How has due diligence evolved in the past decade and what are firms now expected to have and why?
The year 2008 could be seen as a catalyst for a change in the due diligence process, but in reality, the growth of the alternatives industry and its importance to the world economy has seen its investor base become far more developed. Institutional investors, Pension money and Endowments have become a much larger part of the industry and with that due diligence has developed.
In the early days of the industry, High Net Worth investors made up the largest part of the investor base in the alternatives industry and insurance was not a focus. 2005/6 saw some of the larger new start-ups take on a lot of institutional money and with that insurance did become more of a focus but the widespread adoption of insurance was still fairly limited and the limits purchased were not that great.
Nowadays it’s a requirement, and the industry has evolved to insurance being a regular element of the due diligence process. There are several factors involved in this.
- Investor protection is a focus of regulators hence regulators throughout the world require insurance to be part of that protection. AIFMD was the first industry requirement to buy insurance in Europe where a limit as a % of AUM was stated but others regulators have followed. It has now become the norm.
- At one point in time, a hedge fund could be set up with several hundred thousand pounds worth of capital. This is no longer the case, and given the larger teams, AuM and overall investment in these businesses, protecting the assets has grown in importance.
- Big is beautiful. Small was once beautiful but today’s fund managers are required to be much larger in size and insurance is part of that increased investment
- The change in the investor base. Today’s investors will quite often require contractually specified insurance limits
- Insurance has become cheaper over the years and therefore a more affordable option.
In terms of due diligence, what new areas are nowadays being asked about?
From a regulatory point of view, everyone now considers cyber as the big new area for criminal activity, so those throughout the investment management industry need to be prepared. A recent industry conference I attended suggested when, not if, for the fund management industry to be targeted in the same way others industries are already suffering.
The regulators and investors are heavily scrutinising cyber now, and DDQ often now involves cyber-related questions whereas this was not the case 2-3 years ago. The industry as a whole now recognises that cyber is the biggest modern crime threat and that protective measures, such as insurance, against crimes like extortion and data theft are a necessity.
What would your advice be for those buying cyber coverage?
A lot of providers now provide cyber coverage within standard professional liability and crime wordings, not necessarily standalone cyber wordings. The main value for the fund management industry to cyber insurance coverage lies in the service providers. The 24-hour hotline, legal advice, computer experts, extortion specialists and forensics experts at your finger-tips paid for by insurance is the biggest single value in one of these policies. There are a limited number of insurers that provide it so make sure your policy, whether standalone or not, has them.