Hedge Fund Audit Firms and Agreed Upon Procedures

Hedge Fund Due Diligence Firm Discusses “Agreed Upon Procedures”

We’ve published a number of thoughtful pieces on this blog from Chris Addy, president and CEO of Castle Hall Alternatives (see, for example, article on Hedge Fund Operational Issues and Failures).  Today we are publishing a piece by Chris which discusses hard to value hedge fund assets (so called Level III assets).  In certain situations hedge fund audit firms will be engaged to perform an “Agreed Upon Procedures” review of the pricing of these assets.  As discussed in the article below, agreed upon procedures engagements do not provide hedge fund investors with a great deal of comfort with regard to the pricing of these assets.  It is unclear whether in the future investors will push back with regard to such engagements and require more robust pricing audits.  The problem with more robust procedures, obviously, is increased cost (because of increased liability for the audit firms).

Managers who are engaging audit firms pursuant to agreed upon procedures should be aware that they may face tougher questions from investors going forward.

****

Agreed Upon Procedures

A number of our recent posts have focused on the challenges of the hedge fund administrator‘s role in relation to security valuation.  We will, of course, return to this topic – but, in the meantime, wanted to focus on some of the alternatives to administrator pricing.

One of the more common comments from today’s administrators is that, while an admin may be able to price Level I and Level II securities, they do not necessarily have information to price Level III instruments.  (To recap, the US accounting standard FAS 157 divides portfolios into three levels, being Level I, liquid instruments readily priced from a pricing feed (typically exchange traded); Level II, instruments priced using inputs from “comparable” securities (essentially mark to model, albeit with mainstream models); and Level III, everything else.)

This leaves investors with a challenge – if administrators cannot price Level III instruments, who can? Moreover, to repeat one of our frequent comments, it is self evident that if a hedge fund manager wishes to deliberately mismark securities, they would most likely misprice a Level III instrument.  It is, of course, very hard to fake the price of IBM common stock, but much easier to mismark emerging market private loans.

Two of the most common tools available to hedge fund managers looking for third party oversight over pricing for Level III instruments – assuming the administrator has washed their hands of the problem – are third party pricing agents and auditor agreed upon procedures, or “AUP”.  We will return to the strengths and weaknesses of third party pricing agents in a subsequent post, but wanted to focus this discussion on AUP.

In an Agreed Upon Procedures engagement, the auditor completes specific procedures which have been dictated by the client.  The procedures are specified and the auditor then prepares a report outlining the findings of that specific work.

We have two comments here: the first is to take a high level view as to the adequacy of these procedures, and the second is to dig a little more deeply into the actual audit guidance that covers this type of work.

Our first comment is, unfortunately, an Emporer Has No Clothes observation.  The significant majority of hedge fund AUP engagements we have seen require the auditor to test a fund’s pricing on a quarterly basis.  This usually involves (i) obtaining a portfolio list from the investment manager and (ii) testing the pricing support for those positions.

There are, however, generally two snags.  Firstly, many AUP only test a sample of prices, not the whole portfolio.  Sample testing clearly provides much less assurance than a price review of all positions: the administrator, for example, is usually expected to price the entire book (would any investor accept a NAV which has been priced on a “sample” basis???)

The bigger problem, however, is the type of testing completed by the auditor.  In way, way too many cases, the auditor tests security prices back to the manager’s own pricing support and makes no attempt to obtain independent pricing information.

This type of work is, clearly, somewhere between minimal and absolutely no value for investors.  If the auditor receives a spreadsheet from the manager showing the matrix of broker quotes received, how does the auditor know that the manager has not adjusted that spreadsheet to exclude quotes which were uncomfortably low?  Even more importantly, if all the auditor does is to check prices back to pieces of paper in the manager’s own pricing file, how does the auditor know that those pieces of paper are genuine?  As we have said before, and will keep on saying, it only costs $500 to buy a copy of Adobe Photoshop if you are of a mind to alter documentation.

When discussing this type of work, the manager typically notes that, if the auditor was to complete a full, independent pricing review, it would be too costly and too time consuming to be practical on a quarterly basis.  A full, GAAP audit review is, of course, performed at year end – this does include independent pricing (although – investor fyi – auditors will still only sample test many portfolios.)

While these are fair points, it remains the case that this type of AUP provides minimal protection against pricing fraud.  In the meantime, the manager gets the marketing benefit of being able to claim enhanced scrutiny and oversight from a Big 4 firm each quarter.

Which leads to our second point.  Why would an auditor accept to complete agreed upon procedures when any reasonable accountant would rapidly conclude that the typical scope of these AUP provide pretty much nil controls assurance?  Why does the auditor not insist that, if their name is to be associated to this work, then the procedures must be meaningful and sufficient to meet an actual control standard?

To this point, the actual audit standard applicable to AUP is available here.  The standard states:

An agreed-upon procedures engagement is one in which a practitioner is engaged by a client to issue a report of findings based on specific procedures performed on subject matter. The client engages the practitioner to assist specified parties in evaluating subject matter or an assertion as a result of a need or needs of the specified parties. Because the specified parties require that findings be independently derived, the services of a practitioner are obtained to perform procedures and report his or her findings. The specified parties and the practitioner agree upon the procedures to be performed by the practitioner that the specified parties believe are appropriate. Because the needs of the specified parties may vary widely, the nature, timing, and extent of the agreed upon procedures may vary as well; consequently, the specified parties assume responsibility for the sufficiency of the procedures since they best understand their own needs. In an engagement performed under this section, the practitioner does not perform an examination or a review, as discussed in section 101, and does not provide an opinion or negative assurance. Instead, the practitioner’s report on agreed-upon procedures should be in the form of procedures and findings.

In practice, this all gets horribly circular.  Per the standard, a client requests an auditor to complete AUP to assist “specified parties” to “evaluate subject matter or an assertion”.  In our case, the assertion would be “are hard to value securities valued correctly at quarter end.”

However, the specified party is usually the manager itself, making the client and specified party the same person.  The particular trick applied, in many cases, is for the auditor to seek to prevent the investor from actually seeing the AUP in the first place!  However, if the investor is to have access to the AUP, the auditor universally requires the investor to sign a Catch 22 document which requires the investor to acknowledge that the AUP are “sufficient for their needs”.  So, even if the investor believes that the AUP are not “sufficient for their needs” – which is hardly a long stretch – the investor has to sign that the procedures are sufficient if they are to even see the auditor’s work.  With this magic piece of paper, the auditor has met its requirements and can sleep easy.  Meanwhile, the auditor will send a bill to – guess who – the fund, meaning that investors have, once more, had to foot the bill.

As always, Caveat Emptor.

www.castlehallalternatives.com

Hedge Fund Operational Due Diligence

****

Related hedge fund law articles:

Bart Mallon, Esq. of Cole-Frieman & Mallon LLP runs Hedge Fund Law Blog and can be reached directly at 415-868-5345.

One thought on “Hedge Fund Audit Firms and Agreed Upon Procedures

  1. Pingback: Hedge Fund Business & Technical Issues — Hedge Fund Law Blog

Leave a Reply