Operational due diligence (“ODD”) across the alternative asset management industry has grown increasingly important to investors since the Global Financial Crisis. Originally, the focus was primarily in hedge funds, but over the last five years, ODD specific to private equity (“PE”) has matured. There are a few reasons for this rise in stature of ODD among PE investors and consultants.
First, the PE asset class grew from $1.4 trillion of assets under management in 2008 to $3.6 trillion by the end of 2018.1 Alongside this increase, we observed a rise in the number of fund managers paired with an ability to raise more capital. For established managers, fund size continues to increase, more than doubling over the same time period. This unprecedented rate of growth was driven by a combination of new investors entering the asset class and current investors increasing their allocation to PE. This growth resulted in additional scrutiny applied to the asset class.
Second, increased regulatory oversight after the Dodd-Frank Act was enacted demanded more transparency in the PE industry. A combination of growth in the asset class and regulatory scrutiny elevated investors’ senses and highlighted a need for more robust oversight within the asset class to ensure that PE managers are held to the same standards as other alternative investment managers (e.g. hedge funds).
Lastly, although infrequent, the asset class witnessed highly publicized wrongdoings involving PE managers that highlighted the need for additional due diligence. Some examples include Rothenburg Ventures, Binary Capital, and The Abraaj Group4 in the table below. Akin to how the Bernie Madoff events made the ODD process mainstream in the hedge fund industry, PE managers are experiencing an accelerated adoption of ODD practices by investors in the asset class.
With these points in mind, investors now expect the same level of transparency from PE managers as they do from hedge funds post-2008. While neither investment nor operational risk can fully be mitigated, it is vital to understand the operational strengths and weaknesses of an organization to make a well-informed, risk-based decision on whether to move forward with an investment.
While each investor has their own risk tolerance, a formalized and consistent process provides a foundation for making an informed decision on those risks they deem critical.
The importance of evaluating all types of risk (investment, portfolio construction, operational, etc.) should be a priority when reviewing a PE manager. While generating alpha is the ultimate goal, an investor needs to evaluate operational risk in an effort to ensure performance is optimized. Integrating ODD into the overall due diligence effort is an important step toward ensuring that every investment is thoroughly vetted before a commitment is made. The ODD personnel and process should generally be independent of the investment teams and performed in parallel with the investment due diligence. This helps ensure that input from the ODD process is incorporated into the investment recommendation. While each investor has their own risk tolerance, a formalized and consistent process provides a foundation for making an informed decision on those risks they deem critical. This process should leverage the various activities shown in the table below to perform both a qualitative and quantitative assessment of a manager’s operational risk as it relates to specific assessment areas. This independent review process should also be able to verify and validate controls in place that can mitigate a weak operational environment. Post investment, a heightened awareness of the operational risk of a manager provides a roadmap for monitoring and managing the risk during the investment period.
In a recent ODD assessment, for example, Adams Street uncovered through a review of policies and interviews with the CFO that a manager did not have dual authorization in place to approve and release wire transfers. This is a major risk in the cash control environment that can abet fraudulent behavior. Prior to moving forward with the investment, Adams Street mandated that the manager implement new cash control processes including, but not limited to, dual authorization.
Post-investment monitoring efforts are important to mitigate future risks and hold parties accountable for continuous operational improvement.
Post-investment monitoring efforts are important to mitigate future risks and hold parties accountable for continuous operational improvement. The level of monitoring performed should be based on a structured and standardized pre-investment risk assessment. This is often referred to as “risk-based monitoring”. Investment monitoring should be a collaborative process between the manager and investor to leverage each other’s insights and learn from past experiences. This knowledge transfer should help to improve operational performance and maintain best practices in the industry. Not every manager can – or will – benefit from best practices given their resources and size, but a thoughtful approach to mitigating risk by providing constructive feedback to the manager is far more effective than an adversarial relationship. Monitoring efforts should be designed based on the risk threshold of each investor and can include rotating on-site reviews, annual surveys and customized DDQ requests, continuous background monitoring, ESG monitoring, and reviews of financials (including waterfall calculations and the allocation of profits and losses). This process helps evaluate the remediation of risks discovered in the initial assessment, identifies new and emerging risks, and facilitates operational improvement opportunities that will assist in scaling the organization.
Many of the pitfalls that expose investors to losses due to an operational risk are not isolated to one assessment area. In fact, several of the recent events noted earlier include a variety of red flags that when viewed together reflect a much riskier investment than if viewed in isolation. Without hindsight, it is easy to overlook the full picture; therefore, it is imperative that an integrated, comprehensive assessment of risks is evaluated with a skeptical frame of mind.
Below are some common red flags that may indicate increased scrutiny is required:
As mentioned earlier, the growth and complexity of the PE asset class that led to the expansion of ODD also brings with it heightened regulatory scrutiny. Staying on top of changes to the regulatory environment is crucial to maintaining an effective ODD program. Activities should include evaluating regulatory updates, engaging with industry organizations, attending conferences, and networking with industry experts. All these activities can provide awareness on relevant topics and issues impacting the industry.
An example of recent regulatory impact is the Securities and Exchange Commission’s prioritization of cybersecurity risks.5 These guidelines require registered investment advisers in the PE space to evaluate their infrastructure’s ability to identify threats and protect data and information from unauthorized access. Establishing best practices around cybersecurity is now a requirement and should include systems and processes that better protect data and the manager’s information technology environment, including establishing a cybersecurity framework that addresses controls around user access, data, network and hardware security, change management policies, vulnerability and penetration testing, patch management, incident response, and security awareness/training that educates a manager’s weakest link – their human capital. While regulatory changes may lead to additional costs related to the implementation and administration of these enhanced controls, Adams Street has observed improvements in its managers’ overall cybersecurity practices over the last five years.
While ODD is still an evolving practice in PE, the importance of developing a structured framework with a consistent process cannot be overstated. Adams Street strongly believes in the importance of ODD as a value-add component of the overall investment process and therefore implemented a structured ODD program across its investment strategies. This process includes a Risk Rating methodology to objectively assess the operational risk of fund managers. Utilizing a quantitative rating methodology allows Adams Street to implement a risk-based approach to post-investment monitoring as well as benchmark the managers with which it invests across factors such as subclass, assets under management, geography, and organizational size.
Furthermore, given the breadth and depth of its relationships with fund managers, Adams Street is viewed as a collaborative and trusted partner in educating managers regarding operational best practices. As a result, Adams Street believes its fund managers are well positioned to develop and/or maintain best-in-class operational capabilities and avoid detrimental operational-related issues.
For additional insights into how ODD can successfully improve the control environment of a manager, please contact Adams Street.
1. Preqin Assets Under Management as of July 26, 2019
2. Global Private Equity AUM Source: Preqin Assets Under Management as of July 26, 2019
3. Global Private Equity Fundraising Source: Preqin Historical Private Equity Fund Raising as of July 26, 2019
4. Note: Adams Street Partners is not an investor in any funds managed by Rothenburg Ventures, Binary Capital, or The Abraaj Group
5. In April 2015, the SEC issued specific Cybersecurity Guidance to registered investment advisors, outlining various measures that should be addressed as part of mitigating cybersecurity risk. Since then, the SEC has included Cybersecurity as an Examination Priority and published investor Risk Alerts highlighting areas of weakness identified from recent examinations.
Important Considerations: This Paper is not intended to provide investment advice. This Paper is not an offer or sale of any security or investment product or investment advice. Statements in this Paper are made as of October 2019, unless otherwise stated, and there is no implication that the information contained herein is correct as of any time subsequent to such date. Projections or forward looking statements contained in this Paper are only estimates of future results or events that are based upon assumptions made at the time such projections or statements were developed or made; actual results may vary. Also, general economic factors, which are not predictable, can have a material impact on the reliability of projections or forward-looking statements.
