Cost, complexity & security drive hedge fund outsourcing
Outsourcing has not only become an accepted practice among hedge fund managers, it has become a necessity as funds large and small seek out ways to control their costs, manage their internal resources more effectively, and overcome the ever growing challenge of regulatory compliance.
Perhaps more than ever before, hedge fund managers recognise that as cloud technology makes huge strides forward it makes more sense to focus on their core activities of investing and raising capital, appointing a trusted outsourced provider to manage the raft of non-core activities that investors do not want managers to be preoccupied with.
Indeed, while the thought of hosting IT offsite was once a worry for allocators, today’s investors find comfort in knowing hedge fund and alternative investment firms are focusing on their investment priorities and leaving the technology decisions to the experts.
Mark Coriaty is Chief Strategy Officer at Eze Castle Integration. In his view, a firm’s fee structure as well as the growing complexity of the back-office directly impact the extent to which managers choose to outsource and spend capital over time.
”Today the majority of our clients range anywhere from 20 to 200 users and most of these users sit in the front office; portfolio managers, analysts, traders, says Coriaty. Over time, the back office has had to grow due to the number of counterparties and regulatory obligations that managers have. The growth of counterparties and investor requirements coupled with increased compliance and regulations has introduced more complexity and risk into hedge fund options.”
A new annual survey put together by KPMG in partnership with AIMA and the Managed Funds Association has looked into the disruptive effect that technology is having on the broader financial services sector. The results included views of more than 100 hedge fund leaders representing approximately USD300 billion in assets under management.
Briefly, the results found that 94% of managers felt that technology will have an impact on competition over the next five years; 90% cited improved controls and compliance as a reason for investing in technology, and 78% believed that technology would deliver enhanced reporting.
As such, working with outsourced providers who have the ability to bring economies of scale to bear, introducing new applications or tools to the benefit of all their users by leveraging global resources, can lead to significant efficiency gains. And with the role of technology only likely to grow in the near term, managers who use infrastructure-as-a-service or a full managed service solution can circumvent the need to constantly spend IT budgets on licensing updates, installing new systems and so on.
“As a managed services provider, not only do we provide our own services through the Eze Private Cloud or technical support, we also do a lot of counterparty intelligence and/or management for our clients.
“Our history is deeply rooted in hedge fund technology, but the value of our services is now being recognized across all alternative assets. Today our teams spend time architecting many different technology formulas for clients. Infrastructure-as-a-service is typically used by smaller firms that require application hosting and want to leverage our private network to ensure that the connectivity is secure and resilient.
“Larger firms use our cloud platform, but layer on that virtual CTO services including tapping our technical architects for solution designs as well as our service delivery team for ongoing managed support. We also spend a significant amount of time assisting clients with cybersecurity consulting, policy development and vendor due diligence,” notes Coriaty.
Security concerns when outsourcing
One of the most asked questions, not just by fund managers but by prime brokers, is security of the cloud and it is something that Eze Castle Integration deals with on a daily basis. When looking at the overall architecture of the Eze Private Cloud, regardless of what function is being delivered on the cloud, the entire design was based on being able to respond to, and meet, the requirements of the regulatory environment.
“We looked at everything we would fundamentally need to do to address all the different questions coming from the SEC, the FCA, Asian regulators, etc., to ensure that we could architect something that would fulfill our clients’ needs.
“That being said, since building the original architecture, we have spent a tremendous amount of time and dollars updating the cloud as new regulatory requirements have come into play. As a wrapper, not only do we have a private network called ECINet, we also have a multitude of different components that go into the cloud specifically to address cybersecurity, as well as process management. The technical aspect of our cloud is one part of security. The second part is teaching and educating clients to ensure that they understand how to protect themselves,” explains Coriaty.
The perceived issues of cloud security have existed for some time and acted as a deterrent to more conservatively minded managers but, as technology improves, those fears have started to subside. One could argue that the level of security that private cloud providers bring to the table is far more substantial than any single investment firm could possibly hope to match; this again explains why institutional investors are happy with the outsourced/managed service model.
Going back to the cybersecurity issue, managers can outsource key functions to Eze Castle Integration. For example, it has a dedicated group that produces Written Information Security Plans for clients, as well as security processes and procedures.
“We also have a dedicated team that focuses exclusively on cyber and regulations, keeping up to date with any regulatory developments. Regulations change all the time and that is what makes it a challenge for fund managers. We publish viewpoints to the market, we produce thought leadership pieces for our clients and prospects, and we continue to add new components to the cloud to ensure we are keeping up to speed with the latest regulatory technologies,” says Coriaty.
Eze Active Threat Prevention
Indeed, last year the firm launched a new application called Eze Active Threat Prevention (‘ATP’), which is an extension of the cloud and sits at the client’s site.
“We were using various technologies internally on the cloud for intrusion detection and prevention purposes and we have extended that to our clients’ sites, in addition to offering next generation firewalls. From a cost standpoint, it is a high value, cost efficient solution. It is effectively mirroring what we do on the cloud, giving clients full protection when using the Eze Private Cloud,” says Coriaty.
Outsourcing and the use of managed services within the alternative investment sector will continue to adapt as regulations and technology evolve over time. One trend that Coriaty thinks could be interesting to see develop over the next 12 to 18 months is the evolution of the Chief Information Security Officer (‘CISO’) and where that role fits into fund management groups.
“Back in 2007, we saw a lot of CFOs become CCOs due to regulation and that made a lot sense as the CFO was quite capable of playing that dual role. That will not be possible with the CISO. Asset managers will need a dedicated person or a dedicated way to outsource that role in a way that fully understands their business,” concludes Coriaty.