Digital Assets Report


Like this article?

Sign up to our free newsletter

Risk management framework for fund managers: The Deutsche Bank advantage

Related Topics

In today’s increasingly complex and evolving regulatory environment, fund managers expect their providers to have a sophisticated risk management framework that meets global, regional and local standards.

“The reality is we are facing increasingly risk-conscious clients who are very aware that when it comes to governance and controls, small leaks can sink big ships,” says Raj Purmessur (pictured), Head of Fund Services Bangalore, part of the Investor Services business in Deutsche Bank’s Institutional Cash & Securities Services unit. “Our business processes, technology and staff are regularly assessed to ensure we meet today’s regulatory obligations – this goes a long way to increasing our client’s confidence,” added Purmessur.

In a data-driven environment, data protection is a critical component and a recurring theme for existing and prospective clients who often enquire about how the Bank manages access to client data. Deutsche Bank follows a rigorous but transparent approval process, with several checkpoints, in granting access to applications. Users’ access requests are logged online via Deutsche Bank’s Fund Services ticketing system and require online approval from both the functional user’s manager as well as Deutsche Bank’s Fund Services Business Information Security Officer. Gatekeeper, the bank wide global access management system automatically triggers recertification of all user accounts twice a year. At the same time, Gatekeeper routinely identifies leavers to deactivate their access to applications.

“Over the past couple of years, SunGard has partnered with Deutsche Bank Fund Services to implement multiple customised security enhancements. While rolling-out key initiatives such as two-factor authentication and daily administrative system access reviews, SunGard was able to witness Deutsche Bank’s commitment to robust security and risk governance,” comments Daniel Varner, Director of Cloud Services, SunGard.

With increased industry focus on sub-contractor governance, fund managers expect their administrator to perform thorough due diligence on third party technology providers. Deutsche Bank has adopted a standard bank-wide approach to vendor risk management (VRM) and has implemented a state-of-the-art system which captures the scope of services delivered across various jurisdictions while managing vendor and service risks.
Deutsche Bank Fund Services technology vendors comply with the Bank’s policies and are subject to VRM tool service risk assessments and vendor control assessments. “While we put our third party technology providers through an intense due diligence process, we also actively partner with them to improve their product. It is a symbiotic relationship with the client at the centre,” says Purmessur.

Following the Bank’s recent risk management and governance audit in 2015, SunGard’s Varner adds: “Deutsche Bank continues to fortify and evolve its security defences to better protect clients and investors. We are pleased to have forged this relationship with Deutsche Bank and as they continue to invest in data security, we hope to deliver new solutions to meet the dynamic security landscape of financial data”.

In tandem with the group wide stringent VRM process, Deutsche Bank launched its own strategic “three lines of defence” initiative to continually strengthen risk governance and controls. At the first line of defence, business owners are accountable for all risks – in particular material risks – and controls under their business processes. At the second line  , all control and support functions such as risk, compliance, legal, finance, tax are responsible for ongoing independent risk assessments. They design and enforce the policy. Finally, the third line rests with group audit providing independent and objective assurance on the effectiveness of risk management, internal controls and governance procedures. 

“Deutsche Bank has integrated cutting edge technology to establish a robust risk management and control eco-system at enterprise level. We are committed to ongoing enhancements of our risk management processes,” concludes Purmessur.

Like this article? Sign up to our free newsletter

Most Popular

Further Reading