Due Diligence Matters - November 2022 Bulletin

Quentin Thom

Co-Founder & Co-Head, perfORM

+44 (0) 203 746 8974
About Quentin Email Quentin

Our flexible Operational Due Diligence (“ODD”) work, and coverage, continues to grow rapidly.

perfORM’s clients are global and diverse including: Investment Managers, Family Offices / Multi-family Offices, Private Banks, Wealth Managers, Fund of Funds, Asset Managers, Pensions, Endowments, Service Providers / VASPs, and Sports Teams.

Please contact us to discuss accessing our ODD Reports and Innovative Solutions.

Missed the last bulletin? Click here for the October edition.



“Set it and forget it” is the provocative turn of phrase used by the SEC last month in its new proposed rule that would prohibit registered investment advisers (“RIAs”) from outsourcing certain services and functions without conducting due diligence on, and monitoring of, the service providers (“SPs”). Two reactions: catchy and ouch!
We have met many COOs, CCOs and CTOs who spend much of their day implementing and orchestrating a well-oiled vendor onboarding and oversight program, thank you very much. So is it necessary to implement rules to govern RIAs’ choice and management of SPs? Let’s come back to that question later…

Why outsource in the first place? Typically, because the investment adviser/manager (“IM”) wishes to remove expensive, non-alpha generating functions and outsource them to a scalable third party whose business is to deliver those services expeditiously, cost-effectively and hassle-free. That is the aim, but some would argue that this can lead to apathy and, well, forgetting about it!


Yes and no. Being too far removed from, or failing to fully understand the SP’s processes and controls, or its scope, can increase operational risk, and investors do not get a return for operational risk – simply the risk of financial loss and reputational damage.

For example, an established and well-respected fund administrator recently allegedly failed to perform its basic function of valuing a hedge fund portfolio for a number of months, instead taking pricing from the IM and thus failing to provide investors that most fundamental requirement: an independent NAV. Unbelievable! Where was the IM’s oversight and due diligence of this SP? The SEC offers another example, where a corrupted software update to accounting systems at a widely used fund accounting provider caused industry-wide concern over the accuracy of fund values for several days.

But for every example of failed SP oversight, there are many, many more appropriately selected and monitored SPs. However, it’s losses and operational events that matter in the world of the regulator and the investor. The fact that our clients, which include allocators, investment managers, sports teams and even SPs themselves, engage us to review a variety of SPs is testimony to the value of running an oversight program. Operational competency and longevity in all forms go hand-in-hand with capital raising, fund performance and investor returns.

Should the SEC require SP oversight? For many it may be viewed as a step too far, an unnecessary additional ruling to comply with and trip up on, but as consultants we see a broad range of service standards, and we can see where the regulator is coming from. Perhaps a dedicated vendor oversight program would satisfy regulators, investors and investment advisers.

perfORM’s extensive experience in SP operational due diligence (“ODD”) is invaluable to us, both when we conduct ODD on an IM and fund for an allocator, and when we are engaged to undertake an SP review directly by the IM.


If the discussion until recently has been about appropriate oversight of SPs in the tradfi space, and in the SEC’s view this requires regulatory oversight, then for IMs who manage digital assets, or have some exposure to an underlying digital asset, the answer to the question of whether or not to establish an oversight program for the largely unregulated, high growth fledgling crypto SP ecosystem is surely a big fat YES!

Typically, assets in a crypto fund are controlled by the IM, whether self-custodied and traded OTC, or deposited at a crypto exchange, or hosted by a custodian who jointly safe-keeps the assets with the IM. Putting aside the significant risk arising from self-custody, relying on these SPs adds counterparty risk. Counterparty risk, the risk of trusting third parties to act in good faith and with a sense of fiduciary duty, is as old as investing itself. The recent implosion of FTX is another example of it, although the unique way a crypto firm could allegedly use their own tokens as collateral is a first for us!


Much of what’s been revealed about FTX’s demise reads like an echo of Madoff, Enron, Lehman and similar financial bombs of the Noughties. FTX appears to have combined the undesirable or illegal aspects of all of these failures – commingled customer funds, market making and investment management activities under one roof, unfettered rehypothecation, excessive leverage, poor corporate governance framework, opaque reporting, etc. As always, poor operational structures combined with conflicts of interest lay the foundation for potential abuse. Thorough due diligence is the only way one can hope to weed out these risks and assess them in full daylight.

So what can be done? In our opinion the regulators and regulation are not going to be a panacea for such ills. These ‘bombs’ happen and will no doubt happen again both in and outside regulatory frameworks. One would expect, however, that a regulatory framework for crypto would reduce the opportunity for bad outcomes, and that in itself is good enough reason for regulators and agencies to learn from recent events. For example, the Monetary Authority of Singapore is proposing measures to reduce risks to consumers from cryptocurrency trading and enhance standards of stablecoin-related activities.

In terms of their Prudential Standards “Single-currency pegged stablecoin (SCS) issuers must, at all times, meet a base capital requirement of the higher of S$1 million or 50% of annual operating expenses of the SCS issuer. They are also required to hold liquid assets which are valued at the higher of 50% of annual operating expenses or an amount assessed by the SCS issuer to be needed to achieve recovery or an orderly wind-down.”
In our view, institutions have never been able to rely on trust, or regulation, alone and that remains unchanged. FTX is another major incident that underlines the importance of due diligence.

Our liberated ODD service means we are engaged (by allocators, investment managers, sports teams and even SPs themselves) to review a variety of SPs in terms of type (fund administrator to crypto exchange), depth (reference checking to full scope ODD) and frequency (quarterly to annual monitoring). Our new and progressive ODD Report solution is applicable to SPs.