With recent developments in corporate governance and the spotlight on risk management, there has been an increased demand by internal and external stakeholders in the asset management industry for additional assurance on investment managers internal control environment. Specifically, the IT systems and operations responsible for processing the investment products the stakeholders invest in or regulate, which extends from the fund management process itself to operations and back office functions such as record keeping, safeguarding of assets and controls over IT systems and management.
In addition, service providers, such as administrators and custodians need a robust way of demonstrating that the risks associated with the provision of their services are identified, measured and managed in a reliable and cost efficient manner. They need an effective mechanism to articulate the way they manage their internal control environment.
Similarly, Clients utilising the services offered by service providers are also increasingly looking for assurance over the risks and opportunities associated with the provision of these services. The effectiveness of processing, security, privacy and confidentiality need to be considered and communicated to potential users of the service.
Our asset management industry specialists have significant experience in providing the assurance your clients are looking for. Our tailored solution is risk-based and flexible and considers your current business environment and disclosure requirements. This allows you to provide, request or receive the appropriate assurance with confidence.
Depending on how and where our clients are utilising third party assurance, we deliver a value added solution that utilises our deep technical and industry expertise in the asset management industry. During the process of providing assurance, we can assist you in improving the internal control environment of the subject matter under consideration, as well as providing the required assurance to all stakeholders.
Our third party assurance services on control matters are performed in accordance with recognised assurance standards which include but are not limited to the following:
- International Standard on Assurance Engagements 3402 ("ISAE3402") - "Assurance reports on controls at a third party service organisation".
- AICPA Statements on Standards of Attestation Engagements (SSAE) No. 16 - "Reporting on controls at a service organization" (replacing SAS 70, Service organizations).
- AICPA Attestation Standard No. 101 - Attest engagements ("AT 101").
Hong Kong / Chinese standards
- Hong Kong Standard on Assurance Engagements 3402 ("HKSAE3402") - "Assurance reports on controls at a third party service organisation".
- Chinese Auditing Standard No. 3101 ("CAS3101").
These assurance reports, which can be used by third parties, are becoming increasingly popular among fund administrators, custodians, prime brokers, fund managers & advisors and are seen by many as providing an additional competitive advantage in the marketing of their services or investment products. A significant amount of value can be extracted from this third party assurance as highlighted in the diagram below.