Download PDF Version
What is continuous monitoring? Why is it important?
As a critical component of risk management, continuous monitoring bridges the gap between an initial background investigation and periodic due diligence reviews. Integrating investigative due diligence practices with data mining and analytics, continuous monitoring systems can identify, quantify and report in near real-time instances of high-risk behaviors and transactions, as well as failures in internal controls.
Under the traditional approach to due diligence, organizations conduct intermittent, sampling-based background investigations every 18 to 24 months supplemented with Google Alerts; however, according to the Association of Certified Fraud Examiners, the average fraud scheme goes unnoticed for approximately 18 months. By only evaluating risk during scheduled reviews, companies can miss fraudulent and non-compliant activity as well as other suspect behavior that may put them in violation of regulations and laws, harm their reputation or result in significant dollars lost.
What is eConnaissanceSM?
Historically, continuous monitoring has been implemented to identify vulnerabilities to an organization's technology systems, focusing on threats to the network and information security, on an ongoing basis. We have applied that same concept to detecting vulnerabilities outside the organization's network and expanded the scope to monitor for a much more extensive range of fraud signals.
eConnaissance is a proprietary, first-of-its-kind tool for investors to continuously monitor individual fund managers against relevant databases across all matters of public record in a cost-effective and efficient manner. A highly automated system, eConnaissance flags anomalies or changes to the fund manager's professional or personal background that may indicate suspicious or fraudulent activity. If a change or anomaly is identified, BDO then confirms its validity and subsequently notifies the client. The client can view these red flags via the eConnaissance client portal. Receiving this information in near real-time allows investors to have open conversations with their portfolio fund managers and quickly get to the root of the problem.
What aspects do you evaluate when looking at a transaction between investors and fund managers?
There are a number of red flags that can involve either a fund manager or a third-party service provider, which we uncover by running their names in conjunction with government bodies. Regulatory filings, although not always public, may demand more scrutiny. If we see an SEC filing go live, or if the SEC has opened a new inquiry, we flag to our clients and investigate further. We might also find that a fund manager is involved in litigation or criminal activity, requiring a conversation with the individual as a starting point.
We also pay close attention to notable changes in a fund manager’s private life that seem out of character or raise eyebrows. If we see a fund manager get their pilot’s license and hunting license within a short period of time, or discover that they are involved in a number of real estate transactions, we—and our clients—need to ask why this behavior is changing and consider what it could mean for their investments. There may be a reasonable explanation, but it's important that investors can have an open dialogue with their fund managers to mitigate any potential risk. The goal is to completely understand the fund manager's motivations and risk appetite, and be made aware of anything happening in their lives that has investing implications.
How is today’s financial regulatory environment impacting risk management?
The impetus for a more comprehensive approach to risk management goes back to the Bernie Madoff investment scandal and beyond. To prevent another scandal of this magnitude, regulators introduced new registration and reporting requirements and ramped up examinations and enforcement activity. And, facing pressure from investors, the financial industry adopted a higher benchmark for transparency, increasing the number and scope of due diligence inquiries.
The regulatory environment is constantly evolving to protect investors and ensure they are armed with the necessary information to make informed investment decisions. In the wake of recent scandals and market fluctuation, investors have expanded their definition of what constitutes risk, now viewing all business decisions through a risk management lens. Investors want to know that fund managers are fulfilling their due diligence obligations and doing everything possible to safeguard their assets; the bare minimum is no longer enough.
Additionally, institutional investors may be held accountable for wrongdoing at their portfolio companies, a relatively new area of enforcement stemming from Dodd-Frank and increased AML and BSA scrutiny. Investors also inherit the existing liability of an acquisition target when they complete the transaction. This added pressure gives them even more reason to closely monitor their investments and the people who manage them.
That's where eConnaissance and continuous monitoring comes in. Real-time updates are the new standard for risk management. In today's regulatory environment, investors can't afford to wait months to uncover fraud, or worse, miss it all together.
Timothy Mohr is the National Financial Services Advisory leader with more than 25 years of experience in financial institution fraud, investigations, investigative due diligence and compliance. He is a Certified Fraud Examiner and a licensed private investigator. Tim leads a range of strategic business advisory, operational and event response offerings for alternative asset management firms, banks and other financial services organizations. Tim provides domestic and international business intelligence services to financial institutions, private equity firms, hedge funds, fund of funds, endowments, public and private pensions, sovereign wealth funds and family offices. He also performs enhanced due diligence and KYC investigations for clients across industries. He can be reached at firstname.lastname@example.org.