Life Cycle Guidance for Service Provider Due Diligence

Engaging third-party service providers to perform key functions can offer an investment adviser access to state-of-the-art technology and solutions necessary to compete in today’s environment. Before entering into service provider relationships, advisers need to understand that while the function may be outsourced, the responsibility for the function still rests with the adviser.

Firms engaging service providers need to adopt a due diligence program to evaluate the effectiveness of service providers. At the recent Ascendant Compliance Solutions Strategies 2019 Spring Conference, Jake Fechter of Buckingham Asset Management and Allison Fraser of CSS offered guidance on building a due diligence program. In their session, they offered the following life cycle of the due diligence process:

  • Identify your service providers – Firms should evaluate who their current service providers are. Reviewing the firm’s disbursements can identify potential service providers
  • Assess the risks to the business – For each service provider, identify what services are being performed and the risks presented. For example, consider whether the service provider has personally identifiable information about your clients and how it is protected.
  • Define contract terms – In contracts, specifically identify the services to be performed, including a service level agreement identifying expected deliverables and service times.
  • Conduct monitoring and oversight – Maintaining an effective relationship with your service provider and putting oversight activities in place will enable an adviser to ensure that contracted services are delivered. “Trust but verify.”
  • Recordkeeping – As Allison said during the session, “document, document, document.” Maintaining records related to due diligence is critical to demonstrating that due diligence took place.

Ascendant, CSS’ compliance consulting team, provides all services necessary to meet compliance obligations, including due diligence reviews. For more information, click here


Subscribe to CSS Blog

CSS frequently publishes blog posts which are written by our team from their observations in the field, at conferences and through experiences with compliance professionals. These posts are designed to further knowledge and share industry best practices. Topics run the gamut, including Form ADV, cybersecurity, MiFID II, position limit monitoring, technology challenges and more. Complete and submit the brief form below to receive notifications when we publish new content.

Loading form...

Latest Content

Introduction to SFTR ‘Cheat Sheet’

SFTR is designed to enhance transparency of Securities Finance Transactions (SFTs) for all financial and non-financial EU entities and, branches of non-EU entities. The reporting obligation begins 11 April 2020 for investment firms, followed by a nine-month phased approach for other firms. Need a quick introduction to the key details of the regulation? Download our … Continued

Even When SEC Rulemaking Slows, Your Compliance Manual Shouldn’t Stagnate

Maintaining tailored policies and procedures is a critical component of an adviser’s internal controls. Time and time again, we’ve heard regulators admonish the industry that off-the-shelf compliance manuals just don’t cut it. In today’s ever-shifting regulatory environment, does your compliance manual need a reboot? Although there has not been any significant rule making over the … Continued