Opalesque Industry Update - Laven Legal Services believes that Luxembourg management companies need to review their due diligence practices and has published a white paper on the subject. Under the Ucits legal framework, Luxembourg regulated management companies outsource some important activities for which they remain responsible in the eyes of the law and the CSSF, the report says.|
Any accounting or administration activities with one or more banks as well as distribution activities are included, the firm believes. “This clearly results from article 110(1)(f) of the law of 17 December 2010 (previously article 85 of the law of 20 December 2002)”.
Laven says that in order to understand and to be able to monitor the outsourced activities regulated management companies must review the way they do business, not only to be compliant with the law but also to protect themselves from the impact of operational failures.
“This includes the risk of claims for negligence as well as reputational risk.” Directors and conducting persons of regulated companies should remember that legally they have the ultimate responsibility for all delegated activities under article 110(2).
Laven explains that previously, under UCITS III, and before the impact of the 2008 financial crisis, it was common for management companies in Luxembourg to rely on the regulated status or brand recognition of the third parties they worked with. “Companies did not feel the need for in-depth due diligence, notably in terms of covering operational risks. In addition they would rely on the reporting received from the same third parties as evidence of monitoring. This reporting alone, however, falls short of providing the proper checks as was demonstrated during the Madoff fraud. As the industry faces new rules, as well as a tougher regulator and scrutinising investors, this is a good time for regulated companies to plan ahead and review any due diligence process they are using. We will look at the changes that are impacting operations, we will suggest processes for due diligence so that it meets the right standards without imposing too many new administrative costs.”
The firm also points out that the UCITS IV Directive will also be supplemented in many respects by the AIFM Directive which also touches, in a similar way, on other regulated financial companies such as custodians and managers of Special Investments Funds (“SIFs”)
“The rules remain broad and should be of concern for all regulated companies. To date there is little by way of guidance on how operational risk should be managed, although the Association of the Luxembourg Fund Industry (“ALFI”) has summarised the following “best practice measures” to assist in monitoring outsourced functions for management companies. They recommend breaking down the process into three main phases for third party due diligence: