SixLines™
We use a proprietary SixLines™ of defense risk assessment model which is a paradigm shift in the way risk is managed.
Asset managers face a unique mix of risk challenges, including third-party risk, regulatory creep, risk identification and investment compliance and political exposure, among a number of other risks. We bring years of experience in establishing best-in-its class solutions to address these risks using the six lines of defense governance framework.
First promulgated in the Institute of Internal Auditor’s 2013 position paper The Three Lines of Defense in Effective Risk Management and Control as a three lines of defense model, we have expanded the three lines of defense Risk Management theses into a best-in-class six lines of defense model delineating an organization’s risk governance infrastructure into six divisions.
Most organizations today still operate under a three lines of defense model, and some do not implement any defensive Risk Management positions. Neither is acceptable under the threats posed under the new global threat conditions.
Counterparty
Counterparty risk is the probability that the other party in an investment, credit, or trading transaction may not fulfill its part of the deal and may default on the contractual obligations.
Which processes do you follow to assess a counterparty and what risk measurement tools do you use?
Beyond basic financial statement analysis, we use a heavy dose of unbiased risk analytics that are built into our process. We put stakes into the ground regarding the discretion we give to our asset managers over their decisions based on financial statements and unbiased analytics. We triangulate information using a proven and sophisticated process, balancing between the financial review, our the results of our proprietary platform, and other analytics.
Additional Threat Assessments
Undesirable Counterparty Risk
We take an approach that every counterparty and every co-LP is a threat, and conduct a deep analyses on every major client, partner and investor of our clients counterparties. Is that alternative fund that you have invested in funded by a rogue nation government funds or is connected to criminal activity? How deep does your analyses of the rabbit hole go?
Operational Risk
Do your operational managers, own their risks? The first line is about ownership that conforms to the enterprise risk management (ERM) framework. ownership means identifying, assessing, measuring, monitoring, reporting, controlling and mitigating risk. Deep subject matter experience uniquely suits operational managers to adapt larger risk management strategies to their particular areas of responsibility
Risk Control Frameworks
Have you appointed risk management committees and is their training and expertise up to date? Have you appointed an oversight committee to manage and oversee your risk committees? Are you able to deliver on on organization-wide risk mitigation? Do you support management policies by monitoring risk factors, developing risk mitigation processes and frameworks, and identifying opportunities for integration or intervention?
Compliance Oversight Functions & Organizational Intelligence
Have you established compliance oversight the risk framework, methodology, policies, and standards? We articulates risk statements, risk appetites, and risk tolerance levels, and captures known and emerging issues. intervene directly when necessary and train the organization to dig deeper. We work with the organization to addresses the overall risk of the organization, and drive progress toward larger ERM goals while also adding a significant component of organizational intelligence across the entire organization and the projects, companies and assets that it has exposure to. Organizational Intelligence provided by our platform is able to asses the quality of returns and performance delivered across the board by all employees and service providers to allow to identify the best in class, and to empower and to improve the performance of the entire organization.
Independent Assurance & Internal Audit
Independent assurance or internal audit are a must have line, that needs to be implemented and real time organizational ties have to be built to allow independent assurance experts to have access to organization wide information and deep organizational data in real time. We have developed a solution to deliver on the goal of establishing comprehensive assurance based on the highest level of independence and objectivity. We provide a solution that assesses the effectiveness of governance, risk management and internal controls by applying internationally recognized standards. We offer a platform that delivers the autonomy, the authority and the objectivity required for a thorough and independent assessment that reports directly to the internal audit governing committee
Political & Reputational Risk Assessment
Many LPs, endowments, pension funds, state owned or affiliated organizations, hospital networks, academic institutions and other and asset managers and organizations must adhere to a strict code of conduct as they can not afford to damage their reputation in the face of numerous stake holders from their members and employees, to the voters and the leadership that they represent. As such we asses both political and reputational risks when it comes to fees that the organization pays the risks that it takes on, and the parties that it deals with, as well as their exposure to ESG, their investments into publicly undesirable industries, geographies, counterparties or projects and we focus and deliver on these and numerous other assessments and preventative strategies.
The SixLines™ lines should be kept separate and should follow well-established and defined policies that specify and coordinate their respective roles and functions. At the same time that they strive to be separate, they should share information when necessary and preferably in real time with full access to organizational intelligence at the deepest level. If addressing an issue requires crossing or conflating lines, the collaboration should be made transparent.
Asset managers should focus on the following key risk areas
Regulatory compliance—While the compliance function must focus on high-level, integrated regulatory compliance, first-line managers often have early knowledge of regulations in their area. The first and second lines should coordinate to keep track of the effects of all regulations and the organization’s official responses to regulations. This coordination allows the organization as a whole to more effectively respond to evolving, creeping or conflicting regulations. In many cases, the best strategy is to align with the most stringent regulations. In cases where regulations conflict, the compliance function has the perspective to effect the best possible reconciliation.
Enterprise risk management—Because ERM is by definition enterprise-wide, this is a quintessential second-level function. However, because first-level managers are uniquely positioned to see emerging risks during their daily interactions, they play a key role in informing the compliance team. At the audit level, ERM requires an ongoing application of recognized standards to the organizations’ evolving risk profile.
Investment Guidelines—There is a strong case for heavy front line involvement in investment guidelines, because brokers know their clients and their investment options best. However, asset managers must control broker participation in order to avoid “fox in the henhouse” issues. Therefore, organizations should consult brokers in creating investment guidelines, but entrust second-line professionals to review them and oversee their coding and implementation. However, first-line professionals can also play a role in quality assurance. Their insights into specific use cases allows them to try to “break the code” by applying it to extreme use cases which participants with less immediate knowledge may not have foreseen.
Third-party risk—Third-party risk can manifest itself in several forms, including cyber security, data security, reputational risk, and anti-fraud efforts. Therefore, organizations should ensure that vendors are properly approved. While first-line managers often inform vendor requirements, second-line professionals typically own the vetting process, and install failsafe procedures to ensure vendors receive thorough vetting. Some asset managers withhold payment until a vendor is approved. Others block unvetted vendors at the contract stage. Additionally, second-line professionals should assure that approval extends not just to the vendor, but to the particular service the vendor provides. Because it can be easy–and convenient–to become lax around these procedures, this is an area in which upper management and governance needs to strongly reinforce company policy through frequent communication.
A risk-focused approach allows to both meet fiduciary obligations and deliver robust performance. Enterprises must focus on precise allocation of responsibilities and it necessitates careful consideration of the particular issues associated with each area involved.
Let’s Talk About US Delivering Overwhelming Value
institutionalclients@goocio.com
Join One of Our Partner Non Profit Boards
+88 546-584-5944
leadershipboards@goocio.com