PHOENIX -- One of the biggest mistakes any firm can make is to convince itself it is a well-oiled machine. And that nothing can sidetrack it, according to Tamara K. Salmon, senior associate counsel
at the Investment Company Institute.
In fact, the “race for quality has no finish line. So technically it’s more like a death march,’’ she quipped at the ICI’s Mutual Funds and Investment Conference here.
Here are ways your fund firm can take off any blinders it might have and size up operational risks posed by what in all cases are very human companies.
Indeed, said Salmon and William L. Roland, vice president of investment risk for ICMA Retirement Corporation, operational risk is really a behavioral science. And you have to know your people and know how they work, to be able to understand what creates errors. And how to fix them.
These tips are distilled from a discussion of this behavioral science by Salmon, Roland, Daniel S. Bender, managing director, Risk Consulting
at KPMG, William D. Mennonna,
director of risk management
at Pioneer Investments and Holly H. Miller, a managing director for middle office outsourcing at SEI and a
• Don’t underestimate the problem. Failing to understand the significance of a risk or the totality of it will doom you.
• Think outside the box. What you don’t know is what will hurt you. Heed warnings.
• Combat the loss of staff. People are increasingly overworked and fatigued. Re-organize processes to ease the burden.
• Escalate issues before they become problems. Make sure your staffs feel free to come to supervisors with issues. Act, instead of react.
• Don’t assume competence. Test it. With turnover and employee fatigue, make sure you are doing due diligence on new hires. And do due diligence, for sure, on the person doing the hiring.
• Make three people the minimum team size. That way, one person can go on vacation, one can get sick and you can still operate.
• Back up skills. Is Bobby the only guy who knows how to enter a credit default swap into your order capture system?
• Communicate. You’d be amazed at how many mistakes can be fixed in advance by morning meetings between traders, portfolio managers and other key individuals.
• Segregate duties. You can prevent rogue trading. The front office can’t have access to back office record systems.
• Social un-networking. What social media sites should be encouraged? Which should be blocked?
• Your iPad is our iPad. If your staff is going to do any business at all on a tablet, make sure it has a “kill pill” on it, that lets you shut it down, if lost.
• Your smart phone is our smart phone. Ditto.
• Learn your systems by hand. Run a drill. If you turn off your systems voluntarily, can you operate? Who knows the key calculations and formulas?
• Monitor all access to your systems. The vast majority of data breaches are inadvertent. Encrypt data on thumb drives. Consider watermarks on PDFs.
• Manage your outsourcer. Set up benchmarks. Understand and track sources of information and results. Create baselines. Keep scorecards.
• Swap jobs. Spread skill sets.
• Enforce two-week vacations without connectivity. Nick Gleason at Barings and Jerome Kerviel at Societe Generale couldn’t have kept on their unauthorized speculative trading.
• Make sure laptops go home every night. So if there is a crash, you can have compute power spread out.
• Make sure everyone knows how to log in and use them. One day, declare it a work-at-home day. As people come into the office.
• Listen, then talk. Listen to people describing problems. Discuss error logs and figure out root causes.
• Run unannounced exercises. Find out flaws in your systems, before they happen.
• Change up teams. Change up technology. As part of the unannounced exercises.