Tag Archives: hedge fund audit

Audit Issues from Due Diligence Provider

The following article is written by Chris Addy, president and CEO of Castle Hall Alternatives which is a hedge fund due diligence firm.

For funds raising assets from institutional investors, the due diligence process will be quite familiar and Chris describes some of the frustrations from the investor/due diligence standpoint.  I would imagine that these issues will continue to arise as more service providers strive to find ways to limit their potential future liability.  Please feel free to comment below.

****

A recap on some audit issues

Looking back over our posts over the past year or so, we’ve commented on a number of issues which impact investors’ due diligence procedures when thinking about the audit process, the financial statements, and the auditor themselves.

We thought it would be useful to recap on a group of issues which continue to be troubling:

1) And why can’t the auditor identify themselves?

Back in November, we commented on the challenge of getting the Big 4 audit firms to admit that they are, actually, the auditor of the fund in question.  In the six months since then, practices appear to have standardized: typically, the Big 4 will now provide a form response, but only after the investor has signed an extensive disclaimer letter.  The slight snag?  The disclaimer is usually so wide ranging that it appears to materially impact the investors’ ability to sue the auditor in the event of audit failure (which, of course, is the idea).  We advise our clients not to sign it.

As a counterpoint, it is worth noting – and forcefully reminding the Big 4 – that every other auditor on the planet makes the confirmation process smooth and effective.  Castle Hall is particularly appreciative of the responsiveness and professionalism of Rothstein Kass each time we make an audit confirmation request.  In fact, that reminds me…do I actually need a Big 4 auditor?

2) And it’s pretty much the same for SAS 70s..

Unfortunately, the SAS 70 process is pretty much the same – it is becoming increasingly difficult for the end investor to obtain a copy of the SAS 70 document for many administrators.  This is, of course, despite the fact that the SAS 70 is now a key marketing point in the admin industry.

It’s particularly annoying when the SAS 70 is stated only to available (i) to the auditors of (ii) the administrator’s clients, the funds.  The first point makes the SAS 70 process seem more than a little self serving, as the auditors give each other work for the sake of it.  The second raises the broader issue (and one of our favorite topics) of who exactly is the administrator’s client – the fund or the investor?

A particular black mark goes to those administrators who will not provide investors with a copy of the SAS 70 under any circumstances, and insist on providing a summary of the SAS 70…prepared by themselves.  And exactly how is the investor supposed to place any reliance on that?

An honorable mention in the hall of shame must go, however, to those administrators who try to charge the costs of their SAS 70 review through to their fund clients as an out of pocket expense.  In other words, the admin expects the funds’ shareholders’ to pay for their own SAS 70.

And no, we still can’t see it.

3) Who distributes the financial statements?

While the confirmation issue above is tediously annoying, thinking practically, the risk that a hedge fund simply fabricates a relationship with PwC or KPMG is pretty remote.  What is more likely is that a reputable audit firm has been appointed and completes their work…but a manager then elects to change some or all of the financial statements and gives investors a set of fake accounts.  As we have said before, a copy of Adobe photoshop only costs $500.

The double irony is that, even with the audit confirmation we discussed above, the auditor does not send the investor the accounts directly.  There is, therefore, no way of getting a direct confirmation from the auditor that the accounts in your possession are, in fact, genuine.

One suggestion we have heard would be, in the offshore world at least, for investors to access financial statements direct from the Cayman Monetary Authority (perhaps via a secure website with appropriate authorizations).  This would draw on the requirement that the fund auditors must give the Cayman authority a copy of the (genuine) accounts themselves.  An excellent idea….Cayman?

As a more immediate solution, we are always anxious to confirm that the fund administrator receives the audited financials direct from the auditor and thereafter sends them to investors.  This is a great control – it ensures that the financial statements are authentic, and it also unequivocally confirms the identity of the auditor at the same time.

The snag?  While this is crucially important, administrators seem pretty casual about the whole process.  Admins are generally happy to do this, but only if a fund asks for this “service”, and many admins are certainly far from proactive on this topic.  There are some admins, mind you, that don’t want to get involved (we came across one admin that had decided, on a related point, that they would not send offering memos to investors.)

In our mind, this is a vital control and should be mandatory for every administrator.  Getting the financials from the admin is just as important as ensuring that the investor monthly NAV statements come from the admin and not from the manager.

4) And who is the audit report addressed to?

Another particular bugbear is the obsession of one of the Big 4 audit firms in Cayman to change the addressee of the audit report from “to the board of directors and shareholders” to just “to the board of directors”.  The objective, of course, is transparent and predictable – the auditor is looking to enhance the concept of privity and assert that the firm only has a relationship with the Board and no relationship – none, never, nada – with the investor.

The irony here – the directors who are now the sole recipient of the audit are usually our rent a director friends who sit on a few hundred other hedge fund boards.  And does anyone really think – including the partner at the Big 4 firm signing the opinion – that these guys really have time to read every set of audited financial statements from cover to cover?

One solution here – could the Cayman regulator mandate that the audit opinion must be addressed to the shareholders in order to be meet Cayman requirements?  Again, this would be a small change that would send a very helpful, investor friendly signal from this jurisdiction.

5) In fact, do you even have to leave the office?

A final observation reflects what seems to be an emerging trend over the past audit cycle – certain auditors (and certain offices of certain auditors in particular) seem to be adopting a desk fieldwork process.  We have recently completed due diligence on a number of funds – albeit usually long short equity – when both the administrator and the manager stated that the audit team had never came on site to do any audit work.  All work was done remotely from the auditor’s own offices.

Now, aside from the fact that fieldwork is called fieldwork for a reason (er…you’re in the field) we see this as a worrying trend.  It stands to question that the quality of the audit is not the same if you never look the individual responsible for preparing the accounts in the eye.

As a counterpoint to our observations, we do continue to recognize that the audit process is ever more challenging and that many skilled professionals work incredibly hard, especially during busy season. As just one example, we were recently speaking with the audit partner of a Big 4 firm discussing FIN 48 – a tortuous challenge for the profession.

At the same time, the audit process is critical for investors and we’re certainly entitled to ask tough questions – we are “sophisticated”, after all.

It’s also worth noting that the auditors’ ever increasing fees are, of course, borne by the end allocator.  We’re happy to pay….provided we get good value.  Net net, the hedge fund audit profession would certainly be well served to make things a little easier for the person cutting the pay cheque.

www.castlehallalternatives.com
Hedge Fund Operational Due Diligence
“Risk Without Reward” is a trademark of Entreprise Castle Hall Alternatives Inc.  All rights reserved.

****

Other related hedge fund law articles:

Cole-Frieman & Mallon LLP is one of the top hedge fund law firms and provides comprehensive formation and regulatory support for hedge fund managers.  Bart Mallon, Esq. can be reached directly at 415-868-5345.

For more articles by Chris Addy, please see the Castle Hall Alternatives post where we have listed our reprinted articles.

Hedge Fund Audit Firms and Agreed Upon Procedures

Hedge Fund Due Diligence Firm Discusses “Agreed Upon Procedures”

We’ve published a number of thoughtful pieces on this blog from Chris Addy, president and CEO of Castle Hall Alternatives (see, for example, article on Hedge Fund Operational Issues and Failures).  Today we are publishing a piece by Chris which discusses hard to value hedge fund assets (so called Level III assets).  In certain situations hedge fund audit firms will be engaged to perform an “Agreed Upon Procedures” review of the pricing of these assets.  As discussed in the article below, agreed upon procedures engagements do not provide hedge fund investors with a great deal of comfort with regard to the pricing of these assets.  It is unclear whether in the future investors will push back with regard to such engagements and require more robust pricing audits.  The problem with more robust procedures, obviously, is increased cost (because of increased liability for the audit firms).

Managers who are engaging audit firms pursuant to agreed upon procedures should be aware that they may face tougher questions from investors going forward.

****

Agreed Upon Procedures

A number of our recent posts have focused on the challenges of the hedge fund administrator‘s role in relation to security valuation.  We will, of course, return to this topic – but, in the meantime, wanted to focus on some of the alternatives to administrator pricing.

One of the more common comments from today’s administrators is that, while an admin may be able to price Level I and Level II securities, they do not necessarily have information to price Level III instruments.  (To recap, the US accounting standard FAS 157 divides portfolios into three levels, being Level I, liquid instruments readily priced from a pricing feed (typically exchange traded); Level II, instruments priced using inputs from “comparable” securities (essentially mark to model, albeit with mainstream models); and Level III, everything else.)

This leaves investors with a challenge – if administrators cannot price Level III instruments, who can? Moreover, to repeat one of our frequent comments, it is self evident that if a hedge fund manager wishes to deliberately mismark securities, they would most likely misprice a Level III instrument.  It is, of course, very hard to fake the price of IBM common stock, but much easier to mismark emerging market private loans.

Two of the most common tools available to hedge fund managers looking for third party oversight over pricing for Level III instruments – assuming the administrator has washed their hands of the problem – are third party pricing agents and auditor agreed upon procedures, or “AUP”.  We will return to the strengths and weaknesses of third party pricing agents in a subsequent post, but wanted to focus this discussion on AUP.

In an Agreed Upon Procedures engagement, the auditor completes specific procedures which have been dictated by the client.  The procedures are specified and the auditor then prepares a report outlining the findings of that specific work.

We have two comments here: the first is to take a high level view as to the adequacy of these procedures, and the second is to dig a little more deeply into the actual audit guidance that covers this type of work.

Our first comment is, unfortunately, an Emporer Has No Clothes observation.  The significant majority of hedge fund AUP engagements we have seen require the auditor to test a fund’s pricing on a quarterly basis.  This usually involves (i) obtaining a portfolio list from the investment manager and (ii) testing the pricing support for those positions.

There are, however, generally two snags.  Firstly, many AUP only test a sample of prices, not the whole portfolio.  Sample testing clearly provides much less assurance than a price review of all positions: the administrator, for example, is usually expected to price the entire book (would any investor accept a NAV which has been priced on a “sample” basis???)

The bigger problem, however, is the type of testing completed by the auditor.  In way, way too many cases, the auditor tests security prices back to the manager’s own pricing support and makes no attempt to obtain independent pricing information.

This type of work is, clearly, somewhere between minimal and absolutely no value for investors.  If the auditor receives a spreadsheet from the manager showing the matrix of broker quotes received, how does the auditor know that the manager has not adjusted that spreadsheet to exclude quotes which were uncomfortably low?  Even more importantly, if all the auditor does is to check prices back to pieces of paper in the manager’s own pricing file, how does the auditor know that those pieces of paper are genuine?  As we have said before, and will keep on saying, it only costs $500 to buy a copy of Adobe Photoshop if you are of a mind to alter documentation.

When discussing this type of work, the manager typically notes that, if the auditor was to complete a full, independent pricing review, it would be too costly and too time consuming to be practical on a quarterly basis.  A full, GAAP audit review is, of course, performed at year end – this does include independent pricing (although – investor fyi – auditors will still only sample test many portfolios.)

While these are fair points, it remains the case that this type of AUP provides minimal protection against pricing fraud.  In the meantime, the manager gets the marketing benefit of being able to claim enhanced scrutiny and oversight from a Big 4 firm each quarter.

Which leads to our second point.  Why would an auditor accept to complete agreed upon procedures when any reasonable accountant would rapidly conclude that the typical scope of these AUP provide pretty much nil controls assurance?  Why does the auditor not insist that, if their name is to be associated to this work, then the procedures must be meaningful and sufficient to meet an actual control standard?

To this point, the actual audit standard applicable to AUP is available here.  The standard states:

An agreed-upon procedures engagement is one in which a practitioner is engaged by a client to issue a report of findings based on specific procedures performed on subject matter. The client engages the practitioner to assist specified parties in evaluating subject matter or an assertion as a result of a need or needs of the specified parties. Because the specified parties require that findings be independently derived, the services of a practitioner are obtained to perform procedures and report his or her findings. The specified parties and the practitioner agree upon the procedures to be performed by the practitioner that the specified parties believe are appropriate. Because the needs of the specified parties may vary widely, the nature, timing, and extent of the agreed upon procedures may vary as well; consequently, the specified parties assume responsibility for the sufficiency of the procedures since they best understand their own needs. In an engagement performed under this section, the practitioner does not perform an examination or a review, as discussed in section 101, and does not provide an opinion or negative assurance. Instead, the practitioner’s report on agreed-upon procedures should be in the form of procedures and findings.

In practice, this all gets horribly circular.  Per the standard, a client requests an auditor to complete AUP to assist “specified parties” to “evaluate subject matter or an assertion”.  In our case, the assertion would be “are hard to value securities valued correctly at quarter end.”

However, the specified party is usually the manager itself, making the client and specified party the same person.  The particular trick applied, in many cases, is for the auditor to seek to prevent the investor from actually seeing the AUP in the first place!  However, if the investor is to have access to the AUP, the auditor universally requires the investor to sign a Catch 22 document which requires the investor to acknowledge that the AUP are “sufficient for their needs”.  So, even if the investor believes that the AUP are not “sufficient for their needs” – which is hardly a long stretch – the investor has to sign that the procedures are sufficient if they are to even see the auditor’s work.  With this magic piece of paper, the auditor has met its requirements and can sleep easy.  Meanwhile, the auditor will send a bill to – guess who – the fund, meaning that investors have, once more, had to foot the bill.

As always, Caveat Emptor.

www.castlehallalternatives.com

Hedge Fund Operational Due Diligence

****

Related hedge fund law articles:

Bart Mallon, Esq. of Cole-Frieman & Mallon LLP runs Hedge Fund Law Blog and can be reached directly at 415-868-5345.

Hedge Fund Auditors | Thought Piece From Castle Hall Alternatives

The following article is by Christopher Addy, President and CEO of Castle Hall Alternatives, a hedge fund due diligence firm.  We have published a number of pieces by Mr. Addy in the past (please see Hedge Fund Fees, Hedge Fund Due Diligence Issues, Issues for Hedge Fund Administrators to Consider and ERISA vs. the Hedge Fund Industry).  The following post can be found here.

****

And the auditors work for….

Audit opinions of a hedge fund’s financial statements are unlikely to make the New York Times bestseller list.  As a result, we can certainly understand if the auditor’s fine print is not exactly top of the list for investor attention.  However, not all audit opinions are the same and, over time, it seems that different audit firms are quietly introducing different standards of care and attention – and, of course, liability, which is always the 800 pound gorilla.

The issue is the addressee of the audit report – or, put more simply, who the auditor works for.  In a public company, the auditors report to both the shareholders and the Board of Directors.  A quick web search gives us a couple of examples – GE and Goldman Sachs (don’t laugh at the Level III assets, by the way).

In a hedge fund, however, sometimes the audit report mentions the shareholders, but sometimes it does not.  What seems to be a fine difference is actually very profound – exactly why would a hedge fund auditor report only to the Board of Directors and deliberately fail to address their report to the shareholders?  Adding insult to injury, of course, is the reality that the average Board of Caymanian rent-a-directors hardly acts with the same vigor and intervention as the non execs on the boards of GE and Goldman.

In our experience, certain audit firms appear to have taken a deliberate decision to direct their audit opinions, wherever possible, only to the directors.  This is a difference which applies across both US GAAP reports as well as audits completed under International Financial Reporting Standards.  Check 10 audit reports from different firms, and see what we mean.

The underlying issue – of course – is the lack of investor control.  Investors, if asked, would very likely have an opinion on this issue: but, needless to say, they are not asked.  Audit engagement letters are signed under cloak and dagger secrecy (usually because they include ever more expansive terms seeking to limit auditor liability under Caymanian law).  Thereafter, as investors and due diligence practitioners know to their ongoing annoyance, it proves incredibly difficult and pointlessly time consuming to get some auditors even to confirm that they are the auditor of record for the hedge fund in question.

In the short term, one answer would be for offshore jurisdictions such as the Cayman Islands to mandate that all audit reports filed for Caymanian hedge funds be addressed to the shareholders rather than just the Board.  If it’s good enough for GE, it should be good enough for any hedge fund.

In the bigger picture, however, this is just one question within the broad construct of Hedge Funds 2.0 post Madoff.  Unfortunately, it is only investor pressure which can enforce any change so that service providers – auditors, administrators, lawyers et al – take responsibility and recognize that their primary duty of care is to the investors that pay them.  Without that pressure, hedge funds will continue to be the asset class where everyone wants to get paid, but no-one wants to take responsibility.

www.castlehallalternatives.com
Hedge Fund Operational Due Diligence

****

Other related hedge fund law and start up articles include:

Hedge Fund Managers Look to Cut Costs – No Hedge Fund Audit?

As hedge fund performance results are weak or negative, managers are becoming more interested in decreasing the costs that the management company bears directly as well as those costs which are borne by the fund. Continue reading

Hedge Fund Auditor – Hedge Fund Audit Information and Questions

A hedge fund auditor is a service provider to the hedge fund; the main job of the auditor is to audit the accounting practices of the hedge fund.

During the audit period, the auditor will work with the hedge fund manager to review the hedge fund’s valuation methodology as well as the implementation of that methodology.  The auditor will also review the fund’s account statements, including the profits and losses.  Usually the auditor will work with the hedge fund administrator as the administrator is the one who has prepared the fund’s financial statements.

Hedge Fund Audit Costs

As with all of the service providers which I have discussed, there is not a one size fits all solution to hedge fund audits.  There are three general groups of audit firms and costs

Small audit firm – the small audit firm may be a one to five or more person shop.  Like the small administrator, the small audit firm is going to be able to give the hedge fund manager the most one-on-one time and really provide good insight and advice to the manager on his business, in addition to the audit work.  The costs for the small audit firm will range anywhere from about $6,000 to $10,000 per year, depending on the nature of the investment program.

Medium sized, boutique hedge fund audit firm – there are a few audit firms that specialize in hedge fund auditing.  These firms are well recognized in the industry and are well regarded by most institutional investors.  These firms are going to be larger than the small audit firm and may not be able to provide as much face time to the manager.  The costs for medium sized firms are going to be in the $12,000 to $18,000 range, depending on the nature of the investment program.

Big four accounting firms – big four accounting firms have large hedge fund audit practices.  These firms are very expensive and thus these firms are usually retained by funds with at least $250 million in assets.  The costs for a big four accounting firm will probably be at least $25,000 per year.

Funds with less than $250 million should not use a big four accounting firm.  One client with $100 million in assets under management used a big four accounting firm and they were put at the end of the line.  The accounting firm actually completed the audit late and the client could never get a hold of anyone in the office – our client’s account was a very low priority to this firm.  The client made the switch to a boutique hedge fund audit firm and has been happy with the results.

Note on costs.  The costs above will generally not include the costs for tax preparation work, which will run extra.  Additionally, if the hedge fund invests in certain instruments that are hard to value, the costs may run higher.  If you have an unusual asset class, like life settlements, then you will need to discuss your program with your auditor during the offering document drafting process.  If there is a master-feeder structure in place, there will be added costs because of the additional entities involved.

Hedge Fund Audit Questions

1.  Do domestic hedge funds need to be audited on a yearly basis?

Generally there is no requirement for a domestic hedge fund to have a yearly audit.  However, if the manager is registered as an investment advisor with the SEC, then the manager will need to have an annual audit.  If the manager is registered as an investment advisor with a state securities commission, the manager will probably need to have an annual audit.

While for some managers an audit may not be required, it is always recommended as investors give great weight to the fact that a fund has an audit.  If the fund does not have a yearly audit, it will raise a red flag to potential investors.

2.  Do offshore hedge funds need to be audited on a yearly basis?

This will depend on the jurisdiction of the offshore hedge fund.  If the hedge fund is based in the Cayman Islands, the hedge fund will need to have a yearly audit and the audit will need to be completed by a Cayman based audit firm.  Most hedge fund auditors will have a Cayman based partner which will be able to complete the audit for the fund.  This may add a little extra to the cost of the audit.

In the BVI there is no present requirement for a hedge fund audit.

Should a start-up hedge fund have an audit?

Question: Should a start-up hedge fund have an audit?

Answer: This is a question which we will get very often for funds that aim to launch on July 1 or later.  While there is generally no legal requirement for a hedge fund to have their performance results audited, a vast majority of hedge funds have their returns audited because it will aid in the marketing efforts by lending credibility to performance results.

With regard to this question, and as with most business-issue oriented hedge fund questions, the answer is going to depend on the manager’s program and what the manager plans to accomplish during the first 6, 12 and 18 months of operations.

Generally, first year hedge fund manager’s are going to need to focus on costs. Not only from a cash flow perspective, but also from a return perspective. Any costs (which the fund bears) affect performance. Accordingly, many start-up hedge fund managers may forgo an audit of the fund’s track record during the first year. The manager then may have the fund audited after the end of the fund’s second year. A manager might consider doing this in a couple of situations. The first situation is when the fund starts trading during mid-year or later. In this instance it will probably not make a lot of sense to have an audit for fund operations of less than one year. An exception to this generality is if you have a decent amount of AUM and you are looking to begin courting institutional investors. If this is the case, then it will generally be a good idea to have an audit.

The second situation when a start-up hedge fund manager might not choose to have an audit after the first year is if the manager has a longer term hedge fund incubation program. This might be the case if the hedge fund manager has a longer term trading strategy (buy and hold) or when the manager does not plan to seek institutional money during the second year. Many managers will go with this slow and steady approach to asset raising in order to understand the back end operations of their fund. As noted in numerous places, one of the main reasons why hedge funds fail is inadequate back office operations.

If a start-up hedge fund manager plans to start with a larger asset base, say $10 million or more, and plans to aggressively court the institutional market during the first half of the coming year, then it might be wise to think about an audit. While the decision to forgo a first year audit is strictly a business decision, it is recommended that you discuss this decision with both your legal team and your potential auditor.  Additionally, if you will be using the services of a third party marketer, you will want to discuss this decision with the third party marketer.