SBAI Publishes New Memo On Cash Handling And Cybersecurity
The Standards Board for Alternative Investments has published its newest Toolbox memo, this time focusing on Cash Handling and Cyber Security. This memo, produced by the SBAI’s Governance Working Group, provides guidance on key controls that help protect managers’ payment processes. It also can be used as a tool for investors to evaluate these controls during due diligence.
Alex Baker, Chief Technology Officer at Orchard Global Asset Management said: “Cyber-security is an increasingly important topic and can provide strong protection against cyber-frauds targeted at payment processes. Combining these systematic protections with strong payment processes provides credible mitigation against these risks. This memo shows the importance of combining both technology and process controls to protect payment processes.”
Betty Martin, Director of Investment Services at Employee Retirement System of Texas said: “Cash controls and cyber-security programmes are core focus areas in operational due diligence on investment managers. Whilst this memo provides guidance for the managers, it also can be a useful tool for investors conducting operational due diligence of a manager’s protections against external fraud and cyber-attacks. It also serves as a strong reminder that institutional investors need to ensure that their own controls and process around financial transactions are robust.”
The memo provides an overview of the threat environment, explains common types of cyber-fraud and an overview of controls required to mitigate the risk. The memo also includes mini case studies and specific illustrations of payment controls for electronic payments, non-electronic payments as well as specific considerations for investor subscription payments, redemptions and capital calls.
Nic Miller, Virtual CISO at Aedile Consulting said: “Cyber-criminals will almost always initially seek to compromise a company’s email system as a gateway to gather information and impersonate individuals. A range of technical controls can help mitigate this risk, including Multi-Factor Authentication, Single-Sign-On (SSO) and Email protections. The SBAI’s memo provides some practical steps to increase security protections.”
The SBAI’s Governance Working Group consists of 32 industry practitioners, the Cash Handling and Cyber Security Workstream includes representatives from CERN Pension Fund, Employees Retirement System of Texas, Ionic Capital Management, Ontario Teachers’ Pension Plan, Orchard Global Asset Management, Periscope Capital and Public Sector Pension Investment Board (PSP Investments).
Maria Long, Content Director of the SBAI said: “The SBAI’s working groups are a visible manifestation of what makes the SBAI so valuable – institutional investors and managers working together across geographies to improve industry practices to the benefit of all market participants and the wider economy.”
The memo forms part of the SBAI Toolbox, which provides guidance to institutional investors and managers on a broad range of topics, including addressing conflicts of interest, risk and fee transparency and responsible investment. The SBAI Toolbox complements the Alternative Investment Standards, to which investment managers formally sign up to on a comply or explain basis.
© The Sortino Group Ltd
All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or scanning or otherwise, except under the terms of the Copyright, Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency or other Reprographic Rights Organisation, without the written permission of the publisher. For more information about reprints from AlphaWeek, click here.