Due diligence and COVID-19 – views
from the industry
Due diligence and COVID-19 – views from the industry
A sector disrupted on multiple fronts
COVID-19 has sparked far-reaching disruption across financial services on multiple fronts. Financial institutions have had to review and recalibrate major priorities as a matter of urgency. Some of the most pressing include activating business continuity plans (BCP), managing balance sheet challenges, optimising operating procedures and staffing models, and managing digital distribution channels while protecting staff and customers. At the same time, lockdowns and safe distancing measures have spurred large-scale adoption of various digital platforms, giving rise to new cybersecurity risks that need to be assessed and addressed.
Catalysing industry-wide transformation
COVID-19 has also catalysed certain industry-wide developments already afoot prior to the pandemic. For example, virtual conferencing facilities and remote access options to market terminals were rolled out frictionlessly over the course of just a few days, when they would typically take years to implement under business-as-usual conditions.
A new chapter in the network management playbook
In Securities Services, the conduct of physical or onsite due diligence has long been an essential part of how custodians select their agent banks. With COVID-19 curtailing global travel, borders closing, nations going into lockdown and safe distancing measures being enforced, the industry’s due diligence processes have been fundamentally impacted.
While there has been a gradual easing of lockdowns globally, many countries are re-imposing restrictions as they encounter new waves of infections. In the meantime, working from home continues as the ‘new norm’ in many markets.
But how long will this go on for? And how should industry players respond?
The end is not in sight
On 1 August 2020 – six months after declaring COVID-19 a public health emergency of international concern – the World Health Organisation (WHO) warned that the pandemic is likely to be ‘lengthy’, its global spread accelerating, and that its effects will be felt for decades to come.1
Bearing this in mind, network managers and agent banks need to recognise that waiting out the pandemic before resuming due diligence is simply not an option. Their traditional operating model requires an urgent overhaul, and this could well represent a new chapter in the network management playbook.
1 Coronavirus pandemic will be ‘lengthy’, World Health Organisation warns – The Independent, 2 August 2020
Are you planning to perform virtual due diligence or virtual tours within the next 6 months?
Due diligence in the virtual space
Still early days
The industry is, understandably, still on a learning curve when it comes to virtual due diligence. “Through virtualisation, we can obtain a lot of valuable data and information. The question is whether the service providers are allowed to, capable of or willing to offer it. This is where the current discussion is focused,” says Beatriz Molina, head of global network management at BNY Mellon.
“Through virtualisation, we can obtain a lot of valuable data and information. The question is whether the service providers are allowed to, capable of or willing to offer it. This is where the current discussion is focused.”
Beatriz Molina
Head of Global Network Management at BNY Mellon
Having said that, however, regulators appear to be sympathetic to the challenges facing banks and brokers. “Some regulators understand that the current circumstances do not allow for on-site due diligence. They expect organisations to apply additional risk mitigants and to reinstate on-site visits once possible,” Molina noted.
Discussions are underway
Network managers are reconciling themselves to the fact that on-site due diligence visits will need to be virtualised for the time being.
“From an on-site visit perspective, we are still working with providers to determine the best course of action, including considering virtual tours. Some providers have indicated that they are producing or have produced standard virtual tours which would be available to all clients, with bespoke reviews available if required. We are working with internal stakeholders to compare these offerings with our normal on-site agenda to identify any challenges,” says a network manager at a European global custodian.
The viability and value of virtual – some considerations
Virtual vault tours – harmful or helpful?
Physical vault tours – although an irregular feature of modern-day due diligence since most markets having dematerialised physical securities – are an optimal candidate for virtualisation, especially if adherence to the 1m-2m social distancing measures cannot be observed.
In the few countries where securities are still held physically, Bogart Miheaye, head of sub-custody network management, W-EMEA and the Americas at BNP Paribas Securities Services. believes that the Association for Financial Markets in Europe (AFME) needs to come up with a framework clarifying how network managers can be given virtual access to the vaults. This could pose a major dilemma for agent banks though. By giving network managers virtual access to their vaults, there is a risk that highly sensitive security protocols could be revealed – whether inadvertently or deliberately – rendering the vaults potentially vulnerable to theft by sophisticated criminal groups.
Virtual tours of agent banks – when would it make the most sense?
Virtual tours of agent banks – at least in the immediate or near term – may be of limited value when most people are working from home.
Stephen Hart, director, network management at Standard Chartered is of the view that while some agent banks have given network managers operational tours via live video feeds, this may not be of much tangible benefit especially when so few people are actually working from the office.
However, the benefits of and necessity for virtual due diligence will need to be regularly reassessed, if challenges regarding on-site visits continue into next year’s due diligence cycle.
This is particularly so if network managers face growing pressure to travel less frequently due to budgetary constraints and/or corporate commitments to reduce travel carbon footprints as part of the increasingly important environment, social, governance (ESG) agenda.
“If we can determine that a virtual due diligence offers us a similar value and insight to an on-site visit, we believe that we will continue to use them post-COVID-19, especially for locations where a visit might otherwise be challenging or lower priority,” says the network manager of a European global custodian.
The industry has stood resilient, but change is still on the cards
The industry has, for the most part, demonstrated great resilience, fortitude and agility in their responses to the pandemic. Network managers have maintained constant and regular dialogue with their agent banks and local market infrastructures, and most agent banks have responded to the crisis promptly.
We responded quickly, deploying tools to connect virtually with clients. During ordinary times, such changes would typically take longer to execute but COVID-19 has accelerated the adoption of new ways of doing things. Standard Chartered is a progressive institution and staff across all markets have had the option to adopt flexible working arrangements for some time. This helped us implement our business continuity arrangements.
Michelle Swanepoel
Regional Head of Securities Services, Africa
Standard Chartered
“Agent banks have not fallen over despite the volatility and the huge numbers of people now working from home. We have not received reports of increases in settlement failures or of corporate events being left unprocessed, for example. In fact, operational activities across our network have remained largely stable throughout this crisis,” says Hart.
Nevertheless, the post-pandemic new normal is likely to be different than before, and the due diligence process will continue to evolve over the medium to longer-term.
Many factors driving ongoing transformation
New ways of working bring new risks
During the early stages of the pandemic, the questions that agent banks received from network manager clients tended to focus on the logistical aspects of BCP and off-site remote working arrangements. Subsequently, the focus has shifted towards the risk implications of these new ways of working which have emerged as a result of the pandemic.
Disaster recovery and BCP – new aspects come into focus
“We have been able to continue with our remote due diligence reviews as normal with the support of our providers. We have changed the focus of the business continuity and disaster recovery questions to better focus on the new style of working. Previously, these had been designed to understand aspects such as the use of back-up locations, whereas we now have a greater focus on working from home and the impact on processes, controls and technology,” explains the network manager.
The risks of working from home
“Working from home creates a variety of new risks around control, and this needs to be integrated into the due diligence questionnaire,” observes Miheaye.
The focus has shifted towards the risk implications of these new ways of working which have emerged as a result of the pandemic.
Capturing industry-wide concerns in the AFME questionnaire
These new industry-wide concerns will need to be reflected in the due diligence questionnaire developed by AFME, a standardised tool often used by network managers when conducting their service provider risk assessments. Industry players have since prevailed upon AFME to incorporate into its questionnaire a standardised set of BCP questions designed to elicit detailed responses that will adequately address their new risk concerns.
Resiliency remains high on regulators’ radars
Resiliency has been a topic that regulators are keen to review. Mark Jolly, executive director, Conduct Advisory, Group Regulatory Affairs at Standard Chartered stresses global regulators have been questioning banks about their pandemic-preparedness, covering criteria such as operational continuity, client protection and cybersecurity.
Keeping communications compliant
As the methods of communication between agent bank providers and their clients evolve, regulatory experts highlight that so too must internal compliance regimes.
According to Jolly, many employees working in regulated roles will typically be obliged to have their telephone conversations recorded for compliance purposes. With online platforms such as Zoom and Blue Jeans becoming increasingly widespread, Jolly says banks need to ensure that proper record-keeping is maintained. This can be facilitated by recording virtual conversations, although Jolly observes there may be technology constraints that require alternative solutions to be considered.
In certain instances, virtual communications fall foul of internal compliance rules. “Some sub-custodians are not allowed to use virtual communication channels for some specific purposes, or are using channels we cannot accept,” says Molina.
i. What do you regard as the most important change to be made to the AFME DDQ?
- Greater focus on BCP/disaster recovery
- Greater focus on controls in remote working environment
- Greater focus on cybersecurity
ii. What do you regard as the next most important change to be made to the AFME DDQ?
- Greater focus on BCP/disaster recovery
- Greater focus on controls in remote working environment
- Greater focus on cybersecurity
COVID-19 has also rendered in-person communications challenging, as more governments and institutions make it mandatory for staff to wear masks or protective facial coverings in the office. “It is not always easy to communicate with a person talking behind a mask, across a screen,” noted Molina.
The post-pandemic outlook for due diligence processes
Will on-site visits be a thing of the past?
Swanepoel believes that the number of on-site visits is likely to decline post-pandemic.
“Even before COVID-19, we noticed network managers were making fewer visits to some of our smaller, lower volume markets than what they were three to five years ago. There are several reasons for this. The first is cost. Secondly, a number of market infrastructures – especially in Africa – have evolved by becoming increasingly automated and by enhancing their risk management, most notably around asset safety, meaning network managers are more comfortable with local practices, so there are fewer reasons to visit. Instead of conducting on-site visits every year, I expect some network managers will visit every three years now,” she explains.
The idea that network managers will travel less post-pandemic is a contentious one, especially given the regulatory liabilities faced by global custodians and brokers.
“I do not believe travel will decline post-COVID-19. BNP Paribas Securities Services provides clients with depositary services, which means we are subject to UCITS V and AIFMD (Alternative Investment Fund Managers Directive). The liability costs of failing to look after client assets are huge relative to the costs of travel. If an agent bank failed, the depositary could potentially have to recompense all of the monies lost. As a result, we will continue to travel and visit banks on-site to ensure clients’ assets are protected,” contends Miheaye.
Doing more with less requires lateral thinking
If travel is cut back and oversights then emerge in the midst of these virtual due diligences, network managers may need to think more laterally about how they perform their role moving forward.
Madeleine Senior, Managing Director and Head of Securities Services Financial Markets for Europe and the UK at Standard Chartered, believes one way to tackle this would be for network managers to appoint outside consultants or domestic auditors to supplement their remote due diligences and ongoing provider reviews.
Although on-site visits may become more infrequent, there is general consensus among network managers that they are unlikely to disappear altogether especially when they are considering entering new markets or undertaking RFPs, as they believe on-site visits could occasionally yield vital insights that would not be available on a virtual due diligence.
i. Do you anticipate you will travel for work as frequently post-pandemic as you did before?
ii. If you answered “No” or ‘Unsure” to the previous question, what would be the top reason for your answer?
- Public health concerns
- Cost considerations
- Less necessity to travel as comfortable with virtual due diligence
iii. What would be the second reason for your answer?
- Public health concerns
- Cost considerations
- Less necessity to travel as comfortable with virtual due diligence
Are you open to the idea of engaging external consultants to supplement your due diligence if you are unable to visit a market?
Re-evaluating local market providers
Although a handful of network managers have delayed RFPs because of COVID-19, Senior points out that the pandemic and subsequent market volatility has exposed glaring weaknesses at some providers, particularly in emerging and frontier economies. This, says Senior, is prompting a number of network managers to prioritise reviewing alternative agent banks in these markets. “Some providers have come out of this crisis better than others. As certain frontier markets face credit downgrades, clients want confirmation that their sub-custodian banks are in sound financial health. Large international providers with gold plated credit ratings, such as Standard Chartered, deliver a consistent commitment and service across all markets, which is why we continue to invest heavily into innovative API development, technology and innovation.”
A test of commitment
In addition to clients increasingly consolidating agent bank relationships, Senior believes the crisis could test the commitment of certain providers in some markets. “Over recent years, we have seen a number of major banks exit large markets in Europe and elsewhere. Standard Chartered is 100% committed to its emerging and frontier markets,” she says, adding that “it is clear some providers have spread themselves too thinly globally, and they may use the crisis as a reason to pull out of certain markets which they view as not being strategically important." Moving forward, network managers would do well to get clarification from agent banks if they intend to exit key markets.
Harnessing the power of technology and innovation
If anything emerges from this crisis, it is that the power of technology and innovation should not be underestimated, as many banks have learnt.
Data more important than ever
Senior says Standard Chartered is working tirelessly to ensure clients net the benefits of STP (straight through processing) and have access to accurate data. “Data has never been more important to our clients, which is why we are increasing our investments into API development. The crisis has been a catalyst for digital change as organisations are looking to reduce manual communications and transactions,” she says.
Going from paper to digital requires structural reforms
With physical interactions on pause, a number of emerging markets – which have traditionally been entirely reliant on paper-based processing – have been forced to implement structural reforms.
“Markets such as Nigeria and Botswana transitioned from paper-based trading and processing very quickly. A number of CSDs (central securities depositories) which used terminal connections had to put in place systems to ensure people could access their terminals from home,” says Swanepoel.
Improvements are visible elsewhere. Although CSDs in some emerging markets – including Nigeria, Kenya and Botswana – were in the process of gradually adopting SWIFT connectivity, Swanepoel anticipates that COVID-19 will accelerate the trend towards automation even further. Moreover, proxy voting and AGMs are also increasingly being conducted online, although experts caution countries against regressing once the situation stabilises. “I hope markets do not revert to the old manual ways of doing business post-COVID-19, and this is something we will lobby against,” adds Swanepoel.
How do you see due diligence practices changing as we emerge from the pandemic?
- A hybrid due diligence model comprising virtual and physical tours
- Virtual only tours
- Business as usual (pre-pandemic norm)
- Combination of the above, depending on the market
An opportune moment for radical change
Few industries have been left unscathed by COVID-19. The entire business model of network management needs to be reviewed, especially as wider macro challenges will cause budgets to be badly squeezed.
Hybrid due diligence
A hybrid structure of due diligence will likely emerge in the long-term with network managers visiting their agent banks for only essential reasons, with the remainder of business being conducted digitally.
Blank canvas, but maintain standards
Agent banks will need to adapt and ensure that their engagement with clients during virtual due diligence is of a comparable or even higher standard than that of a physical visit
Reasons to be optimistic
In fact, some network managers believe the changes will be positive. “If we successfully implement this virtual process, there is a high likelihood that organisations will continue using it. The virtual process requires easier planning and it is more flexible in some areas. It also allows for a larger number of participants. However, this does not mean that virtual replaces on site. I think both models can coexist and be complementary to each other. Virtual might not be possible in all jurisdictions, nor through all providers and it might not cover all needs or be the most suitable tool. Enlarging the scope of virtual due diligence can allow the onsite process to be focused on more defined aspects or expanded across other aspects of market due diligence,” says Molina.
The crisis has given the securities industry a blank canvas to work with, and this rare opportunity for market participants to implement wholesale, radical reform is something that ought not be missed.
COVID-19 accelerates urgent review of due diligence practices
COVID-19 accelerates urgent review of due diligence practices
At the start of 2020, the notion that a due diligence on an agent bank or a market review could be performed remotely by network managers would have been met with incredulity. However, irreversible changes are sweeping through the global custody industry as COVID-19 continues to accelerate a wholesale transformation of market best practices and attitudes.
Margaret Harwood-Jones, co-head of financing and securities services at Standard Chartered, participated on a panel at the inaugural Virtual Summer Meeting of The Network Forum, exploring the tectonic shifts in the custody world that have been precipitated by the pandemic, and its implications for network managers. Here, we share some of the key observations and issues that were surfaced.
Pandemic exposes gaps that need to be addressed in AFME DDQ 2.0
Before the COVID-19 pandemic held the world in its grip, most network managers and agent banks were in broad consensus that the due diligence questionnaire (DDQ) devised by the Association for Financial Markets in Europe (AFME) was in a healthy shape1.
Despite the initial protests from agent banks about network managers adding dozens of supplementary questions into the DDQ, the industry collaborated and many of these additional information requests have since been incorporated into the main document.
At the start of 2020, few market participants would have anticipated that the DDQ would require any further substantial change. Fast-forward to 3Q2020, and that view is looking very much out of sync with reality.
Business continuity planning revisited
While the AFME DDQ had factored in the risk of short-term disruption at a single supplier at a local market level, nobody involved in the drafting of the template could have foreseen the possibility of a global crisis on the scale of COVID-19, let alone its impact on operations.
As such, sections of the AFME DDQ covering business continuity planning (BCP) will require a thorough review and overhaul, as network managers increasingly demand comprehensive answers on whether their agent banks and local market infrastructures have the capability to facilitate remote working and capacity to accommodate surges in transaction volumes.
Other network managers sought assurance, especially at the start of the pandemic, that their agent banks would be able to provide timely service and market information, especially in instances where Internet and electricity bandwidth are constrained.
Are outsourced services essential services?
Outsourcing could be one area of scrutiny in the revised DDQ. Some financial institutions with outsourced operations or centres of excellence in emerging markets found that these services were not automatically treated as “essential services” during lockdown by the authorities, owing to the fact they did not have banking licenses in those countries. “Some of the affected banks carrying out processing activities in several emerging markets were caught out and were instructed to close temporarily,” noted Harwood-Jones. These stress points will need to be referenced in future drafts of the DDQ.
1 Global Custodian (May 15, 2019) AFME’s DDQ appears to have resonated with the industry as alterations lesson
Finding common standards for communications
The transition to remote due diligences has exposed some short-term problems. Many banks and regulators do not have joined-up policies on virtual communication platforms, and the industry is currently using a patchwork of different video conferencing apps. For example, Zoom – a popular cloud-based enterprise video conferencing platform – has been banned or restricted in a number of countries due to cybersecurity concerns2.
This is not just a concern for governments but also banks like Standard Chartered3 and a host of organisations, companies and schools4. The establishment of acceptable common standards and principles around video conferencing technology needs to be enacted and soon, if the industry is to operate more efficiently in this remote environment.
Closing loopholes to eliminate regulatory arbitrage
In some markets, due diligence practices need to take into account the local sensitivities around data privacy and data protection. According to Harwood-Jones, “The regulations in some of the markets in our network have very strict data sharing rules. For instance, it is prohibited in particular markets – such as Korea – to share certain restricted information outside of the bank’s physical premises. In other words, agent banks are not allowed to share their screens via apps such as Blue Jeans.”
In a few exceptional cases, a handful of banks have warned that video conferencing calls with counterparties’ staff in their places of residence – as opposed to in the office – could be a potential privacy infringement.
To support new ways of working and due diligence in remote environments, it is vital that loopholes in regulations be recognised, addressed and closed to prevent regulatory arbitrage around data regulations.
The regulations in some of the markets in our network have very strict data sharing rules. For instance, it is prohibited in particular markets – such as Korea – to share certain restricted information outside of the bank’s physical premises. In other words, agent banks are not allowed to share their screens via apps such as Blue Jeans.
Margaret Harwood-Jones
Global Head of Securities Services, Standard Chartered
As virtual due diligence is a fairly recent development, the advantages and disadvantages are yet to be fully understood by the industry. However, as Harwood-Jones pointed out, the growing adoption of video communications – subject to implementation of acceptable common standards and principles on use of such platforms – could result in the rise of virtual due diligences and periodic reviews.
Even as lockdowns lift, some restrictions on international business travel may remain due to concerns over a resurgence of the virus or cost-containment measures. These could also contribute to increased demand for virtual due diligence.
New operating models needed
If there is a sustained growth in demand for virtual due diligence from network managers such that what was an exception to the norm becomes mainstream, agent banks will need to review their own operations and resourcing to accommodate the new requirements.
Can due diligence go fully virtual?
It remains to be seen, however, whether virtual due diligences will supersede on-site due diligence in the longer term. Some network managers are of the view that there is simply no substitute for being able to figuratively ‘kick the tyres’ that an on-site due diligence permits.
Until the industry is fully persuaded that a virtual due diligence can yield the same – if not better – results, there will still be demand for elements of physical due diligence to continue in some shape or form and to the extent permitted by the pandemic.
What lies ahead for network managers
COVID-19 has redrawn a number of the established boundaries and sped up the pace of change immeasurably. As new risks – such as cyber-crime – become more widespread, and different asset classes – including digital assets and central bank digital currencies – generate interest from investors, network managers will need to adapt and retrain if necessary.
While some network managers are hoping for normal business practices to resume, the industry will be a very different one in 12-24 months’ time. In order to remain relevant, network managers need to understand where the industry is heading and to keep pace with industry developments, nurturing the mindset and skill sets to take them into a new post-pandemic future.
COVID-19 and the changing role of the network manager
COVID-19 and the changing role of the network manager
COVID-19 has prompted an existential paradigm shift in the world of network management, the impact of which will be felt for many years to come. An integral part of a network manager’s role is the conduct of due diligence on their agent banks, and it is one aspect of their work most significantly disrupted by the pandemic. Speaking at The Network Forum’s inaugural Virtual Summer Meeting, Rainer Kasch, global head of network management at Standard Chartered, shared his insights on some of these changes.
Service provider monitoring takes a digital turn
From the initial selection to the ongoing risk-monitoring of their agent bank, due diligence is typically conducted on-site across their agent bank’s sub-custody network. With travel strictly restricted and certain markets struggling to contain the spread of COVID-19, due diligence have had to adopt remote processes. Out of this crisis, however, Kasch see new innovative practices emerging and completely different ways of operating.
Operational oversight, risk and due diligence in the new environment
The ongoing monitoring of agent banks and market infrastructures is a labour-intensive and resource-heavy undertaking, often dependent on manual processes. The time between receiving and analysing information is a significant risk for network managers to deal with, especially when markets are as volatile as they have been. That so many banks and brokers seldom have agile technology systems to facilitate ongoing risk assessments means they are frequently saddled with high operating costs at a time when revenues are shrinking. COVID-19 has highlighted the limitations of such practices and is forcing network teams to identify new, digital ways of fulfilling their ‘oversight’ responsibilities.
“Moving forward, network managers need to adopt near real-time risk data and analytics covering criteria such as credit risk, financial crime and cyber-risk in a structured format, preferably via a dashboard. Furthermore, clients will also increasingly demand real-time reporting of service level agreement (SLA) performance metrics,” Kasch highlighted.
This will require wholesale investment by both the vendors and the clients into new technologies which can process this information accurately and quickly. However, cost considerations could be an impediment, preventing investment into new technology.
Is a utility the way forward?
It is in light of this, Kasch explained, that some market participants are arguing for the establishment of a mutualised utility, operated by an experienced industry leader such as SWIFT or the DTCC (Depository Trust & Clearing Corporation). The utility could receive risk information supplied by agent banks and vendors and make it readily available to network managers through APIs. In theory, this could help all participants in the custody chain manage the costs of continuous monitoring.
While the principles behind such a utility are noble, Kasch is realistic about the practical challenges that need to be addressed for this to be considered a success, including issues such as who is liable for data accuracy and consistent data definitions.
For a start, the establishment of a common utility would take a number of years to complete, effectively leaving network managers reliant on their current manual processes during the interim.
Additionally, the establishment of a common utility would take a number of years to complete, effectively leaving network managers reliant on their current manual processes during the interim.
Concerns over confidentiality
There were other flaws in the proposed initiative, as Kasch pointed out.
“Some agent banks will object to the idea of sharing sensitive information to a mutualised utility because of internal confidentiality concerns.”
Heightened risk of cyber-attacks
Kasch further highlighted that a single entity holding so much of the industry’s proprietary data would greatly increase the risk of targeted cyber-attacks.
Additional responsibility and workload
Although such a utility could help agent banks standardise the data they share with each of their network manager clients, Kasch cautioned that banks and brokers would need to conduct rigorous health checks on the data to ensure that it is factually correct, especially if they are liable for the accuracy of data.
While the pandemic has put a pause on on-site due diligence, network managers believe that the higher level of accountability imposed on custodians under the Undertakings for the Collective Investment in Transferable Securities (UCITS) and AIFMD (Alternative Investment Fund Managers Directive) will prompt their return as soon as conditions permit.
Having said that, custodians who had been doing their job correctly pre-pandemic should have no concerns. However, the UCITS and AIFMD imposes ‘strict liability’ on custodians and requires them to make good their clients’ losses should the client assets be lost. Thus, it is understandable why custodians may not have the same comfort level with remote due diligence, and have on-going concerns about asset segregation and safety.
Kasch explained that as fiduciaries, custodians need to verify the truth of the information provided by their agent banks in RFP questionnaires, and this verification is most effective and reliable when conducted on-site.
For network managers, the regulatory, financial and reputational implications of making a bad provider selection decision are simply too great. It is, however, a risk that can be minimised through on-site visits.
Relationship management and resolving problems – better IRL (in real life)
According to Kasch, on-site visits remain a fundamental prerequisite for sound relationship management, allowing network teams to resolve local problems and learn more about the markets to which they are exposed, information which can ultimately be relayed to their clients and internal stakeholders. In these cases, network managers act as product managers for markets providing insights to market practice to colleagues and to clients.
What you see may not be what you get
Many network managers believe remote due diligence are a poor substitute for the real thing because, as Kasch pointed out, agent banks could ‘sanitise’ what network managers see on a virtual due diligence. He also noted that connectivity may not always be up to scratch, especially in markets where the telecommunications or power infrastructure is less stable.
Immutable asset inventory – a possible solution?
The development of an immutable record of asset inventory could reduce the need for network managers to visit local markets when validating providers’ asset safekeeping arrangements. Kasch believes that such a technological innovation would be the strongest driver for the removal of on-site due diligence visits.
Change yields new risks that require new ways of working
Being a network manager is not for the rigid, or the faint of heart. Network management is a fluid profession, requiring practitioners to constantly adapt and flex according to the underlying risks they encounter. At the same time, there are limits to what network managers can accomplish, especially when the challenges are quite bespoke and require specialist knowledge.
Cross-functional collaboration with experts
Cyber security is a key area requiring network managers to collaborate with specialists in the field. The proliferation of digital solutions and their widespread adoption sparked by COVID-19 offers cyber criminals a larger surface area for attack than before. Kasch stressed that new threats like these need to be monitored by technical experts, along with other specialised risks that may be introduced by the use of digital assets and disruptive technologies such as APIs.
Network managers would do well to focus on their core strengths of managing their service providers, from sourcing, selection and oversight to the eventual exit as the situation requires. They need to be mindful of their limitations and call upon technical and other experts when needed. As the industry becomes increasingly digitalised and complex, the collaboration between network managers and technical experts will be increasingly important part of the continuing service provider reviews and due diligence processes.
<br>Can due diligence go fully virtual? A perspective from Africa
Can due diligence go fully virtual? A perspective from Africa
Benjamin Franklin has often been quoted as saying “…but in this world nothing can be said to be certain, except death and taxes”. And in the year 2020, with the world being so uncertain, this statement certainly rings true.
In the post-trade environment, with the COVID-19 related global travel restrictions putting a halt to physical visits to agent banks, it would have been reasonable to expect due diligence schedules to be pushed out, RFPs to be put on the back burner and for there to be a general slowdown in provider assessments.
However, what we experienced in Africa was quite the reverse. As Michelle Swanepeol, head of securities services, Africa observed, “As the popular saying goes, ‘the show must go on’…and the show did indeed go on, as we witnessed an unwavering resilience in the overall delivery of agent bank due diligence.” Here, she shares some of her perspectives on the ground.
In the Africa region, there has been a quick and successful transition to virtual due diligence in place of on-site agent bank monitoring. This is the case not just for the annual due diligence undertaken as part of the requisite standard agent bank monitoring processes, but also for due diligence ‘visits’ as part of an RFP exercise.
Tech today, tech tomorrow
COVID-19 has made us all become more tech-savvy, or at least, more comfortable using a wider array of digital platforms and tools in the course of our day-to-day work. Although the widespread adoption of digital communication tools was initially met with some scepticism, they are now considered par for the course, and have become a significant and effective part of how we engage at a provider-client level.
Is virtual due diligence here to stay?
It appears highly likely that virtual due diligence will become a permanent feature of provider monitoring in Africa. Upon reflection, the shifts towards more virtual agent bank monitoring has been taking place over the last two years in this region, even before the pandemic. There are a few reasons for this shift:
A global reduction of travel expenditure budgets and a heightened awareness of individual and firm-wide carbon footprints.
We have seen a good 50 per cent shift away from on-site visits to conference calls and virtual due diligence over the last while, particularly for Africa where specific markets represent modest volumes which can hardly justify the high costs and environmental impact of long-distance travel.
Markets across the region have matured, giving rise to a greater comfort level with virtual due diligence.
The region has evolved, and while we still have a significant market advocacy agenda, the content has shifted and matured, compared to a decade ago when there was still significant discomfort with certain market practices, regulations and approaches, which necessitated more regular face-to-face lobbying to present offshore investors’ requirements and to share global best practice.
More investor intermediaries are utilising the services of third-party agent bank monitoring service providers, which has reduced the number of onsite visits.
Death knell for on-site due diligence?
While we have seen this shift to virtual due diligence working well, we don’t expect that on-site due diligence can be done away with completely. What we do anticipate, however, is a more permanent, circumspect approach as to whether and when it would be essential to pay a physical visit to the agent bank. Most notably, our experience in Africa this year has demonstrated that the inability to physically visit certain markets does not necessarily hinder even an RFP process.
Virtual meetings – proceed with caution for open and robust engagement
Caution is needed as we increasingly engage with each other in the virtual arena.
Physical engagement is more conducive to off-the-record discussions that can assist in preparing network managers for likely outcomes, particularly for market developments that may not yet be official. In virtual engagements it is difficult to ‘read the room’, which is a vital element of communication as so much is conveyed via body language and other non-verbal cues.
It is therefore incumbent upon the service provider to create an environment that is still conducive to open and robust communication. This can be achieved by ensuring that only the required speakers attend a virtual meeting.
Just because your virtual engagement tool allows up to 150 people to attend a meeting, doesn’t mean that this capacity should be used up!
Participants also need to feel ‘safe’. It should be made clear to all meeting participants – be they market infrastructures, regulators or client participants – that the engagement is confidential, that it should not be recorded and that it is a ‘closed’ audience. It is also good practice to highlight that the moderator has locked attendance as you get going with your engagement in order to manage the risk of uninvited participants. This is another way to effectively manage the risk of uninvited participants.
Cyber security and data protection are new areas of focus
While the possibility of a pandemic has always been on the radar, the questions pertaining to pandemic preparedness in due diligence questionnaires have largely focused on physical preparedness, such as how agent banks are set up to operate effectively from locations other than their primary or usual offices.
Since the pandemic became a reality and surfaced the myriad risks of operating during a global health crisis, the question about pandemic preparedness can no longer be answered with a simple:
“In the unlikely event of a pandemic, the bank has processes and procedures in place to continue operating as normal.”
Clients are now requiring detailed and granular answers addressing cyber security and data protection. This is hardly surprising, as the surface area for a potential cyber-attack and data leakage has significantly increased with the proliferation of digital platforms now being used and most of the workforce now working from home.
Could virtual due diligence be made as effective as on-site ones?
Assuming that cybersecurity and data protection concerns are satisfactorily addressed at the enterprise level across the industry, we anticipate that virtual due diligence will remain a viable and popular option even after the pandemic is over.
How then may we ensure that virtual due diligence is able to deliver outcomes as good as – or even better than – due diligence carried out on-site?
Based on our experience and observations, here are some areas where we are already doing well, and areas where there is room for further development. This is by no means an exhaustive list, and it would be worthwhile to take stock periodically and make the necessary adaptations to be prepared for a future where virtual due diligence is an acceptable norm rather than the exception.
- Although different organisations have their preferred virtual communication tools (such as Blue Jeans, Microsoft Teams and so forth), they are generally not precluded from participating in virtual engagements with other organisations using different tools.
- Agent banks are generally able to take clients on virtual walk-throughs of operations floor space as well as deliver live system demos.
- Virtual engagement allows for wider participation globally from both the agent bank and the client and is not limited to the people on the ground in the market under review. This is particularly important for a progressive global and networked business, as global support teams and senior stakeholders can be virtually present whenever required.
- The ability to have a separate virtual break-out rooms for meeting participants minimises disruption should certain discussions or items on the meeting agenda extend beyond the allotted time.
- Depending on the application used and if agreeable with the client, the entire virtual due diligence visit or RFP can be recorded and used as a training tool, which will lead to improvements in future virtual due diligence processes and enhanced client experience and servicing.
- The agent bank being assessed needs to use bank-approved platforms to facilitate virtual client engagement and sharing of presentation content. In all virtual engagements, parties need to observe their own internal compliance policies, and these are usually not 100% aligned across different organisations.
-
Regulators may be reluctant to disclose over a digital platform information that is considered ‘sensitive’.
-
Existing network and bandwidth challenges across several African markets are compounded by heavy demand on network providers’ infrastructure, especially where the majority of staff work from home.
-
In paper-based environments, physical demonstrations of vault facilities are still relevant and required, but security protocols generally prohibit the live streaming of vault walk-throughs.
