While many hedge fund managers recognize the necessity of identifying, monitoring for and addressing risks confronting their businesses, few firms have developed institutional-quality programs that can systematically address operational, investment, strategic and compliance risks. Some of the challenges in adopting a risk management program include assigning responsibility for identifying and addressing risks; identifying key risks confronting the firm; and understanding what risk metrics to use in evaluating risks and how the firm has addressed such risks. From the investor perspective, it can be difficult to assess the quality of a manager’s risk management systems, and even more difficult to compare risk management systems across managers. (However, SSAE 16s can help facilitate single-manager risk assessments and comparisons across managers. See “Use of SSAE 16 (SAS 70) Internal Control Reports by Hedge Fund Managers to Credibly Convey the Quality of Internal Controls, Raise Capital and Prepare for Audits
,” Hedge Fund Law Report, Vol. 5, No. 11 (Mar. 16, 2012).) On January 31, 2012, the SEC addressed enterprise risk management for hedge fund managers and other investment advisers during the risk management session (Risk Management Session) of its annual “Compliance Outreach Program National Seminar” (Seminar). The Seminar also included sessions on enforcement issues relevant to hedge fund managers and hedge fund manager trading practices; prior articles in the Hedge Fund Law Report detailed the key lessons from both the enforcement
sessions. During the Risk Management Session, the panelists shared with industry participants recommendations on how to allocate resources to create a risk management program that will identify key risk areas and appropriately address compliance issues. This article discusses the key takeaways from the Risk Management Session.