Why is Investment Management Agreement (IMA) Compliance usually poorly executed and what simple steps can you take to fix it and lower your costs?
Investment Managers have a contractual obligation to manage client mandates in accordance with the IMA. It sounds simple but managing hundreds/thousands of IMAs gets complicated!
1 What are the challenges with IMA Compliance?
The best Investment Managers are pretty good at managing IMA Compliance, but most are not, and some are dreadful. You can benchmark your IMA Compliance by asking a few questions:
- Assessment – when was your last IMA Requirements/Risk assessment?
- Scope – do you focus on investment guidelines/restrictions and ignore the rest of the IMA?
- Client Breach Identification – are clients finding IMA Compliance errors/omissions?
- Breaches/Compensation – do you have breach/compensation numbers (M/Q/Y)?
- Costs – is spending on technology and people but without a discernible benefit?
Answering the above will tell you how your IMA Compliance measures up.
2 Why is IMA Compliance a Challenge?
Based on our work with multiple Investment Managers globally, the biggest IMA Compliance problem is that the area lacks “focus”.
Focus is important because firms that focus on a challenge can align their operations to address the challenge. IMA Compliance isn’t a Senior Management priority so is left to drift.
The second main IMA Compliance management challenge is that processes, systems and controls were not designed “top down” but were implemented piecemeal with the hope it would work out (it doesn’t).
3 How do you Achieve Great IMA Compliance?
3.1 First: Understand Your Starting Point and Your Destination
There are basic steps every Investment Manager must take before, and periodically after, implementing an IMA Compliance system:
1. Requirement – record the IMA Compliance requirements of the Stakeholders (clients, regulators, Portfolio Managers, Account Managers, etc.)
2. Risk – Record and quantify the IMA Compliance Risks, including clients lost/not won, compensation payments, reputation damage, regulatory investigation(s), etc.
3. Gap Assessment – Compare the requirements against your current IMA Compliance. Is your current IMA Compliance delivering the Requirements, if not, what are the gaps?
If there are no gaps between your requirements and your current state, then you are top of the class. Assuming you identify gaps, you will need to assess:
- Current Resourcing – Can the current resources be redeployed to cover the gaps?
- Additional Resourcing – What additional resources are required to cover the gaps?
None of the above should be highly detailed, but it has to match your business’ complexity.
3.2 IMA Compliance Governance
A Senior Manager (Board/Sub-Committee Director) has to be responsible for IMA Compliance. Without this “senior” sponsorship IMA Compliance will get overlooked.
The IMA Compliance Senior Manager should appoint an IMA Operational Compliance Manager to prepare periodic status reports and notify them of material ad-hoc issues.
3.3 IMA Operational Management
Every firm should have an experienced operational manager responsible for IMA Compliance. The IMA Operational Compliance Manager role includes:
- Requirements/Risks Assessment – prepare and periodically update a Requirements/Risks Assessment
- Planning – prepare a plan for delivering IMA Compliance based on the identified Requirements/Risks Assessment
- Resourcing – assess the resources (technology, data and personnel (quantity and experience) required based on the IMA Compliance Requirements/Risks Assessment
- Periodic Status Reports – provide the Senior Manager with updates on the performance of the IMA Compliance team’s , including issues arising, resolved and outstanding
- Ad-Hoc Reports – escalate material IMA Compliance issues to Senior Management
3.4 The Rest…
There are many important tasks the IMA Operational Compliance Manager is responsible for, but implementing systems, processes and controls without understanding the Requirements and Risks of IMA Compliance will waste a lot of time and money.
4 Free Consultation and Health Check
Our Professional Services team have studied the best operational practices for AML, cyber-security, data governance and board governance and have developed “Best Practice” for IMA Compliance.
- Free Consulation – We offer a one-day free consultation where we share with you our IMA Compliance Best Practice. If you are in good shape or if there are areas for improvement, then we will let you know
- Health Check – We offer a formal five day IMA Compliance Health Check where we work with your IMA compliance management to identify any material gaps in your current IMA Compliance regime and recommendations on how to address them
For information on the above, email our Professional Services Director, Adrian Pay at email@example.com .
5 IMA Compliance Take-Away
Life would be easier if IMAs were standardised, but they aren’t, which means Investment Managers have to focus on delivering high quality and efficient IMA Compliance.
By giving a Senior Manager responsibility for IMA Compliance, undertaking a Requirements & Risks Assessment and appointing an IMA Compliance Operational Manager, your firm will be in a strong position to achieve better IMA Compliance at the lowest cost.
The Dynamic-GRC “IMA Compliance Best Practice” sounds simple but almost every Investment Manager can benefit from an expert assessment of their IMA Compliance.
The best Investment Managers are those which constantly worry about falling behind and are committed to ensure they stay in front – “only the paranoid survive”!!
About the Author
Adrian Pay has specialized in financial regulation for over 20 years, working in: the UK, US, Hong Kong, Singapore, Japan and Luxembourg. He lectures and writes on a range of regulatory, governance and AML topics and is passionate about learning and sharing his insights.
Adrian was a co-founder of LatentZero (now Fidessa BuySide) and is a Director of Dynamic-GRC, the leading RegTech solution provider: www.dynamic-grc.com
If you have questions, comments or suggestions Adrian can be emailed on:firstname.lastname@example.org