Life Cycle Guidance for Service Provider Due Diligence

Engaging third-party service providers to perform key functions can offer an investment adviser access to state-of-the-art technology and solutions necessary to compete in today’s environment. Before entering into service provider relationships, advisers need to understand that while the function may be outsourced, the responsibility for the function still rests with the adviser.

Firms engaging service providers need to adopt a due diligence program to evaluate the effectiveness of service providers. At the recent Ascendant Compliance Solutions Strategies 2019 Spring Conference, Jake Fechter of Buckingham Asset Management and Allison Fraser of CSS offered guidance on building a due diligence program. In their session, they offered the following life cycle of the due diligence process:

  • Identify your service providers – Firms should evaluate who their current service providers are. Reviewing the firm’s disbursements can identify potential service providers
  • Assess the risks to the business – For each service provider, identify what services are being performed and the risks presented. For example, consider whether the service provider has personally identifiable information about your clients and how it is protected.
  • Define contract terms – In contracts, specifically identify the services to be performed, including a service level agreement identifying expected deliverables and service times.
  • Conduct monitoring and oversight – Maintaining an effective relationship with your service provider and putting oversight activities in place will enable an adviser to ensure that contracted services are delivered. “Trust but verify.”
  • Recordkeeping – As Allison said during the session, “document, document, document.” Maintaining records related to due diligence is critical to demonstrating that due diligence took place.

Ascendant, CSS’ compliance consulting team, provides all services necessary to meet compliance obligations, including due diligence reviews. For more information, click here


Subscribe to CSS Blog

CSS frequently publishes blog posts which are written by our team from their observations in the field, at conferences and through experiences with compliance professionals. These posts are designed to further knowledge and share industry best practices. Topics run the gamut, including Form ADV, cybersecurity, MiFID II, position limit monitoring, technology challenges and more. Complete and submit the brief form below to receive notifications when we publish new content.

Latest Content

Breakdown of OCIE’s COVID-19 Compliance Risks Alert

The SEC’s “Office of Compliance Inspections and Examinations (“OCIE”) issued an Alert today regarding “Select COVID-19 Compliance Risks for Investment Advisers and Broker-Dealers.” OCIE shared observations regarding six broad categories: protection of investors’ assets; supervision of personnel; practices relating to fees, expenses, and financial transactions; investment fraud; business continuity; and the protection of investor and … Continued

Are Investment Managers Going to Have More KIDs?

Let us be clear…. we’re actually talking about the potential increase in production of point-of-investment disclosure documents for investment managers. The complications and stress of Brexit just got a whole lot more real for many UK- and EU-based investment management companies that are subject to rules requiring production of UCITS KIID (Key-Investor-Information-Document) and PRIIPs KID … Continued