients and the risk

governance and structures that we operate by.”

“The Eurocrisis will stay relevant and have the same

level of priority. There will be new regulations, for us in the

Netherlands specifically also a commission ban, so an impact on

business models, and there will be more focus on disclosure and

transparency.”


“In 2012–13, we were involved in the calibration of bonus amounts but at the end of the cycle. In 2013–14, we’ll be involved much earlier in the cycle. Remuneration will be a meld of Dodd-Frank’s ‘Say on Pay’ and CRD/AIFMD/FSA regs.”

“Regulatory change/reform is a significant focus. Dodd-Frank is a big issue; AIFMD is a big issue; we have more AIFMD trusts (including investment trusts) than UCITS. We apply a US person screen — there are complications with tentative versions, aggravated following two acquisitions affecting PE and bonds.”

Growing motivations for risk management included the firm (or parent) impacted by a fine/regulatory sanction, the need to manage expectations around administering remuneration, and business continuity issues (e.g., terrorism/fraud). The pattern was broadly comparable with the results from 2012, with the need to manage extreme event risk (such as events in the Eurozone) decreasing in relative importance.

As mentioned above, remuneration was a particular focus in 2013. Respondents felt that there was too much complexity from different and changing models in circulation — Dodd-Frank, CRD, Art. 107 AIFMD and FSA approaches. Respondents felt that the prospect of moving from deferrals/LTIPs to capping bonus ratios to base salary could have widespread impacts on economics of current models — affecting incentives, domiciles of employees, severance/mobility issues and FOR calculations by way of holding more capital.

Besides the traditional operational and counterparty credit risks, the top risk categories of major concern to CROs were regulatory, mandate, conduct and liquidity risks, with market and investment risks not far behind.The “top 20” risk categories receiving special attention from CROs and their risk teams were ranked as shown in Figure 2 according to the percentage of respondents making reference to them. Regulatory risk — the risk of failure by the company to meet its regulatory requirements or manage changes in regulatory requirements with respect to new legislation, resulting in investigations, fines or regulatory sanctions — occupied the top spot for the first time (up from 67% in 2012):

Figure 2: Top risk categories mentioned by respondents

Regulatory risk

Counterparty/credit risk

(Pure) operational risk

Conduct/mis-selling risk

Investment risk

Liquidity risk

Outsourcing risk

Mandate risk

Business model risk

Reputational risk

Market risk

Tech — data risk

Tax risk

Country risk

Legal risk

Correlation risk

Misc. risk

Fiduciary risk

Tech — systems risk

(Other) fraud risk

76% vs. 67% in 2012

73%73% vs. 82% in 2012

56% vs. 24% in 2012

64%

61%

52% vs. 40% in 2012

44% vs. 50% in 2012

32%22%

17%

12%10%

63% vs. 36% in 2012

47% vs. 24% in 2012

48%

12%

21%

38% 38%


Firms were doing more to assess emerging and external risks in 2013, with the pendulum swinging toward managing regulatory risk in particular.A new feature in the risk management for asset management survey 2013 was the depiction of the top horizon risks impacting respondents, arising from macroeconomic factors, geopolitical changes, changes to regulations at a local or regional level, or tax legislation changes. The top 15 strategic, regulatory, operational and technical risks were categorized as shown in Figure 3. Intrusive regulations and legal risks were the top two horizon risks on the radar, with the AIFMD and UCITS V/VI measures representing regulatory implementations with the highest priority and impact for asset managers in general.

The top horizon risks naturally correlated well with the top risks keeping CROs awake at night and are represented in Figure 3 in terms of “future risks.” The interesting finding was that a significant percentage of respondents cited the future cluster of reputation risk (79%), mandate risk (52%) and tax risk (64%), all under the umbrella of strategic/financial risks. Fewer respondents cited the cluster of collateral liquidity risks (48%), business model risks (48%) and execution of corporate events (47%), all under the umbrella of operations risks. The percentage of respondents citing technology risks as critical horizon risks, such as data or system fitness, was somewhat lower (in the 30% to 60% range).

Figure 3:

Survey findings

Strategic/ Financial

Regulatory

Operations Technology

Geopolitical andmacroeconomic

Financial consequences

of capital

Threats toreputation

Modelrisks

Systemfitness

Emergingmarket risks

Legal incl. extra-territorial risks

Datafitness

Servicedifferentiation

Fraud/Moneylaundering

Collateralliquidity risks

Mandaterisks

Taxrisks

100%

Execution of corporaterestructuring /M&A

Intrusiveregulations

Business risks cited by respondents

“The main focus will be the new regulation in Italy regarding due

diligence of client registration and also UCITS VI, EMIR and ESMA.”

“Regulatory accelerators are RDR in UK, Provisie Verbod in NL and the direction of travel is that all EU countries move

toward fees-based models. We don’t pay retrocessions proportional to distribution

arrangements. Investors are becoming more educated so

there is a drive toward clarity and transparency; price is not the sole

determining factor.”

“There is a lack of clarity about AIFMD; not just about letter-box

issues but how AIFMD will be treated in each EU Member State. We expect to have problems with

both PE and REIM.”


The direction of travel concerning risk appetite statements was toward accounting for a greater scope of risk factors as well as a move toward public disclosure of some elements.A critical element of an asset manager’s overall risk framework is the clear identification, documentation and communication of the firm’s appetite for risk3. A risk appetite statement provides an articulated benchmark against which an asset manager’s risk profile is reported, monitored and managed by the board, the audit/risk committee, the finance committee and the risk assurance committee. Risk appetite also forms the basis for the calibration and setting up of delegated authorities and financial limits for all aspects of market, credit, liquidity and operational risk.

In 2012 a broadly similar behavior was recorded as compared with last year (see Figure 4). The results from the 2013 survey reflected an even greater inclination among both traditional and alternative asset managers to accommodate more secondary and tertiary risk factors under consideration, with a wide range in the approach and quality of the articulation of risk appetites, without a corresponding increase in pro-activity when revisiting risk appetites on a more periodic basis.

From a “top-down” perspective, statements or frameworks featured views of the board, strategic/business goals, competitive environment, organizational culture, expectation of local and regional regulators, reputational considerations, macro-economic and market conditions, references to credit rating agencies and references to counterparties, particularly in relation to dependencies, such as outsourcing, asset servicing or prime services.

3 Typically risk appetite statements must be transparent to top management and the board, with demonstrable processes to illustrate whether risks are commensurate with the risk appetite. They should be augmented by: 1) risk control structures, which ensure that any risks taken across the entity, business unit or group do not exceed risk appetite limits in any given day, and 2) well-established stress testing approaches that determine the expected losses that would be incurred over different stress periods — applied to the strategy as well as the current business. Above all, risk appetite statements need to be powered by management information to enable risk to be monitored by boards and senior management alike against a firm’s stated risk appetite.

Low Medium

Bribery Act

MLD IIIPRIPs

Clientmoney

SSR

Solvency IICRD III/IV

MAD IIMiFID II Shadow banking

FTT

AIFMD

FATCAEMIR

RDR

UCITS IV/V/VI

National thematic

ProductReg.

Medium

High

High

Likely impact on IMs

Prio

rity

for I

Ms

Top regulation categories receiving special attention in 2013 “The CRO spends approximately 60% of his time on strategic topics and 40% on daily, tactical topics.”

“We are appalled at the potential for new shadow banking regulation to be introduced in such a way that it impacts both our collateral management and money market funds.”

“Products are reviewed against macro-developments, such as the Arab Spring or Eurozone difficulties. We also ask, is it a strategic product or an opportunistic product?”

“The oversight of marketing and NPPRs under AIFMD will require a police force. But continental Europe doesn’t yet have a compliance culture in the same way, and who will have the legal powers to police what needs to happen?”


Figure 4: Risk appetite statements expressed in terms of specific risks (x-axis) reflected against how proactively statements are managed/revised/circulated (y-axis).

Medium

Monitoring and Reportingimmature or lacking

Low

HighPro-activity

2013 survey

2009 survey2010 survey

2011 survey2012 survey

Given that sound risk management should align with the way that investors have been sold products, firms demonstrated an enhanced alignment of risk by setting quantitative and qualitative (RAG score) risk tolerances for specific risk areas such as fiduciary or conduct risk. Some firms assessed risk in terms of the broader impact on investment or operational performance. There was also much greater evidence of the use test (see next page) — embedding the risk appetite in day-to-day operations, applicable across prudential, investment, credit and operational risk areas.

Survey findings

“We feel that we have good metrics on the adjustment of risk appetite, with tighter loss history

data, focus on capital, grasp of financials, focus on RepR and

evidencing of TCF than a year ago. We’ve designed the risk appetite

to be practical, which results in greater alignment when the

risks crystallize.”

“The risk policy and risk appetite are set at group level and set at board level. Corporate-level risk appetite is cascaded to feature

financial and non-financial risks. A combination of quantitative

and qualitative statements and complex scoring mechanism

underlies the cascading process.”

“Risk appetite and tolerances are a mixture of quantitative and

qualitative elements. Regulatory objectives are an area of only

limited value because if a metric is flagged, actions have usually

already been taken. It is useful to formalize what we are doing but it’s always backward-looking, a

statement of what has been done as opposed to a trigger process.”

► Issued privately/at group

► Pillar 3 disclosure

► Trend toward semi-annual revision

► Qualitative and quantitative limits

► Zero-tolerance elements

► Trend analysis

► Emerging risks

► Market

► Credit

► Operational

► Prudential

► Reputational

► Investment

► Liquidity

► Legal

► Regulatory

► Fraud

► Country

► Settlement

► Enterprise

► Conduct

► Strategic/model

► Systemic

► Correlation

► Concentration

► Basis

► Mandate

► Fiduciary

► (Depository) liability

► Tax

► Accounting

► Issued privately/at group

► Revised annually

► Qualitative limits

► Soft quantitative limits

Primary/5 Secondary/9 Tertiary/10


The use test was a focal point this year, with firms showing a wide variance in involvement of the risk function in key decisions and how tolerances and limits were defined.The more advanced firms in the survey provided ample evidence of deploying risk parameter frameworks for portfolio (investment) risk, consisting of allowable ranges for the applicable risk measures, calibrated for each model type, product or portfolio depending on asset class. Every client portfolio could be mapped to the appropriate model type/product and therefore managed in line with the appropriate risk framework, with some exceptions — such as real estate investment management (REIM) or private equity. The management of counterparty credit risk saw a divergence between those firms with hard limits on exposure and rating versus a softer limit/monitoring type approach where action was ad hoc in order to take into account the market dynamics at the time. Operational risk appetite still appeared to be the most difficult to articulate and embed due to its limited quantitative data and, therefore, heavy reliance on qualitative aspects.

There was also more awareness in general (particularly among hedge funds) of firms articulating their risk appetites effectively to allocate technical resources to where they were needed (e.g., partitioned between the firm/outsourcing agents) or to avoid shocks to future earnings. The CRO was continuing to challenge 1LD as a “critical friend,” but the CRO was equally aware of when to apply judgments to tolerances (discrimination as per “hard” or “soft” risk limits) and to intervene more forcefully when needed. This was amply demonstrated in the product arena (see below, with earlier involvement of CROs in the manufacturing cycle or demonstrating their veto), but a minority of firms indicated CRO involvements in strategic planning, M&A, setting budgets or remuneration or client onboarding (see Figure 5).

Figure 5: Comparison of use test components

Key: Survey 2013

Rel

ativ

e in

dica

tor

Out

sour

cing

dec

isio

ns

78%

49% 54%

31%38%

71%61% 63%

24%

58%69%

30%

46%

Stra

tegi

c pl

anni

ng

Acqu

isiti

on/D

ivest

iture

New

pro

duct

app

rova

l

Post

-impl

emen

tatio

n re

view

s

Budg

et-s

ettin

g pr

oces

ses

Appr

aisa

ls/R

emun

erat

ion-

sett

ing

Clie

nt o

nboa

rdin

g

Bein

g in

form

ed o

f dec

isio

n

Prov

idin

g op

inio

nto

dec

isio

n-m

aker

s

Key

cont

ribu

tor

tode

cisio

n-m

akin

g pr

oces

s

Exer

cisi

ng a

righ

t of v

eto

Form

al ri

sk a

sses

smen

t co

nduc

ted

as p

art o

f thi

s pro

cess

with

as

sess

men

t of i

mpa

ct o

n th

e fir

m’s

risk

app

etite

Risk involved in the following decision-making processes Involvement includes

“We are keen not to apply a risk appetite for investment risk. A risk appetite is all about governance — do we have the triggers going outside the normal limits and expectations? For example, private equity is a low OpR because each PE deal is structured and each of the PMs do their own RCSA.”

“We spend time discussing the appropriateness of the products

— under various market, product and client conditions — and take a TCF view as to ‘can this product be mis-sold?’ For example, there is huge investor appetite for high-yield products, and investors don’t always understand the heightened risks. Regulators will always focus on outcomes, so we have to be prudent.”

“The use test is very helpful — several regulators are emphasizing its use. The right values are paramount — governance and stress testing must be appropriate, and an easy escalation process must be in evidence.”


Avoidance of mis-selling and conduct risk management were key themes in this year’s survey, with more CROs involved earlier in providing guidance and challenge within product development cycles.Effective risk management should always align with strategic objectives of the firm and the manner in which investors have been sold products. Most asset managers additionally argued that their interests are ineluctably bound to the interests of their client investors. In contrast, regulators had migrated from the mindset of “tick-box” compliance as per the rulebooks to feature two additional mindsets: a) firms to demonstrate that the products or services offered did not lead to customer detriment under various market conditions, and b) firms to provide evidence of the value-add as per the fees being charged.

There was sustainable evidence of the risk function being involved slightly earlier in the product cycle, either by setting the framework for guiding the product development process or advancing the approvals processes for non-complex products. When comparing the 2013 survey results against previous years, 52% of the respondents reported a level of involvement under 30% along the product cycle (see Figure 6). Most respondents made reference to post-launch product monitoring due diligence during interviews.

Figure 6: The relative involvement of the risk function in the product life cycle (excluding the seed capital processes)

Final sign-off

Rel

ativ

e in

dica

tor

0%–15% in 15%–30% in 30%–45% in 45%–60% in 60%–75% in


Ideas/Sense checkOpRisk(input only)

Risk compliancelegal product

Product portfolio idea

Approvalprocess(ExCo sign-off)

Additionalanalysis

ExCosecondsign-off

Workinggroupanalysis

“Golive”

Proving independence of investment risk management, free from conviction decisions from portfolio managers or founders, was easier than devising a consistent framework spanning traditional, alternative and multi-strategy styles.Investment risk is commonly defined as a positive or negative deviation from an expected outcome. Asset managers typically regard investment risk as a measure of the expected return given the level of risk tolerance relative to agreed-upon market or internally set benchmarks. A key element of the overall investment risk framework is the clear identification, documentation and communication of the client’s risk appetite, as explained above. However, the governance of the investment risk function is a critical component of this framework, taking into account the different criteria that are used across different styles of asset managers.

Survey findings

“We are getting the risk framework embedded — it’s worth pointing

out that people need to make the process tangible in order to relate

to it. The use test is applied to some areas, such as changes to

mandates or other activities that involve risk e.g., M&A.”

“Any unexpected losses from a high-risk mandate means that we raise the tolerance for loss more

the next time around.”

“As far as product risk is concerned, we have a de facto

veto. Our role is to act as a point of escalation to the board if

procedures aren’t being followed.”


Most survey respondents commented that fund managers were tasked with reviewing each portfolio on a daily basis as part of the ongoing investment management process. The portfolio manager would often have the ability to review the outliers in cash instruments, such as equities and bonds against the investment risk parameter frameworks — a particular focus for French firms. Exception reports highlighting portfolios that had moved outside their designated investment risk parameters were usually generated on a daily basis for the most automated firms, allowing the heads of desk to review the exceptions for cash instruments each day, and the exceptions for more illiquid instruments, such as OTC instruments to be reviewed on a monthly basis (or quarterly in the case of real-estate assets).

Many firms also claimed that their investment risk function was independent, but this was in evidence only if there were qualified headcount located in the 2LD able to provide effective challenge against bias and conviction decisioning on the part of the portfolio managers, (particularly if their decisioning contravened regulations and/or the firms’ stated risk appetite). Client expectations could be managed by demonstrating that risk management arrangements were free from conflicts of interest or conviction decisioning on the part of founders, portfolio managers or desk heads. Of the respondents in 2013, 51% could attest the independence of the investment risk function (see Figure 7), and the figures were notably higher in the UK compared with some continental European centers.

Other points to note concern the large disparities in the way firms managed investment risk. To a large extent, these were driven by the underlying investment style of the firm. For example, 56% of the respondents demonstrated ready access to quant skills in product engineering. Only 40% of the respondents demonstrated an advanced process for risk budgeting (the process of decomposing the aggregate risk of a portfolio into its risk factor constituents, using quantitative risk measures to allocate assets). Sixty one percent of firms could demonstrate the measurement and monitoring of risk at both an aggregate and a factor level, while 47% could demonstrate dynamic modeling (e.g., hedging portfolios in near or real time).

Some firms followed a direction of travel that enabled them to task a dedicated investment risk and analytics team to support and enhance the investment risk framework through a number of roles that included:

► Providing technical analysis into investment risk issues, covering portfolios, markets and investment risk models

► Further developing investment risk parameters for products, models and portfolios for the various asset classes (traditional, alternative, cash, derivatives, multi-asset, PE/RE, etc.)

► Conducting independent reviews and analysis of investment risk within products, models and portfolios

► Developing the reporting and risk analytics capability to support professionals in managing the investment risk within their portfolios

“Investment objectives are laid out in the prospectuses and linked to ‘hard’ limits; there is a specific focus in UK around preventing product mis-selling and client assets/money. Both hard and soft limits are used by both the business and the Risk function; Liquidity funding limits are encouraged, there is a particular motivation by UCITS and a similar logic will be applied with AIFMD in mind.”

“Investment risk is taken seriously in Germany; it is the third most important risk priority behind outsourcing risk and data security here. We have portfolio risk management skills in the 2LD able to provide challenge to the 1LD. The job of InvR in the 1LD is to maximize risk adjusted returns for our portfolios. The job of InvR in the 2LD is to mitigate unwanted InvR outside the firm’s regular risk appetite.”


Respondents also commented on the need to derive quality management information from interlinked systems (allowing “single portfolio views” to be drawn) — a critical differentiator between firms in the survey, with only 57% of the respondents claiming their ability to carry this out. Sixty six percent of the respondents claimed intra-day reporting from sophisticated risk metrics, featuring absolute/relative risk measures, yield curve analysis or country concentration. Sixty two percent of the respondents could evidence liquidity metrics for regulated and segregated portfolios on an ongoing basis, including exposure to illiquid assets, concentrations of holdings or investors, and commitments. Only 39% they of the respondents could claim that they made utilized advanced treatments of model risk management pre-regulatory interest.

Finally, the respondents mentioned that it was also advisable to populate the 2LD control function with FTEs familiar with the terminology of the portfolio managers (e.g., tracking error, TAA, expected, CAPM, Sharpe ratio, sensitivity indicators DV01/IE01). Many commented how the appropriate level of remuneration should be an additional important consideration when attracting (and retaining) appropriate technical skillsets to perform the investment risk function effectively.

Top-quartile firms will be expected to demonstrate mastery across as many of these advanced risk metrics attributes. Respondents indicated how particular attention would need to be given to how they would manage fixed income, OTC derivatives, private equity or REIM over the entire value chain, including client take-on (including the articulation of explicit client defined investment risk parameters), during the new product development process, over ongoing client management (e.g., while accommodating changes to client mandates) and finally, during attribution of performance objectives and risk appetite with each end client.

Figure 7: A comparison of some of the key themes to consider in managing investment risk

Key: Survey 2013

Rel

ativ

e in

dica

tor

Inve

stm

ent r

isk

is tr

eate

din

depe

nden

tly o

f PM

s

Inve

stm

ent r

isk

in ri

sk a

ppet

ite

Evid

ence

of m

easu

rem

ent/

mon

itorin

gof

ris

k at t

he a

ggre

gate

/fac

tor l

evel

Whe

ther

dyn

amic

mod

elin

g is

use

d

Over

all p

ortf

olio

vie

w b

y sy

tem

vs.

des

k/de

sk

Type

of l

iqui

dity

met

rics r

egul

ated

vs. s

egre

gate

d ac

coun

ts

Risk

sys

tem

s ar

e fe

d ou

t of

OM

S/PM

S/ot

her

51%

74%

56%

40%

68%

57%

“Har

d” (e

.g.,

cred

it ra

tings

) and

“S

oft”

(e.g

., tr

acki

ng e

rror

, VaR

) ri

sk m

etric

s

Adv

ance

d pr

oces

s for

risk

budg

etin

g in

evi

denc

e

Use

of a

dvan

ced

risk m

etric

sin

evi

denc

e

Expe

rt (“

quan

t” sk

illed)

reso

urce

sto

sup

plem

ent c

ore

risk

repo

rtin

g

61%

47%42%

66%

Soph

istic

ated

InvR

fram

e w

orks

use

d

58% 62% 60%55%

37%

Adv

ance

d tr

eatm

ent o

f mod

el ri

skm

anag

emen

t pre

-reg

ulat

ory

inte

rest

?

For f

unds

with

leve

rage

thro

ugh

deriv

ativ

es, le

vera

ge c

heck

ed d

aily

Diff

eren

ces

in th

e m

etric

s ac

ross

sy

stem

s (e

.g.,

BAR)

mod

elle

d?

Survey findings

“Investment risk is a particular focus this year on REIM and

MMFs. We are rolling out consistent processes across the

EU while maintaining our DubLux fund range, with governance and

legal issues the focus.”

“We’re seeing a culture change in the Netherlands where

investment risk is not a ‘dis-rating’ anymore, and remuneration is not

seen as a problem.”

“Investment objectives and limits applied are in line with

prospectuses. Hard limits are applied to reg funds, with warnings

applied over concentrations, aggregations and breaches; ‘soft’ limits are used internally. Overall

portfolio view is there.”


Regulatory capital remained key due to cost pressures and added regulatory focus. ICG uplifts in the 175% to 135% range remained a “new normal” benchmark, with firms robustly defending their diversification and insurance benefits.There was more evidence that competent authorities were even more keen to see deeper evidence of both the qualitative and quantitative capital processes being embedded in BAU risk monitoring and mitigation processes. This was in stark contrast to the “tick-box” process that used to be commonplace a few years ago. The evidence from this year’s survey suggested that regulators were placing much more emphasis on governance, RMPs from the ARROW process (in the UK), unwinding provisions over an extended period sometimes beyond 12 months, reverse stress testing (RST), and the use test (linking risk appetite statements to strategies and embedding frameworks through appropriate incentives).

Regulators in the UK and Ireland in particular were more keen to see evidence of advanced, externally-validated capital modeling and reverse stress testing (RST) procedures made specific to firms, not just proportionate to market conditions. The correct individual capital guidance (ICG) uplift is now a critical consideration, linked to setting prices/charges and too big a number becomes an opportunity cost against innovation.

The results from the 2013 survey confirmed that the Internal Capital Adequacy Assessment Process (ICAAP) — used to calculate regulatory capital in the UK, Ireland, Germany and the Netherlands — was a manageable process for some firms while posing significant challenges for others. The trend in the 2013 survey was broadly comparable with last year’s survey, with a balance between firms who had managed to bring their ICG figure down (at least four firms) vs. others who saw their ICG figure relative to Pillar 2 capital rise. The results from the survey also showed the spread in ICG figures recorded for 40 firms between 2011 and 2013 (see Figure 8). The trend overall remained elevated, with a “new normal” set at between 135% and 175% of uplift vs. the highest capital derived from Pillar 1, Pillar 2, winding down and fixed overheads. Some private wealth managers, hedge funds, multi-style managers and platform distributors were particularly impacted.

There was slightly more discussion this year around firms looking to take advantage of benefits from diversification (correlation) or insurance techniques to mitigate risk — thereby reducing the amount of capital that needed to be held. Figures in the 15% to 35% range for the former and 15% to 20% for the latter were not uncommon. The former figure naturally depended on how scenarios/units of measure were defined, the modeling assumptions used and the operational setup of the firm. The latter required a robust mapping process along with a supporting claims history and an analysis of underwriter concentration and financial strength.

For firms with elevated ICG scores, several factors were at work, such as:

► The firm operated joint ventures, had material outsourcing of critical functions, or had been through a significant corporate event, such as an M&A process

► Ineffective governance, poor governance process qualifying NEDs, board members, senior managers or control function representatives, or poor ARROW scores with multiple RMPs

► Complex, illiquid or non-fungible products being manufactured or distributed, or models being operated; compounded if the firm operated a black box methodology for valuations or was too reliant on specific third parties

► Firms were responsible for managing client assets and/or money, especially those carrying products targeted at retail-classified consumers

“Advanced risk metrics are freely used for valuations of OTC derivatives, inflation swaps, TRSs, etc.; liquidity leverage is a key metric.”

“The overall structure and process employed for ensuring adequate oversight and control of front office activities in Italy is a combination of a limit control system and a market abuse monitoring process.”

“EPM is used; we also perform a lot of correlation analysis, with a host of quant staff looking at the LDI aspect alone; various measures are taken to model around exposure to counterparty and issuer and sensitivities to shocks.”


► Firms offering “guaranteed” or “absolute return” products, were exagerated if offered to retail-classified consumers or where there was lack of challenge on suitability

► A relative lack of rigor or challenge surrounding the amount of capital provisioned for unwinding or insufficient commercial logic behind this

Other factors mentioned by the respondents in their scenario modeling included the following:

► Modeling extreme event risk arising from say Eurozone member default, for example, or imposition of currency controls or redemptions from critical clients (e.g., SWFs)

► Modeling derivative market lock-down; stock market down over 40%; AuM down over 20%; over10% client redemptions by number

► Lock-down of the repo or collateral markets under conditions of market stress (elevated VIX index, high spreads in OIS swap curve, high CDS spreads)

► Loss of founder, loss of desk heads or portfolio management team, loss of star fund manager(s) or any of the aforementioned under investigation by the regulator

► Other reputational scandals, e.g., mis-selling of products, major fraud scenario or failure to anticipate changes to the same

► Failure or instability of parent (e.g., bank or insurer) or material counterparty collapse (e.g., on a Lehman/MF Global scale or failure of an outsource provider)

► Front or back office errors that are significant (in excess of seven figures), such as needing to reverse trade or corporate action error(s)

Figure 8: Comparison of known relative ICG uplifts (data drawn from 2011–2013)

KeyMedium entitiesLarge entities (by AuM)Strong brandRetail footprint (consumer protection)Complex/Illiquid productsStrong distribution/platform dependencyM&A/Integration candidate/weak SYSCBlack box method/valuationsMarket confidence and financial stability are key

Relative ICG uplift

Une

xpec

ted

scor

e

10 firms 10 firms20 firms

Expe

cted

scor

e

100 110 120 130 140 150 160 170 180 190 200 210 220 230 240 250 300 400 500

Survey findings

“The FSA ran an ARROW review and were critical of our

governance and partnership model. We need to consult with

the industry to offer better pointers to the Audit Committee

and the NEDs.”

“The annual setup of ICAAP occurs to the Dutch central bank (DNB),

and we certainly experience added value for our own business.”

“ICGs are not always the most accurate indicator of good risk

management at a firm. Some of the risks, such as pension liability

are not always expressed in Pillar I figures, which express the

sum of credit and market risks. The buyout of a pension fund

would affect ICG but not indicate anything about the quality of

risk management.”

“There is a diversification benefit of around one-third within OpR, and

our insurance benefit is around 20%. The regulators are showing a great deal of interest as to whether

insurers would really pay up.”


Counterparty credit risk remained an area of significant focus; for firms active in alternatives, LDI, OTC derivative or ETF strategies, this vigilance extended to the supply and transformation of effective (fungible) collateral.This year, the gaps between aspiration and realization narrowed considerably, with several asset managers posting improvements in how they were able to determine counterparty risk exposure in particular. A quarter of respondents claimed that they could be in a position to break down counterparty risk exposures by counterparty and by product/fund structure intra-day (i.e., event plus 24 hours) vs. 24% in 2012 (see Figure 9). A further 40% of the respondents claimed that they could be in a position to do this ex-post, a noticeable improvement over the 31% figure recorded in 2012.

Figure 9:

“The unexpected losses are derived from ICAAP scenario modeling. The latter are calculated under both normal and stressed scenarios.”

“OpRisk own the ICAAP process. Risks are mapped by probability and impact. We don’t take positions, and we have a well-staffed product team with a proper review process so we don’t expect to get hammered on our ICAAPs.”

“Despite the delays, we reaped benefits from starting our Solvency II program because it allowed us to further our ALM work and sort out our data. We think that the timetable may go back into 2016, and there is a chance it could slip back still further.”

CP and product within 24 hours

CP and product, ex-post

CP only, not intra-day

Neither/Don’t know/Did not respond

2013: 40%2012 31%

2013: 25%2012 24%

2013: 14%2012 22%

2013: 21%2012 4%

Can the firm break down exposures at will by counterparty and product intra-day?

Taki

ng a

mor

e st

rate

gic

proa

ctiv

eap

proa

ch to

CpC

RM

Rela

tive

scor

e

Extr

a vi

gila

nce

mon

itorin

g co

unte

rpar

ties

Firm

is m

aint

aini

ng d

aily

trig

gers

and

limits

to m

inim

ize

expo

sure

Cent

raliz

ed a

ppro

val

to a

ccep

t cou

nter

part

ies

Extr

a vi

gila

nce

to m

onito

r seg

rega

tion

of c

lient

ass

ets/

re-h

ypot

heca

tion

Cred

it ris

k of

the

clie

ntis

a g

row

ing

conc

ern

Firm

/Par

ent r

uns

CVA

des

k?

Firm

con

duct

ed a

stu

dy to

look

at a

ccep

tabl

e co

llate

ral

Firm

ran

“bea

uty

para

de”

to a

sk b

roke

rs o

rcu

stod

ians

how

they

wou

ld tr

ansf

orm

col

late

ral

Tigh

teni

ng S

LA c

ontr

ols

and

re-e

xam

inin

g ha

ircut

s fo

r col

late

ral

71%

51% 54%

67%

52%

38% 39%

6%

34%

48%

29% 26%

48%

34%45%48%

Fron

t offi

ce ta

kes

mor

ere

spon

sibi

lity

for C

pCRM

Sign

ifica

nt is

sues

in th

e pr

icin

g of

colla

tera

l to

supp

ort i

m/v

m c

alls

Sign

ifica

nt is

sues

in p

artic

ipat

ing

in th

e re

po m

arke

ts

Firm

is w

orrie

d ab

out a

futu

resc

arci

ty in

qua

lity

colla

tera

l

Posi

tive

on F

MIs

faci

litat

ing

colla

tera

lup

grad

es a

nd C

T

Firm

will

ope

rate

mor

e "c

ross

ass

et c

lass

" or

take

adv

anta

ge o

f "cr

oss-

mar

gin

offs

ets"

Respondents’ views with respect to counterparty credit risk management


Despite quieter conditions in the Eurozone in comparison with last year, the vigilance level for counterparty risk remained relatively high in this year’s survey, with 71% of firms taking a more proactive approach to counterparty risk management by increasing the level of monitoring and close scrutiny per credit ratings, CDS spreads, tier 1 banking ratios, price movements, etc.

Respondents adopting a more strategic and proactive approach were placing weights on brokers for collateral management provision as well as the traditional research and best execution domains. Sixty seven percent of the respondents indicated centralized approval to accept new counterparties, and 52% of the respondents commented how front office colleagues were taking more responsibility for counterparty risk management (even if the 2LD maintained ultimate oversight).

There were other points worth noting in the 2013 survey:

► Virtually all institutional money managers commented how end investors such as pension funds, ERISA funds and SWFs were tabling more questions about liquidity risk under normal, stressed and extreme market conditions; 38% of the respondents indicated specifically that the credit risk of the client was a growing concern, particularly in the event of political or legal changes imposed at a local level.

► Fifty one of the respondents indicated that they had tightened their SLA controls and re-examined their haircuts for collateral effectiveness; 39% of the respondents had conducted a study to look at acceptable forms of collateral (vs. 31% in 2012), reflecting the extra attention that both Dodd-Frank and EMIR were commanding in 2013.

► Fourty eight of the respondents were worried by reports in the press about a future scarcity in quality (i.e., fungible) collateral, whether arising from lack of supply or from infrastructural friction. Twenty nine percent of the respondents — comprising hedge funds, firms active in LDI, OTC derivative strategies or firms active in offering synthetic ETF products — were positive on the idea of financial market infrastructures (FMIs) and global custodians tapping into collateral supplies at either a geographic level (piped in from other regions) and/or supplied from standardized CSD facilities.

► Thirty four of the respondents anticipated significant issues in the pricing of collateral to support initial and variation margin (im/vm) calls vs. 37% in 2012, and 48% expected to experience significant issues in participating in the repo markets to raise cash to supply the necessary vm for CCPs, particularly firms active with LDI strategies (compared with 54% in 2012). Provisioning collateral was seen to be a “game-changer.”

► Finally, 33% of the respondents were either running (or had run) a “beauty parade” of their brokers and custodian banks to assess the quality and appropriateness of collateral management, execution and prime services. Some factors for consideration are shown below. Hedge funds remained active in looking to diversify their prime broker relationships, but some traditional assets managers (e.g., running LDI strategies) were also assessing their brokers to determine their suitability to provide collateral transformation services also. Some criteria for consideration included:

► Relationship strength

► Strength of balance sheet; cost/income ratios

► Thought leadership/research

► Product coverage and market share/experience

Survey findings

“Managing counterparty exposure involves huge operational

complexity. Unlike the case of a few years ago, we have to keep

track of collateral flying between custodians, and the systemic

operational dependence on their systems is concern — for example,

their ability to manage the volume of calls.”

“We have improved our counterparty risk exposure

reporting to include more details of smaller exposures. Our systems

can identify counterparty risk exposures by counterparty and

product within 24 hours.”

“A daily check is run on all risk metrics for all liquid asset classes;

property is monthly and HF activity goes intra-day if market

conditions deteriorate; all are coupled to monitoring CpR and

ensuring assets are collateralized; there is a big focus on OTC

derivative modeling checked daily or intra-day.”


► New product setup/COBAM professionalism/interface capabilities

► Cost/Fees (fixed/variable and explicit/implicit); flexibility of same

► Quality of valuations and mark to market

► Key person risks; quality of E/O resolution

► Trade capture/confirmation and STP; utilization of industry standards

► Collateral management and transformation expertise

► Quality of asset segregation and client reporting

► Robustness of business continuity planning (BCP)

Firms were relatively comfortable with their operational risk frameworks this year, but many firms indicated that outsourcing had become a critical thematic focus in 2013.Operational risk renewal was a key theme for last year’s survey, with many firms renewing their operational risk policies in expectation of greater levels of scrutiny or even issue of formalized operational risk frameworks to come.

This year, things were different in the wake of the AIFM Directive, with regulators in France, Luxembourg and Ireland showing greater interest in the prospect of depository liability. The UK’s Financial Services Authority (FSA) was assessing the risk from asset management firms outsourcing operational activities to external service providers, particularly outsourcing providers as part of complex international banking groups with balance sheet exposure to activities other than the provision of outsourcing activities.

The common issue concerned the dependency of traditional and alternative asset managers on a limited number of providers of custody, transfer agency, fund administration or outsourcing services and the concentration risk. With the top four US-headquartered global custodians representing some 73% of the global assets under administration and constituting some 59% of FTEs, regulators shared a concern that if an asset servicer, such as an outsource provider with a large share of the market, were to face financial distress or severe operational disruption, asset managers would not be able to perform critical and important regulated activities, thereby end investors.

There is existing momentum behind recovery and resolution planning (RRP) or “living wills” to be created for banks regarded as significant influence financial institutions (SIFIs) in many of the G20 jurisdictions. The RRPs involve a recovery plan (which outlines actions designed to maintain the firm as a going concern and is triggered when a financial institution is subject to extreme stress situations), coupled with a resolution plan (which would facilitate its resolution in a controlled manner, with minimal public cost and systemic disruption) triggered in the event of the failure of a financial institution.

The recovery plan sets out the framework and steps the institution itself would initiate to recover from a stress situation. The resolution plan would provide authorities with the information necessary to formulate, assess and execute a formal intervention using the resolution tools available. In the event of a resolution, the resolution plan would provide key information and data to assist an administrator and other relevant parties to take control of the relevant components of the business and maintain operations sufficient to protect consumers and the value of the business.

“Despite the Eurozone uncertainties over Cyprus, we are more comfortable with credit risk, with bimonthly counterparty risk meetings focusing on harder stuff, such as the legal treatments and netting. We already amassed a great deal of knowledge following the Lehman bankruptcy and already simplified our counterparty risk arrangements during 2011–12 by focusing on national governments and country risks.”

“The credit risk of the client is a growing consideration. We have a slight exposure from our managed accounts, but we do care about credit risks to the fund and we’ve strengthened our documentary agreements, particularly where we have advisory contracts.”


In the UK, the FSA wrote to several asset manager firms stating that, on the basis of the findings so far, they were not confident that effective recovery and resolution plans were in place across the industry for the asset management sector as a whole, referring to the outsourcing of regulated activities and/or activities that are “critical or important” in the support of regulated activities as set out in SYSC 8.1.4/7/8R.

The results of this year’s survey showed that 56% of the respondents were concerned about the comparative regulatory focus from outsourcing risk, and as the majority of respondents depended on an outsourcer, transfer agent or prime broker/fund administrator for conducting a critical operation, this hardly came as a surprise. A majority of the respondents were aware that their outsourcing agents maintained RRPs without having an opportunity to study the same. There was widespread skepticism as to whether the failure of an outsourcing agent per se was the realistic outcome, given that the failure of an investment or retail banking entity would be the more realistic possibility, creating significant potential for banking contagion.

Many of the larger asset managers and entities outsourcing material functions to third-party agents (TPAs) considered the implications of outsourcing to an external third-party suppliers with regard to the activities they performed and deciding which ones they would be able to continue in the event of the failure of a bank to which they subcontract. There was, however, a sharp demarcation between respondents looking at “Outsourcing 101”-type checks and those taking due diligence to the next level as follows (see Figure 10):

► Respondents who felt that outsourcing or concentration risk was an issue mentioned for the most part that they had

i) Agreed to definitions of critical operational functions

ii) Agreed to the materiality of such functions per the investment business of firm

iii) Agreed to the criticality of outsourced operational functions and investment services/activities

iv) Revalidated that they were able to monitor and manage the effectiveness of functions carried out against SLAs

v) Cataloged SLAs effectively, particularly in the case of service provision and/or outsourcing from third countries

vi) Ensured that catalogs featured procedures from competent authorities in third countries

► There was less consensus around how firms would:

i) Evaluate concentration of risk under normal and stressed market conditions

ii) Evaluate contingency planning (such as “step-in,” “standby” or “warm second provider” arrangements) in the event of an agent hitting financial problems

iii) Perform parallel evaluation of the way in which client assets and client monies were segregated and safeguarded

iv) Evaluate liability arrangements to cover cases of fraud and/or insolvency of any end-agents, such as sub-custodians

v) Evaluate horizon risks that regulators might expect that conflict registers statements of ethics extend to cover third parties, i.e., to sub-contractual agents or outsourcing parties

Survey findings

“The biggest item keeping me awake at night is improving the

BCP in our financial centres given we are expanding furiously —

already 150 people with a need to move — and making progress

of resilience testing. The normal risks for a start-up are insurance,

BCP, firefighting and setting up double data centers.”

“We are broadly fine with our distribution platforms in the UK.

But we are not certain about the standards among the bank-

assurers in the EU with respect to their customer treatment [TCF]

and PRIPs.”

“The issue for small firms like us is that the cost of indemnification

insurance to cover AIFMD and UCITS V might be greater than

simply holding the cash and boosting our OpR procedures to

manage the outliers.”


The conclusions from this survey echoed concerns from some regulators at whether firms would be able to transfer outsourced activities to another provider in short order (in view of the considerable operational challenges inherent in such a transfer, the probability that this could not be implemented swiftly enough to protect investors and the potential for concentration risk in the supply of certain activities were a critical agent of failure). They are also right to question how asset managers might realistically rely on taking activities back in-house (in view of the capacity and abilities required, the difficulties enforcing “step-in” rights under stressed market conditions, and the potential for undue delay and/or operational risks arising that would be to the detriment of the service provided to investors).

Officials at both the FSA/FCA and the AMF indicated their desired outcome over the past year to ensure that there were effective recovery and resolution plans in place not just for banks but for other systemically important financial institutions also. In view of last year’s scenario modeling and contingency planning around failures developing in the Eurozone, many respondents commented that they were prepared. Most had already devised adequate contingency plans that they felt were viable, robust and realistic in the event of a termination of outsourced activity under any circumstances, including stressed market conditions.

Recent statements by the regulators such as the FSA/FCA expressed the belief that firms’ boards should be able to demonstrate that they have an adequate resilience plan in place that enables the firm to carry out regulated activity if a service provider fails. The broader issue that remains unaddressed is the relative lack of choice of independent providers and whether applying RRPs to such entities would actually forestall contagion, which lies outside the scope of this survey.

Figure 10: Responses from asset managers to outsourcing due diligence

“We were sent a ‘Dear CEO’ letter by the FSA in December 2012. … As a result, the Board have taken the matter seriously and wish to know: 1) What counterparties are used, and for what function?; 2) What is the legal definition of service provision vs. what is outsourcing?; 3) Interested to know all cases of ‘material outsourcing’ arrangements.”

“We don’t get where the FSA are going with their thematic work on outsourcing. It is unfeasible to expect asset managers to maintain multiple custodian relationships on relative ‘hot standby.’ We expect that the FSA are worried that the big global custodians will be ‘too big to fail,’ but as they are the only providers, we are we to go? Fraud and failure at the agent bank level are just as important considerations, which might be taken care of through AIFMD/UCITS.”

► Evaluate concentration of risk under normal and stressed market conditions

► Evaluate contingency planning (such as “step-in,” “standby” or “warm second provider” arrangements) in the event of an agent hitting financial problems

► Perform parallel evaluation of the way in which client assets and client monies were segregated and safeguarded

► Evaluate liability arrangements to cover cases of fraud and/or insolvency of any end-agents, such as sub-custodians

► Evaluate horizon risks that regulators might expect that conflict registers/statements of ethics extend to cover third parties, i.e., to sub-contractual agents or outsourcing parties

► Agreed to definitions of critical operational functions

► Agreed to the materiality of such functions as per the investment business of firm

► Agreed to the criticality of outsourced operational functions and investment services/activities

► Revalidated that they were able to monitor and manage the effectiveness of functions carried out against SLAs

► Cataloged SLAs effectively, particularly in the case of service provision and/or outsourcing from third countries

► Ensured that catalogs featured procedures from competent authorities in third countries

To do ?Work in progress


Reputational risk management was seen by most firms as a superset or consequential risk rather than a discrete risk type in itself; active “RepRisk” management techniques were rare.Business reputation is established by gaining and retaining the confidence and trust of the stakeholders in the business: customers, suppliers and employees, as well as shareholders. Reputation is a fragile asset, as much about perception and the perception of behaviors as it is about fact — which means that a reputation can be gained over a considerable period of time and lost in considerably less time. While reputation is one of a firm’s intangible assets, it is often a valuable asset impacting the firm’s brand value. Reputation is, however, a wider concept than brand alone, impacting ethics, trust, relationships and the ethos of a firm — by way of its culture, values, integrity and above all, its confidence behind how these concepts are communicated to clients and regulators.

Some definitions drawn from the wider context of various industries is instructive:

“A company’s overall reputation is a matter of perception among its various stakeholders (investors, customers, suppliers, employees, regulators, politicians, non-government organizations, the communities in which the firm operates) in specific categories (product quality, corporate governance, employee relations, customer service, intellectual capital, financial performance, handling of environmental and social issues).” — Harvard Business Review

“The principal tenet of reputation is that it cannot be manufactured by an advertising agency or created by a PR firm. Reputation is built as a result of ongoing interactions between a company and its key stakeholder groups, where the experience of the latter is consistent with the values the company claims to uphold, as well as with the promises it makes through advertising and other marketing communications.” — Opinion Research Corporation

“Reputation risk is ultimately the risk of failure, which could lead to negative publicity, costly litigation, a decline in the customer base or the exit of key employees and therefore directly or indirectly to a loss of revenue. If a fund manager loses its brand but retains its product manufacture and distribution, its asset management business would collapse.” — EY

Actual reputational failures in asset management are hardly many — Morgan Grenfell, Long-Term Capital Management, Gartmore and New Star are some of the few that come to mind. Reputation risk for an asset manager can arise from a variety of contributions, ranging from market risk, counterparty risk, operational risk, regulatory risk, fiduciary risk or fraud. Reputation management is, therefore, cross-functional and multidisciplinary, rather than merely driven by issues or powered by corporate communications.

Given that several asset managers had raised or changed their profile, brand or tagline over the last year, it didn’t come as a surprise that CROs were keen to attract (and retain) clients who associated themselves with the values associated with changing brands. The results from this year’s risk survey are illustrated in Figure 11:

Survey findings

“We developed step-in arrangements to wind funds

down in the event of XXX running into trouble. Trying to do with YYY is another matter; if YYY

went under, there will be banking contagion, and we will no longer

be operating under normal market liquidity as everyone

moves the same way.”

“Outsourcing has become a key concern because of all the

questions raised by the FSA. Assuming that cash and custody

are not going to be hugely impacted by a custodian bank collapse (no precedent), then moving custody won’t be too

difficult. If moving fund accounting, that would be operationally more

difficult as there are 10–20 pieces of data per record that need to be considered. If there is close

coupling with an administrator and the firm needs to produce records,

then there are some 100 items of data to be considered and the

greater the entanglement.”


Figure 11: Managing reputational risk (and reputation risk factors)?

Rel

ativ

e in

dica

tor

Firm

aw

are

of R

epRi

sk e

ffec

ts

RepR

isk

as a

sep

arat

e ca

tego

ry

RepR

isk

activ

ely

mea

sure

d/m

anag

ed

Basi

c m

etho

dolo

gy u

sed

for

mea

surin

g/m

anag

ing

RepR

isk

CRO

dire

ctly

resp

onsi

ble

Regu

lato

ry c

ensu

re o

r fine

s

Brea

ch o

f clie

nt m

anda

tes

Star

trad

er(s

) or

PM

s le

avin

g

Mod

el e

rror

s/in

coni

sten

cies

Rede

mpt

ions

/lo

ss o

f man

date

s

Mis

-sel

ling

spec

ifica

lly(o

r con

trol

s fa

ilure

)

Frau

d/ro

gue

trad

er

Deal

ing

or c

orpo

rate

act

ion/

right

s er

rors

Foun

der r

isk

(lea

ving

/un

due

influ

ence

Cont

agio

n in

mar

kets

(e.g

., Eu

rozo

ne)

Repu

tatio

nal i

ssue

with

par

ent fi

rm

90%

24%

49%

16%9%

44%51%

38%29%

58%63%

27%19%

13%23%

29%

Although reputational risk was generally seen as one of the most important risk types, the survey showed that the explicit monitoring and management of reputational risks was inconsistent to date. Only 49% of the respondents claimed that they actively measured or managed reputation risk at a macro-level, for example by considering the risk-adjusted value of expected future earnings from loss of client business (new, or redemptions of existing clients), the risk of loss in the value of a firm’s business franchise (extending beyond the event-related losses), the decline in its share performance metrics, or anticipated reduced expected revenues and/or higher financing and contracting costs.

► Firms dealt with reputational risks in different ways. A majority of the firms surveyed treated reputational risk as derived from other risks, but only 24% of the respondents regarded reputation risk in a category of its own, potentially as both an impact and a driver of new risks. Some firms treated reputational impact as a multiplier when assessing/quantifying other risks (e.g., operational risk). Reputation worthiness derived from brand value or goodwill was seldom considered at a bottom-up level — for instance, by adopting a reputational risk framework (such as what is offered by COSO or the ABI) and collecting data on media hits (such as on news sites and blogs, as well as brand evaluations) to assess the likely extent and impacts of reputational consequences.

► The top reputational risk factors were posited as per ICAAP risk scenarios and ranked as follows: Mis-selling specifically/controls failure (#1 factor); redemptions/loss of mandates (#2 factor); breach of client mandates (#3 factor); as well as star trader(s), PMs or desk heads leaving; regulatory censure or fines; model errors/inconsistencies; contagion in markets (e.g., Eurozone); founder risk (leaving/undue influence; dealing or corporate action/rights errors; fraud/rogue trader.

► Many asset managers saw the increasing client mandate complexity specifically as a growing concern. Fifty-eight percent of the respondents saw redemptions/loss of mandates as a key contributor to reputational fallout, while only 51% of the respondents saw breach of client mandates as a critical factor. There were also strong words said about the role of pension fund consultants who were reported as driving unnecessary complexity when it came to devising or inflating mandates.

“The problem is that the outsourcer is often part of a global transaction service unit at the bank, with lots of legal entities sitting in different jurisdictions, in both EU and non-EU centers, so a concerted global approach is not possible!.”

“The failure of the custodian (as well as the outsourcer) is receiving special attention right now. Appointment of the custodian is an activity mandated by our clients, and we have a third-party oversight team featuring operations tasked with modeling the eventuality.”

“The Dutch Regulator, the DNB, are focusing far more on BCP aspects more than outsourcing.”


► As seen in last year’s survey in regard to Eurozone preparations, a couple of firms already had separate crisis committees in place with processes designed to respond quickly to the type of high-profile events which could damage the brand. Other firms relied heavily on parent entities to manage the overall interest of the brand or (even more importantly for asset managers and insurers) the goodwill.

The introduction of the new financial transaction tax (FTT) provisions in the EU at national levels in France and Italy posed new challenges for asset managers and their servicers.On 14 February 2013, the European Commission presented a revised draft Directive for an EU financial transaction tax (FTT) for 11 participating Member States (Austria, Belgium, Estonia, France, Germany, Greece, Italy, Portugal, Slovakia, Slovenia and Spain). Although the initial 11 Member States indicated their “enhanced cooperation,” the European Commission indicated that other Member States were free to sign up.

As currently proposed, the FTT would apply to secondary market transactions in equities, bonds, fund units, and repos and stock loans, as well as entry into derivatives transactions. Transfers of shares and bonds etc., would be taxed at a minimum rate of 10 basis points. Derivatives contracts would be taxed at a minimum rate of one basis point on the notional value of the derivative. Under the draft Directive, it is envisaged that Member States would transpose the relevant rules expressed under COM (2013)71 into their national law by the end of September 2013. Officially, the FTT directive carries a “go live” date potentially as early as 1 January 2014.

There are no exemptions, e.g., for intra-group transactions, intermediaries/market-makers or stock loan or repo transactions. A lack of an exemption for intermediaries/market-makers means that where a financial institution transacts with another financial institution on a “riskless principal” basis, both parties to the transaction could be liable to tax. This will give rise to a “cascade effect” of multiple charges being applied across a chain of brokers. There is also the issue of whether fund units (such as creation units within ETFs) will be caught, giving rise to the serious prospect of double taxation.

The FTT differs from “typical” transaction taxes in a number of fundamental ways:

► In-scope instruments: The range of “in scope” instruments is technically very broad — in particular, the inclusion of bonds and (all types of) derivatives. Some Member States within the cooperation agreement countries may still press for exemptions.

► Geographic nexus: The tax applies to (a) transactions entered into by financial institutions established in the EU-11, (b) transactions entered into by financial institutions with a counterparty established in the EU-11 and (c) transactions entered into by financial institutions over financial instruments treated as issued by an EU-11 issuer.

► Both parties potentially taxed: The tax applies to each party to a transaction (so long as they are financial institutions) and will operate on the gross value of transactions.

Results from the survey are illustrated in Figure 12. Some points can be noted:

► There were inconsistencies in how organizations appear to approach tax (e.g., tax strategy defined but lack of KPIs and consistent approaches to tax transparency).

► Only 22% of the respondents expected industry utilities, such as FMIs, to play a part in tax collection and reporting — which raised the question about alternative routes.

Survey findings

“We follow the ISAE 3472 process to challenge our agent bank. The

latter have described their BCP and DR practices, and described their

living will arrangements but not circulated these for us to study.”

“We look at reputation risk as a superset risk — e.g., arising from a poor media comment,

ICAAP scenarios, or a material reputational event; RepRisk is

‘owned’ by the Exec Committee, the CEO, CRO and Head of Marketing. Events are managed as-is when it

comes to breaking news.”

“We have a single owner for RepRisk — an Investment Management

Global COO.”


Figure 12: What is the state of readiness of asset managers looking to manage tax risk and preparing to manage the FTT?

Rel

ativ

e in

dica

tor

Tax

risk

a cu

rren

t iss

ue

Tax

risk

a ke

y ho

rizon

risk

Hig

h im

pact

from

FA

TCA

Tax

stra

tegy

is d

efine

dw

ith v

isib

ility

at t

he b

oard

and

exec

utiv

e le

vels

Firm

exp

ects

a s

igni

fican

tim

pact

from

the

FTT

FTT

impl

emen

ted

with

EC d

eadl

ine

ofJa

nuar

y 20

14In

dust

ry u

tiliti

es s

uch

asFM

Is p

layi

ng in

tax

colle

ctio

n an

d re

port

ing

38%

64%

15%

48%

12%

53%

Firm

exp

ects

FTT

con

sist

ently

impl

emen

ted

in E

U-1

1M

embe

r Sta

tes?

Hig

h st

ate

of E

uroz

one

rede

nom

inat

ion

read

ines

s

Som

e M

embe

r Sta

tes

may

char

ge >

min

imum

FTT

rate

s

Tax

risk

in fi

rm's

risk

appe

tite

45%

17%22%

45%Gr

oup

tax

have

KPI

sth

at a

lign

to th

e ov

eral

lbu

sine

ss s

trat

egy

52%

2%

Does the risk function have the appropriate quality and quantity of resourcing to offer challenge to the business?This year’s survey focused more deeply on the quality and quantity of risk resources across firms and how FTEs were being counted. This was partly in response to a desire among firms to benchmark their capabilities against peers and partly in response to regulators asking more penetrating questions about the bench strength and appropriateness of resources to challenge the business. While 37% of respondents indicated an expansion in risk resources, a majority of the firms (54%) remained flat in terms of risk headcount (see Figure 13). The rate of growth of FTEs was not consistent across all firms — while the number of FTEs didn’t vary by overall style, AuM or size of existing team, there was a degree of proportionality between the size of the core OpR resource team and scope of investment risk resourcing.

Figure 13:

1) FTEs dedicated to administering operational vs. cost/income ratio (graduated according to firm size)

“RepR is treated as its own risk type here and we classify it by three types — capital, liquidity and franchise.”

“We are extremely brand-conscious, given our heritage. The reputational impact could be a financial impact e.g., arising from a fine, but we’ve discovered that the internal cost to investigate and remediate can be three times the fine itself.”

“Reputation risk is a focus given recent corporate activity, redemptions and a suspicion of insider trading in the industry. We focus on RepRisk arising from events or scandals. The big focal points are data security at our outsourcing providers, insider dealing and redemptions in general.”

0

5

10

15

20

60Cost/income ratio

Size

of O

pRis

k te

am

80 100


The need to satisfy the diversity of business lines (e.g., multi-strategy, alternatives or REIM) and country coverages (particularly in Asia–Pacific) was a commanding consideration for deciding team size and capabilities. Respondents universally maintained that it was quality, not quantity, which counted, irrespective of the style of the firm, its size by AuM or its geographic diversification.

Trying to draw detailed inferences of how different traditional and alternative asset managers of different styles and sizes spend their time has to take into account the subjective preferences of each CRO or head of risk. Scores ranging from high, medium/high, medium, low/medium and low were normalized and then converted into the values shown on Figure 14.

The changes to priorities in time allocations this year were recorded as follows:

► The amount of time spent managing client mandate risk continued to rise — from 9.1% in 2013 (vs. 8.6% in 2012). Clients, such as US plan sponsors or sovereign wealth funds (SWFs), warranted more time and resources because several demanded bespoke mandates, which required custom fiduciary, conduct and reporting procedures.

► The time dedicated to training — 6.3% in 2013 (vs. 4.8 % of time allocation in 2012) showed a significant improvement reflecting a general desire to up-skill resourcing and a drive toward including more facets under the umbrella of “risk management.” Examples of training included external and internal face-to-face classroom training, online desk-based training, training in a simulated environment as well as external operational risk qualifications administered by the PRMIA.

► The time allocation for managing legal risk (e.g., arising from seeking interpretative guidance on definitions, derogations, thresholds or materiality tests) continued to grow — 8.0% in 2013 (vs. 6.8% in 2012 or vs. 7.1% in 2010). According to future projections, this percentage is not expected to reduce any time soon and would demand a closer coupling between the legal, compliance and risk functions moving forward.

There was no “right answer” to the exam question of “what is the optimum size of the risk control function” in a typical firm, but firms are advised that they should benchmark themselves internally at the very least and be ready to evidence their total control footprint spanning the 1/2/3LD when called upon to do so by regulators or clients alike.

Survey findings

“We treat RepR as one hit from multiple triggers. We have a

World Monitoring Group which comprises 40 people, including

risk officers, economists, market experts, business leaders and

Corp. Comms. The Group devises exit scenarios and we were

ready for the Cyprus crisis as our Playbook was up-to-date and

ready to deploy.”

“FATCA is no longer a priority. Having lived through the

experience of spending resources prematurely for Solvency II, we

will be cautious about getting behind FTT too early in the

cycle. We hope that there will be convergence when it comes to a

directive, perhaps using France as the benchmark. There is no way that the proposed deadline can

be met.”

“It may prove difficult to bring the various national practices

together so FTT as a regulation might not happen in practice — at least not as a regulation applied

across the EU.”

0Size of InvRisk team

Size

of O

pRis

k te

am

5

10

15

20

10 20 40 100

2) FTEs dedicated to administering operational vs. investment risk


Figure 14: What are the relative priorities for risk management in terms of

1) time spent?

Policies and proceduresRisk monitoringTraining and inductionInternal remediation/mitigationInternal auditRisk reportingRegulatory affairs, e.g., new regs.Prudential issues (e.g., ICAAP)Regulatory contact (ARROW, ICAAP, s166, etc.)Management of risk modelingGen. risk mgmt./Client contact/Risk consultingMandate risk/governance

9.4%

10.5%

6.3%

5.4%

4.2%

9.8%10.9%

9.0%

8.2%

8.4%

8.6%

9.1%

2) themed area?

8.3%

10.7%

11.2%

9.1%

10.4%8%6%

3.9%

9.2%

6.5%

11.0%5.7%

Market risk issuesCounterparty/Credit risk issuesOperational risk issuesPrudential issues (e.g., ICAAP)Investment/Product risk issuesLegal risk issuesCountry risk issuesSettlement risk issuesLiquidity risk issuesFiduciary risk issuesRegulatory risk issuesFraud risk issues

“If FTT comes out, it will be a game-changer. For example, money market funds which are based on the preservation of capital and liquidity, could well become unviable. Much of the proposed regulation is unclear and likely to be applied extra-territorially.”

“FTT is a separate project, driven out of continental Europe by Operations, Compliance and Legal. We will be heavily impacted given that our parent is located within an EU-11 country, and we shall be exploring whether we need to ramp up subsidiary status outside the EU-11.”

“The complexity of the regulations is having an effect on the governance, resourcing and cost. We may need to recruit staff to cope with regulatory risk reporting as per how we interpret the rules.”


There was wide disparity in the “fitness of purpose” of systems and deficits when handling change requests.The IT flexibility of the firm proved once again to be a major dependency when delivering a sustainable risk infrastructure to meet the challenges of custom and changing client mandates. The resilience of business continuity planning (BCP) and cybersecurity were both cited as critical components in this year’s survey, although respondents were not specific whether this was in response to incidence of hacking, fraud or insufficiently robust cloud computing arrangements. The results this year were polarized between firms whose systems, controls and data were broadly “fit for purpose” vs. the remainder of firms that were clearly struggling to cope with multiple business and regulatory changes.

There was also increasing awareness among risk professionals that managing data was no longer an issue of merely managing static (reference) data or filtering stale data, as equal to the lifeblood of innovation and therefore the golden source of economic value for the business. More respondents alluded to a need to manage and safeguard “big data” — reflecting what Viktor Mayer-Schönberger, Professor of Internet Governance and Regulation at Oxford University, referred to as the “quantification and datafication”4 in the majority of global industries within his book “Big Data; A Revolution That Will Transform How We Live, Work and Think.”

There was no particular behavior pattern — for example, it was not always an advantage to have a large banking or insurance group as a parent and a high cost/income ratio, nor was it particularly guaranteed that a large AuM base would automatically translate into having access to the best systems money could buy. Small wasn’t always beautiful either. Hedge funds and some smaller traditional asset managers were challenged to keep abreast of the necessary scaling to their systems as they looked to serve more demanding institutional clients, whether meeting, reporting, social networking or cloud computing expectations.

“Top-quartile” asset managers (by way of automated risk prevention) were able to link their PMS, OMS and GL into a seamless system architecture, enabling them to perform “what if” scenarios according to model, product or portfolio criteria. They were able to slice and dice real and synthetic portfolios to assess risks, evaluate yield curves, analyze credit risks, analyze VaR and (decomposition of) track error or evaluate underlying NAVs.

Only 54% of the firms in 2013 could attest that their data, systems/controls and MI were fully robust and fit for purpose, down from the 60% figure recorded in 2012 and well down from the 68% recorded in the 2011 survey (see Figure 15). The percentage of firms experiencing issues with flexibility/IT change requests was 46% this year, similar to the results in last year’s survey.

Survey findings

“We are actively studying the C/I ratio of our group and comparing

it to one of our North American business units where the score is 22 points lower. We are using the

approach to benchmark where we are and to assess the bench strength of how our resourcing

should lie, for both the 1LD and 2LD.”

“It’s all about the quality of the risk resources, not just the size of

the teams.”

“Risk management is as much an art as a science; with larger

teams, the art disappears and it becomes more of a science.”

“Education around conduct risk and avoiding conflicts of interest

is a significant focus right now.”

“There are also other themes around risk culture (risk culture

is a big focus, with mandatory training to build awareness and ensuring that staff are remunerated accordingly).”

4 Datafication — the notion that organizations today are dependent upon their data to operate properly — and perhaps even to function at all — Information Week 25th Feb 2013


Figure 15:

Summary of system and data issues recorded in this year’s survey

1) Data-security-specific concern? 2) Taxonomy used? 3) Issues with IT flexibility?

Yes NoPartly Don’t know/Did not respondKey throughout:

51%

12%

23%

29%

37%

15%

15% 46%

24%

49%

The effectiveness of a risk management function depends on the ability of firms to gather, analyze and report accurate and timely information that is relevant to the risk teams, but equally relevant to the compliance, legal, internal audit, business, finance and other functions within the firm. Leading firms were also digitizing documentation for “on-demand” retrieval of records for audit and control purposes. It was little surprise therefore that this year’s survey found more firms maintaining a wider range of KRIs/KPIs than ever before — spanning traditional investments, alternatives, real estate/private equity and multi-strategy.

Respondents still differed as to the usefulness of data indicators. Supporters of KRIs expressed the view that they were generally helpful, a good discipline to help the risk function decide where to pay more attention to structural or significant changes and a good tool to summarize issues for management, the board, the NEDs, the clients and the regulators. Skeptics claimed that they merely reflected conditions in the past or present and represented a poor predictor of events in the future because there would always be data deficits when trying to model for every scenario combination.

The following types of KRIs were often identified as useful by respondents:

► Business/Management data — e.g., escalations, actions, sign-offs, permissions, approvals, changes to approvals, write-offs, volumes, numbers, costs, ROCE, trends, remuneration data, deferrals, de minimis exceptions, clawback data and LTIP data

► Investment/Mandate risk data — e.g., sector/market sensitivity/position limit breaches, tracking error (and decompositions of the same), mandate breaches and country risk downgrades, IMA breaches, changes to mandates, fund legal entity data, SAA/TAA, risk parity and specific client instructions

“Different parts of the firm focus on AIFMD so there is no unified ‘position’, given that AIFMD covers diverse areas, such as remuneration, delegation, valuation, risk management, liability, reporting, marketing and asset stripping.”

“[The CRO] is spending two to three hours every week in terms of face time with the regulator, and that doesn’t include the preparation and research time.”

“The complexity of the regulations is having an effect on the business, on governance and on resourcing and cost. This will have a huge impact on systems — we are becoming data hungry and concerned at our capacity to meet the regulations and manage change. We need to be in control of our data, e.g., position data; this translates in terms of fewer mistakes (greater efficiencies) and less untoward regulatory attention; we are paying attention to cleaning our start of daily records.”


► Market/Credit/Operational risk data — e.g., trading limit breaches, counterparty limit breaches, institutional and nominee data, fund structure (parent/child) data, errors and omissions (such as descriptions, discovery dates/frequency of occurrences/resolution dates/recoveries/responsibles), near-misses (against the firm/in the client’s favor), trading losses, material incidents, exceptions, stock lending/collateral breaches, reconciliations, corporate actions, tax reclaims, proxy voting

► Regulatory risk data — e.g., authorizations, controls failures, remediations, OBIs and PEPs, investigations, market abuse criteria, benchmark exposures, concentration risks, basis and wrong-way risk data, reverse stress testing data, other performance data (including information related to ALM, TCF, SRRI and others)

► Customer indicia data (for US persons and potentially for EU-11 establishment qualification as well?) — e.g., natural persons, correspondence/in-care/hold mail address details, POA details, beneficial ownership, established entities, home state regulator, standing instructions, liabilities, estate or trust information and unincorporated association information

► Other customer service data — e.g., taxpayer identification number (TIN), taxpayer account data including balances, referrals, customer complaints, customer compensations, contact frequency, waiting calls, missed calls and other TCF outcomes data

Coping with regulatory intrusion and cross-jurisdictional complexities will be the primary challenge for asset managers and asset servicers over the coming years.This year’s survey reflected no let-up in the pace, volume and intensity of changes to global, regional and local/thematic regulations impacting asset managers and asset servicers. Constant political interventions have created measures that sometimes appear to work at cross-purposes (e.g., EMIR/AIFMD vs. shadow banking/CRD on collateral/re-hypothecation).

It is little wonder then that we found that risk professionals in asset management are anticipating signs of “reg-fatigue” over the next few years, stretched as never before by the number of new measures and the constant changes to the same. Many seem challenged to help their business and operations colleagues anticipate horizon risks, understand the impacts of the same, and manage the complexity transfers from the many and varied measures, while trying to support their risk colleagues in anticipating extreme events, optimizing capital and liquidity, and minimizing the potential for reputational risk.

Survey findings

“There is a huge amount of time being spent to achieve

compliance with regulations, e.g., building quarterly regulatory

reporting which does not result in any extra performance.”

“50% of our funds are caught by virtue of being non-EU AIFs and/or

non-EU AIFMs, and there are big issues surrounding how to mark

(tag) funds, e.g., US-issued ETFs are caught as an asset class under AIFMD and we are hit by reporting

requirements which are quite onerous by virtue of the data sets

that need to be reported.”

“Locating collateral is a significant challenge; there are some

consistent data quality issues.”

“There are also big problems keeping up with onboarding when

clients can change their status at anytime.”

“The primary driver for the future will be the need to design

products for the long-term investor and to help build trust in where the environment is going.”

“Two key aspects keep me awake at night — the growth and breadth

of regulatory changes, and the depth of regulatory changes.”


“There is differentiation between regulated and segregated funds. Regulated is monitored daily, particularly for UCITS funds; segregated is monitored weekly or monthly at least, depending on portfolio manager preference; PE and property are monitored monthly but reported quarterly. A detailed spreadsheet is used for equity, fixed income, multi-asset and multi-manager on a pan-geographic basis, but it isn’t appropriate for derivatives nor is it used for longer-term investments, such as PE or Property, which are not super-liquid.”

“There are daily checks for setting leverage and various ways of doing so, such as various sensitivity analyses. All positions are drawn from the back office system, and a data model is used to normalize/standardize the exposures.”

“Our approach is increasingly more committee based, with more judgment-based decisioning and paper documentation in evidence — documentation features limits, number of systems, etc. We will create an audit trail by paper to satisfy this regulation.”

Figure 16 shows how the responses to the survey mirrored the regulatory concerns ahead with regard to two types of regulatory concern:

► Challenges arising from cross-jurisdictional complexities (82%) or complications arising from compliance/legal risks (68%)

► Challenges arising from increasing regulatory scrutiny (80%) or overlapping regulatory measures (76%)

Figure 16: “Top 20” future of risk management over the next three years

Factors such as Dodd-Frank and/or the G20more influential

Risk management more embedded in business

Risk management function more strategic/predictive

Risk function will become more advisory

Greater challenges with third-party agreements

Compliance and legal risks will be a growing problem

Focus on investment risk key

Risk function more commercially focussed

Regulatory scrutiny will become even more intense

New complexities from overlapping directives

There will be cross-jurisdictional (ET) complexities

Managing expectations around conductrisk a challenge

Business will take more oversight/accountability

More functional convergence e.g., compliance/finance

Client mandates will become more complexand challenging

FATCA more influential

Factors such as FTT more influential

Greater focus on extreme event, e.g., redenomination

Personalized/Differentiated service focus

Increasing involvement in reviewing/setting remuneration

Financial crime will become a significant area of focus

1 2 3 4 5Key: Survey 2013

123

45

82%

80%

76%

68%

64%

64%

57%

53%

48%

46%

37%

35%

33%

33%

28%

27%

27%

12%

6%

63%

43%


Figure 17 shows a summary of the findings from the 2013 survey in comparison with the 2012 survey to illustrate some of the trends underway. Several of the benchmarks highlighted in the red fields came from respondents indicating that regulators were likely to extend their direction of travel to cover new domains (such as conduct risk, collateral management/repo, FTT or extraterritorial applications to US/EU-11 persons). The mood music for the next few years would seem to be intensive regulation, intrusive regulation and cross-regulation as the “new normal” in the industry.

The broad consensus from this year’s survey was that a combination of greater regulatory activism and responding to client queries represented the greater portion of their non-discretionary spend. The top quartile firms who had already differentiated through extensive investments in systems over the 2010–2012 period were better able to evidence “fit for purpose” investment, credit and operational risk management. In effect, these firms were better positioned to function and therefore deliver according to their governance, risk appetite and USE test aspirations, and thus better positioned to innovate and function in a multi-regulatory environment than firms that were late to the party in this respect.

Figure 17: Comparison of the results of the Risk Management for Asset Management Survey 2013 vs. 2012

Indicator 2013 result 2012 result Delta/comments

Median involvement of CRO in product cycle <15% In (27% of firms)

<15% In (24% of firms)

Increase in the percentage of firms bringing the 2LD functions toward the start of the product cycle, but the number of DKs was relatively high with some continental firms

% range in ICG uplifts recorded as the “new normal”

135%–175% 130%–170% Some firms were able to lower their ICG scores vs. 2012 results while other showed sharp rises with more complex treatments

% IMs who claim they can break down risk exposures per Cp and per product/fund intra-day vs. total for same ex-post

25% and 40%, resp.

24% and 31%, resp.

Significant investments behind counterparty risk management recorded over the 2012–2013 period, particularly non-bank/insurance-owned asset managers behind ex-post

Firm conducted a study to look at acceptable collateral

39% 31% Reported shortages in the fluidity of (or access to) quality fungible collateral are prompting more firms to focus in this area

Firm has run a “beauty parade” to ask brokers how they might effect collateral transformation

34% 35% Comparable percentages of asset managers concerned at the robustness of counterparties in effecting collateral transformation (e.g., repo) in times of market stress

Rudimentary methodology used for tracking and measuring reputational risk impacts/outcomes

16% 11% Growing awareness of the reputational impacts and outcomes from trigger events, and usage of rudimentary trackers as per share price and social media, particularly among “brand-builders”

Firm expects to experience a significant impact from the introduction of the FTT

53% 50% Rise in the number of firms expecting to comply with the new FTT measures being introduced differentially by Member States

Trend in risk resourcing Upward (37% of firms)

Upward (26% of firms)

Growth is noticeable, not just in numbers but in terms of a drive for quality and beyond “OpR” mindset into business risk mindset

Average time spent on regulatory contact 8.2% 8.2% Rise in the amount of face time that firms are spending with their regulator in the UK; in some cases, the CRO spends two to three hours per week

Average time managing legal risk issues 8.0% 6.8% Sharp escalation in the amount of time managing legal risk, arising from extraterritorial measures e.g., Dodd Frank and FTT

Average time managing mandate risk issues 9.1% 8.6% Mandate risk an even more important issue in 2013; hot spots include PFs, institutional SWFs and ERISA funds

Average time dedicated to training or induction

6.3% 4.8% Significant improvement reflecting a drive to raise the level of risk resourcing and the standing of the function (6.7% in 2009)

% IMs with data, systems and MI fully robust/fit for purpose

54% 60% Greater systems challenges are not being met through comparable investments in upgrades to systems and data quickly enough

% IMs focusing on data security and cyber-security from a risk function perspective

49% 19% Greatly improved awareness of data security, cybersecurity and confidentiality; no longer relegated to being merely an “IT issue”

Summary of findings — 2013 survey vs. 2012 survey


Definitions of specific risk typesRisk type Definition

Business risk Any risk to a firm arising from changes an asset manager’s business, including the risk that the firm may not be able to carry out its business plan and its desired investment strategy. In a broader sense, it is exposure to a wide range of macroeconomic, geopolitical, industry, regulatory and other external risks that might deflect an asset manager from its desired strategy and business plan.

Market risk The risk of loss arising from fluctuations in values of, or income from, assets or arising from fluctuations in foreign exchange or interest rates.

(Counterparty) credit risk

Credit risk refers to the likelihood that a counterparty will fail to meet a contractual obligation that results in a loss in value to the other party. A factor that may contribute to increased credit risk is concentration of assets held with a single counterparty.

Operational risk The risk of loss resulting from inadequate or failed internal processes, people, systems or from external events.

Investment risk Investment risk is commonly defined as a positive or negative deviation from an expected outcome. Asset managers typically regard investment risk as a measure of the expected return given the level of risk tolerance relative to agreed market or internally set benchmarks. Some of these are typically specified within the asset managers risk appetite, often expressed at a corporate as well as at a client level.

Legal risk The risk of a client, clients or counterparties taking legal action against the firm resulting in protracted litigation, financial loss and reputational damage.

Country risk The risk of investing in a country, dependent on changes in the business environment that may adversely affect operating profits or the value of assets in a specific country. For example, financial factors such as currency controls, devaluation or regulatory changes, or stability factors, such as mass riots, civil war and other potential events contribute to companies' country risks.

Liquidity risk The risk that the firm, although solvent, either does not have sufficient available resources to enable it to meet its obligations as they fall due, or can secure them only at excessive cost.

Regulatory risk The risk of failure by the company to meet its regulatory requirements or manage changes in regulatory requirements with respect to new legislation, resulting in investigations, fines or regulatory sanction.

Conduct risk The risk that an entity mistreats its customers or clients, causing them damage. Historically used within the context of retail customers but more recently also applicable to non-retail customers as well.

Fraud risk Any risk of loss arising from a staff member, members or third parties acting in an inappropriate or dishonest manner resulting in a financial loss to the firm (e.g., funds stolen) and consequential damages to its reputation.

Reputational risk The risk of damage to the firm’s reputation that could lead to negative publicity, costly litigation, a decline in the customer base or the exit of key employees and therefore directly or indirectly to a loss of revenue.

Strategic risk The potential negative impact on earnings due to misjudged strategic decisions or lack of responsiveness to industry changes.

Concentration risk The probability of loss arising from a concentration in asset classes or the credit risk characteristics of financial counterparties that correlate positively.

Correlation risk The probability of loss from a disparity between the estimated and actual correlation between two assets, currencies, derivatives, instruments or markets.

Wrong-way risk Wrong-way risk occurs when exposure to a counterparty is adversely correlated with the credit quality of that counterparty.

Basis risk The risk that offsetting investments in a hedging strategy will not experience price changes in entirely opposite directions from each other. This imperfect correlation between the two investments creates the potential for excess gains or losses in a hedging strategy, thus adding risk to the position.

Tax risk The tax impact of business risks arising from an organization’s ongoing global activity. The uncertainty or risk to the firm by failing to file accounting statements according to the appropriate tax standards or to abide by the appropriate tax treaties for the country.

Accounting risk The uncertainty or risk to the firm by failing to file accounting statements according to the appropriate accounting standards (e.g., US GAAP/IFRS) or with due care and attention with regard to the appropriate audition process.

Pre-settlement risk The risk that an outstanding transaction for completion at a future date will not settle because one of the counterparties fails to perform on the contract or agreement during the life cycle of the transaction before settlement.

Settlement risk The risk arising from timing differences between the receipt and payment of funds or deliverable assets.

Custody risk The risk of loss of securities held in custody due to the insolvency, negligence of fraudulent action.

Enterprise risk The risk that an entity fails to meet its strategic, operational, reporting or compliance objectives and manage risk to be within its risk appetite.

Technology risk The uncertainties associated with the implementation of new technologies including systems, software or networks.


1/2/3 LoD . . . . . First, second and third lines of defenseABAC . . . . . . . . . Anti-bribery and anti-corruptionABI . . . . . . . . . . . Association of British InsurersAIF(M)D. . . . . . . Alternative Investment Fund (Managers) DirectiveALM . . . . . . . . . . Asset liability management/modelingAMA . . . . . . . . . . Advanced management approach (risk methodology

for operational risk)AMF . . . . . . . . . . Autorité des Marchés FinanciersAML . . . . . . . . . . Anti-money launderingARROW . . . . . . . FSA’s Advanced Risk-Responsive Operating frameWorkAuM . . . . . . . . . . Assets under managementBCP . . . . . . . . . . Business continuity planningCAPM . . . . . . . . . Capital asset pricing modelCASS . . . . . . . . . Client asset rules (issued by the FSA) CBFA. . . . . . . . . . Commission Bancaire, Financiere et des Assurances

(Belgium Regulator)CC/I/RO . . . . . . . Chief compliance/investment/risk officerCCP. . . . . . . . . . . Central counterpartyCDO . . . . . . . . . . Chief data officerCEFs . . . . . . . . . . Credit exposure factorsCEM . . . . . . . . . . Current exposure method (for Basel II)CMVM. . . . . . . . . Comissão do Mercado de Valores Mobiliários

(Portugese Regulator)CNMV . . . . . . . . . Comisión Nacional del Marcado de Valores

(Spanish Regulator)CoB. . . . . . . . . . . Conduct of businessCOBAM. . . . . . . . Client onboarding and management (

aka “Know Your Client”)COSO . . . . . . . . . Committee for Sponsoring Organisations of the

Treadway Committee (framework standards for ERM)CRAs . . . . . . . . . Credit rating agenciesCRD III/IV . . . . . . Capital Requirements Directive III/IVCrR . . . . . . . . . . . Credit RiskCSD . . . . . . . . . . Central aecurities depositoryCVA . . . . . . . . . . Credit value adjustment (for Basel III)DPO . . . . . . . . . . Data protection officerDR. . . . . . . . . . . . Disaster recoveryE&O . . . . . . . . . . Error and omissionEAD . . . . . . . . . . Exposure at default (for credit risk)EC. . . . . . . . . . . . European CommissionEDF. . . . . . . . . . . Expected default frequency (for credit risk)EI . . . . . . . . . . . . Exposure indicator (for operational risk)EL . . . . . . . . . . . . Expected loss (for all types of risk)EMIR. . . . . . . . . . European market infrastructure regulation

(for OTC derivatives)EPE. . . . . . . . . . . Expected positive exposure (for credit risk)E(PM) . . . . . . . . Enhanced (portfolio management)ERC. . . . . . . . . . . Economic risk capitalESMA . . . . . . . . . European Securities Markets Authority

(formerly CESR)

ETF/P/C . . . . . . . Exchange-traded fund/product/commodityEVT. . . . . . . . . . . Extreme value theoryEXO . . . . . . . . . . Execution onlyFATCA. . . . . . . . . (US) Foreign Account Tax Compliance Act 2010FMI . . . . . . . . . . . Financial market infrastructureFOR . . . . . . . . . . Fixed overhead requirement (required to calculate

Pillar 1 risk capital)FSA/FCA . . . . . . Financial Services Authority/Financial Conduct AgencyFTT. . . . . . . . . . . Financial transaction taxFX. . . . . . . . . . . . Foreign ExchangeICAAP. . . . . . . . . Internal capital adequacy assessment process ICG . . . . . . . . . . . Individual capital guidance (FSA guidance about

minimum capital required)ICR . . . . . . . . . . . Individual capital ratioIE01 . . . . . . . . . . The change in present value of an asset or liability for a

1 basis point change in the implied inflation curve used to value the asset or liability

IGA . . . . . . . . . . . Intergovernmental agreementIIF . . . . . . . . . . . . Institute for Institutional Finance — www.iif.com im/vm. . . . . . . . . Initial margin/variation marginIMA. . . . . . . . . . . Investment management agreementIMA. . . . . . . . . . . Internal measurement approach (for Basel II)IRA . . . . . . . . . . . Internal risk assessment IRB . . . . . . . . . . . Internal ratings based (risk methodology for credit risk)KIID. . . . . . . . . . . Key investor information document (for UCITS IV)KI/P/R/CI(s) . . . Key investment/performance/risk/

compliance indicator(s)LDA . . . . . . . . . . Loss distribution approach (for Basel II)LDI . . . . . . . . . . . Liability-driven investmentLEI . . . . . . . . . . . Legal entity identifierLGD . . . . . . . . . . Loss-given default (for credit risk)LGE. . . . . . . . . . . Loss-given event (for operational risk)LIED . . . . . . . . . . Loss in the event of default (for credit risk)LL . . . . . . . . . . . . Limited liabilities firmsLTIPs . . . . . . . . . Long term investment plansM&A . . . . . . . . . . Mergers and acquisitionMAR/MAD II . . . . Market Abuse Regulation/Second Market

Abuse Directive MI . . . . . . . . . . . . Management informationMiFIR/MiFID II . . Markets in Financial Instruments Regulation/Second

Markets in Financial Instruments Directive NAV . . . . . . . . . . Net asset valueNED . . . . . . . . . . Non-executive directorOBI . . . . . . . . . . . Outside business interestsO/E MS . . . . . . . . Order/execution management systemOpR . . . . . . . . . . Operational RiskOR/M . . . . . . . . . Operational risk/managementOTC. . . . . . . . . . . Over the counterOTF. . . . . . . . . . . Organized trading facility (new proposed MiFIR/MiFID II

venue category)

Glossary of acronyms


PCE. . . . . . . . . . . Potential credit exposure (for credit risk)PD. . . . . . . . . . . . Probability of default (for credit risk)PMO . . . . . . . . . . Project management officePOA . . . . . . . . . . Power of attorneyPV01 . . . . . . . . . The change in present value of an asset or liability for a

1 basis point change in the nominal yield curve used to value the asset or liability

RC(S)A . . . . . . . Risk and controls (self) assessmentRDR/PRIPs. . . . . Retail distribution review/packaged retail

investment products REIM. . . . . . . . . . Real estate investment managementRMP . . . . . . . . . . Risk mitigation point/program (FSA ARROW

methodology)ROI/ROCE . . . . . Return on investment/capital employed RRPs. . . . . . . . . . Recovery and resolution plans (Living Wills)RWA . . . . . . . . . . Risk weighted assetsRW(F) . . . . . . . . Risk weight (function)SBA . . . . . . . . . . Scenario based approach (for Basel II)SBL. . . . . . . . . . . Stock Borrowing & LendingSBR . . . . . . . . . . Shadow banking regulationSCV . . . . . . . . . . Single customer viewSDRT . . . . . . . . . Stamp duty reserve raxSIFI . . . . . . . . . . . Significant influence financial institutionSLA. . . . . . . . . . . Service level agreementSLRP . . . . . . . . . Supervisory liquidity review processSM . . . . . . . . . . . Standardized model (for Basel II)SREP . . . . . . . . . Supervisory review and evaluation processSRI . . . . . . . . . . . Socially Responsible IndustrySRRI . . . . . . . . . . Synthetic risk/reward indicator (for UCITS IV KID)STP. . . . . . . . . . . Straight through processingTs & Cs . . . . . . . . Terms and conditionsTCA. . . . . . . . . . . Transaction cost analysisTCF. . . . . . . . . . . Treating customers fairlyTER. . . . . . . . . . . Total expense ratioTPA. . . . . . . . . . . Third party agentTSA. . . . . . . . . . . The standardized approach (from Basel II)UCITS IV-VI . . . . Undertakings for Collective Instruments in

Transferable Securities VaR. . . . . . . . . . . Value at risk


Contacts

For further information, please contact:

We would like to thank all of the following who supported the survey:

Ratan Engineer, Oliver Heist, David Koestner, Zeynep Meric-Smith, Uner Nabi, Nigel Nelkon, Valerie Nott, Derek Pennor, Amarjit Singh, Paul Stratford, Stuart Thomson, Will de Vere Gould, Julian Young, Annemieke Mollema, Lizette Bruidegom, Robert Bopp, Michael Eisenhuth, Steffan Malsch, Cindy Jimenez, Olivier Drion, Lisa Kealy, Laurent Denayer, Francois Thiltges, Maurizio Grigolo, Antonio Riccio, Christian Dietz and Elizabeth Wynds.

Frank de JonghePartner, EMEIA Asset Management

+32 2774 9956 [email protected]

Craig PondSenior Manager

+44 20 7951 1440 [email protected]

Dr. Anthony KirbyHead of UK Asset Management Regulatory Reform


Gillian LoftsUK Asset Management Leader


Roy StockellEMEIA and Asia-Pacific Asset Management Leader


EY | Assurance | Tax | Transactions | Advisory

About EYEY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization and may refer to one or more of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

© 2013 EYGM Limited. All Rights Reserved.

EYG no. EH0110

1369540.indd (UK) 09/13. Creative Services Group.

ED None

In line with EY’s commitment to minimize its impact on the environment, this document has been printed on paper with a high recycled content.

This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax, or other professional advice. Please refer to your advisors for specific advice.

ey.com

Documents

EY Risk Management for Asset Management Survey 2013