Risk Management and its importance for regulated fund management structures
Although traditionally it might have attracted less attention, the role of risk management in the economy has always been important. However, the recent financial crisis (2007-2013) has brought to the forefront and established the significance of risk management for the entire economy. Most of us recall the implementation, as a result of the crisis, of strict austerity measures by governments, systemic and other banking and financial organizations, as well as other corporations in order to avoid bankruptcy. It was a lesson not to be forgotten and today governments, regulators and many corporations acting unilaterally have placed more weight on proactively managing risks. In addition, regulators constantly enhance risk management framework practices by providing guidelines to the regulated entities in order to ensure a level of best-practice compliance.
The Cyprus Securities and Exchange Commission (CySEC), in full alignment with the European Securities and Markets Association (ESMA) and the international requirements, aims to safeguard the interest of investors by placing emphasis on effective risk management practices. CySEC is committed to the implementation of effective supervision practices, while regulated funds and Alternative Investment Fund Managers (AIFMs) based in Cyprus are responsible to ensure compliance with relevant laws and regulations. One way in which CySEC notifies regulated entities of new legislation is through the issuance of Circulars at regular intervals. As a case in point, CySEC issued Circular 403 on the 10th of September 2020 referring to the ESMA guidelines on Liquidity Stress Testing. According to the Circular, AIFMs must ensure that stress tests and scenario analyses have been put in place in order to assess key risks, under different market conditions since the 30th of September 2020.
One important distinction that must be in place and which arises from the AIFM law is the necessity of risk management function to be distinct and hierarchically separated from the operating units, including specifically the function of portfolio management. In practice, the employees who are engaged in the risk management function must not only understand the fundamentals and the specificities of each fund that is managed by the AIFM, but they must also be completely distanced from the employees who carry out the portfolio management function.
The risk management function must have the appropriate systems and procedures in place in order to identify, assess, manage and monitor different types of risks that rise to the surface as a result of the different investment strategies pursued by the regulated entities. In addition, it must be ensured that key limits are monitored closely and that they are not breached. Such limits may be market, credit and liquidity risk limits that should not exceed a permissible percentage of the total assets under management. These limits can be monitored by utilizing different practices according to the type of each asset. In the adverse scenario that such limits are breached, an appropriate escalation process needs to be in place and followed. This escalation process should reach the Board of Directors in the case of non-compliance of the portfolio management function with alerts of the risk management function regarding the potential or the actual breach of limits. Such limits arise either directly from the regulation or may be imposed as internal limits which are communicated to investors prior to their investment. Furthermore, leverage must be monitored and assessed accordingly and always in compliance with the relevant regulations.
The Board of Directors must be regularly updated with regard to the current level of risk and for any breaches of risk limits as explained above. In addition, the annual risk management report must be prepared by the risk management function and must be submitted to the Board of Directors for approval.
In conclusion, risk management nowadays has gained vantage ground and, from a macro perspective, constitutes a significant tool for a state’s efficient use of resources, as well as for banking, financial and other corporations to be able to cope with business and financial challenges. It is widely accepted that risk management should be considered as the function that ensures the normal functioning of any regulated firm and it protects the investors’ interests. Accordingly, it is expected that regulators in the future will place more and more emphasis on risk management and, as a result, regulated entities will need to adapt relevant systems and employ personnel to ensure the effective operations of their risk management functions.
by Andreas I Iosif, PwC Investment Services (Cyprus) Ltd