When it comes to fund company operation spending, protecting the computer infrastructure is a high priority.
Thirty six percent of asset managers indicating they are likely or highly likely to increase spending on computer/data security in the next 12 to 18 months was among the key findings from Money Management Executive's annual Operational Issues Survey. The survey also showed that 36% are likely or highly likely to hire additional staff in the next year and a half to assist with their computer/data security functions.
MME's Operatinal Issues Survey was conducted by Lodestar Research, a New Jersey-based advisory services firm. The results are based on responses from asset managers, including mutual fund and ETF providers.
Aaron Izenstark, co-founder and chief investment officer of IRON Financial, says he and other asset managers are prioritizing staying on top of cybersecurity to assure that clients are properly protected.
"It's not going away and it's on everyone's mind because nobody wants to put their clients at risk with an email breach," says Izenstark. "Everyone in the industry is trying to up their security."
Jeff Young, senior vice president at Huntington Asset Services, says recent data security breaches at retail chains Target and Home Depot along with virus outbreaks at other companies have made asset managers increase their focus on preventing this type of harm at their own firms. Huntington like many other fund servicing companies is eyeing additional resources to upgrade its data security systems. The service provider to mostly boutique investment firms is affiliated with Huntington Bancshares Inc. and also offers its own mutual fund platforms.
"Clearly the issue of cyber security is very top of mind," says Young. "Any company that provides investment services really needs to have robust controls wrapped around internet security."
A vast majority of asset managers (65%) rated data management as important or very important with 58% indicating they would be "concerned or "very concerned" about the potential for errors with computer/data security. However, only a quarter (25%) say their firms run redundant systems or automated back-up recovery for computer/data security.
"Recent data breach incidents and investigations have increased the level of awareness and attention regarding data security among the public, the media, and in turn, regulators," says Brandon Robinson, an attorney with Balch & Bingham in Birmingham, Alab. who represents companies in addressing cyber security issues. "The prospect of reputational loss and/or potential regulation now compounds any previously existing concerns about the loss of proprietary information and associated market consequences."
Izenstark says investing in enhanced technology protections is taking on a greater importance for asset managers due to many seeing an increased need to utilize cloud-based platforms. Izenstark's Chicago-based firm uses the cloud-based Salesforce and he says resources are constantly pumped around this area with extra training and manpower so they can protect clients and stay competitive.
"We're always trying to be proactive," says Izenstark. "When you're a small firm you have to make sure you are ahead of the curve or you are asking for trouble."
"The increase in cloud-based computing and the proliferation of mobile devices have either changed or increased the number of security vulnerabilities associated with a centralized, hardened system," says Robinson. "While cloud computing can offer massive cost savings and increased flexibility within IT resources, it challenges many traditional approaches to data security, which will need to be considered as cloud computing becomes more widely adopted."
The services most used by asset management firms with the cloud, according to the MME survey, are fund administration/post-trade compliance (14%), trade matching and confirmation (10%) and reconciliation (10%). A small number (3%) use a cloud-based system for computer/data security with 62% performing this important function in-house and 24% outsourcing.
REGULATION DRIVING OPERATIONS
Regulation is also a key driver of adjusting operations at fund companies. More than half (52%) say the Dodd-Frank Wall Street Reform Act was important or very important in changing their firm's operations and 36% indicating the Foreign Account Tax Compliance Act as a major factor. Cost basis reporting requirements mandated by the IRS was also cited (34%) as being important in formulating the operations strategies of asset managers.
"For many companies, especially in highly regulated industries, compliance with current or anticipated regulatory requirements are often a primary driver when prioritizing expenditures with limited funds," says Robinson. "Because data security has garnered a good deal of recent attention by both media and regulators, this has increased the risk profile for data security as well as its relative importance when making budgeting decisions."
Asset management firm are also eying risk management as an area they'll allocate additional resources. More than a quarter of those surveyed (26%) indicated plans to hire additional staff in the next 12 to 18 months for risk management functions with 34% eyeing spending money for additional resources in this area. Nearly one-fifth (17%) say they plan to appoint a chief operational risk officer or c-level executive specializing in operational risk within the next 18 months and 10% are eyeing buying new software measuring operational risk.
Nearly half (47%) who participated in the MME survey have 5,000 or more full-time employees with 23% having less than 100. Twenty percent number between 1,000 and 4,999 staffers and 9% in the 100 to 249 range. Thirty nine percent of the firms have $500 billion or more in assets under management.