Although fund board oversight of cybersecurity hinges on the quality of information they review, directors have opportunities to take more of a lead on what their fund advisers report to them. A July 30 article in Fund Directions titled “Boards have more say over cyber reporting than they think” includes insights from investment management partners Paulita Pike and Elizabeth Reza delivered on a recent Ropes & Gray webinar on this issue.
“It’s very important for the directors to engage in a dialogue with management to outline what their expectations or desires are in this area, figure out what the adviser can or cannot deliver, and then determine whether outside expertise may be necessary,” Ms. Pike states on the webinar.
Because fund complexes can be set up in different ways, priorities for the areas they need to safeguard will vary widely, Ms. Reza adds. “A manager-of-managers complex, which is not doing a lot of direct trading at that main adviser level, has different things to worry about than an adviser that has a fleet of portfolio managers who are entering trades and dealing with day-to-day investment decisions,” Ms. Reza said. “A lot of tailoring needs to happen.”
Emerging best practices include considering a mix of vendor risk rankings, internal education, cyber insurance, initial and ongoing board reporting, business continuity and incident response, Ms. Pike and Ms. Reza agreed.
The webinar replay and materials can be accessed here.
Attorneys
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find out more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.