CySEC’s findings to on-site inspections on AIFM governance aspects

On 22 October 2020, the Cyprus Securities and Exchange Commission (CySEC) issued circular C409 (Circular) setting out certain common deficiencies and best practice standards which it identified as a result of onsite inspections carried out on a sample of Alternative Investment Fund Managers (AIFMs).

The Circular is particularly useful in that it sets out specific operational examples which CySEC considers to be deficient. The Circular additional lists certain areas in which it found best practices implemented, thus setting out specific examples of what CySEC considers to be prudent compliance in these areas. We set out below an overview of the most notable findings raised by CySEC in the Circular.

Deficiencies

In the Circular, CySEC commented on deficiencies in the following areas:

1. Risk Management Function: Functional and hierarchical separation of risk management from the portfolio management function: Risk managers should not be supervised by the AIFM’s portfolio manager. Furthermore, the risk manager should be represented on the Board of Directors with a power equal to that of the portfolio manager. A risk management committee consisting solely of non-independent members is considered to give such non-independent members undue influence. Annual reports should include a tailored description of risks for individual AIFs and should further include information on risk management systems.

2. Valuation of the AIF’s assets function: AIFMs must notify CySEC when appointing an external valuer for the valuation of an AIF’s assets. It is not acceptable for AIFMs to examine and review the final valuation of external valuers, as this undermines the independence of the external valuer. AIFMs must ensure that proper procedures safeguarding independent valuation are adopted and implemented when valuation is performed internally.

3. Portfolio Management Function: Where external investment advisors are appointed, AIFMs must ensure that the final investment decision is made by the AIFM, having obtained advice on appropriate range of investment options.

4. Compliance Function: Where AIFMs outsource their compliance function, it must still be ensured that a review of the relevant measures, policies and procedures was reviewed on an appropriate regular basis. The Circular suggests that an external review once or twice annually does not count as sufficient. Compliance functions are expected to implement a compliance monitoring programme for the AIFM which takes into account the specific business of the AIFM.

5. Responsibility of the external AIFM regarding managed AIFs in the form of a company/partnership: Where AIFMs are appointed as external managers, they must ensure that contractual agreements provide them the ultimate authority and responsibility to manage and decide on the individual investments and risks of the AIF. It is not acceptable for the final approval for investment decisions or on risk limits to be made by the board of directors of the AIF.

6. Delegation: AIFMs must exercise their right to monitor the delegate and maintain adequate documentation of such monitoring. Agreements with delegates performing key functions must set out detailed procedures and the operational aspects of the delegation.
   
   
7. Record keeping: CySEC identified a lack of, and reiterates the requirement to maintain, documentation evidencing decision making processes, reports or detailed written procedures on operational matters.
   
   
8. Appropriate training / knowledge for employees: CySEC commented on the need to ensure that employees generally but in particularly employees involved in the valuation of assets have the skills, knowledge and expertise required to perform this function.

Best practice standards

In the Circular, CySEC noted the following activities as best practices:

1. Control of the AIFM by the Board of Directors: Quarterly meetings of the board of the AIFM with physical presence of all members is considered satisfactory. Attendance of the compliance officer in board meetings and detailed record of minutes is commended.

2. Control from the Senior Management: Participation of senior management on the board as executive directors ensures that the board is kept fully informed and updated.

3. Delegation: CySEC commended the use of "audit valuers" in respect of illiquid or non-liquid assets. It additionally commended the delegation of the administration of funds to providers with which they do not have close links as safeguarding independence, strengthening investor protection and reducing the risk of conflicts of interest.

The Circular offers valuable insight on the organisational and compliance standards which CySEC expects AIFMs to have in place, and reiterates the significance of tight internal systems and controls to proper compliance.

The Circular can be found here.