New regulations for AIFM
On 22 July 2013, new Regulations were enacted in the UK which regulate Alternative Investment Fund Managers (AIFMs). The Regulations are intended to form one coherent rule book, which will result in smooth and efficient passporting arrangements between countries for AIFMs and the funds under their administration.
With regard to Operational Risk, AIFMs are required to either (a) take out insurance or (b) set aside part of their capital to cover liabilities arising from their activities (or a mixture of these risk mitigants).
The activities cover a spectrum of risks from employee infidelity, professional negligence, electronic liability and mitigation of loss. Many of these activities can be addressed by conventional financial institution/IMI products.
At the end of this Briefing we identify the insurable risks/regulated activities and responsive products.
The poor rates of return on traditional investments have resulted in the growth of a significant parallel investment market: the Alternative Investment Fund Management market. The considerable returns enjoyed by the market, often through highly leveraged structures, which carry their own risks, are making investment (fund) management vehicles increasingly attractive. Their attractiveness to investors has also caught the attention of EU Regulators who have now sought to bring consistency to the Euro 2.2 trillion market through the Delegated Regulation (2011/61/EU).
This Delegated Regulation has been reflected in UK law by the recent amendments to the Financial Conduct Authority’s (FCA) General Prudential (GenPru) Source Book (FCA 2013/51) (collectively, the Regulations).
This briefing considers these Regulations insofar as they impact insurance offerings (and not reservation of capital).
The Regulations are intended to focus primarily on the Alternative Investment Fund Managers rather than the funds themselves, and will include hedge funds, private equity funds, retail investment funds, investment companies and real estate funds. The Regulations were implemented by the FCA on 22 July 2013 and there is a 12-month transitional period to ensure that all relevant permissions and authorisations are obtained.
The Regulations seek to legislate for all activities of AIFMs. Of interest to insurers, is the focus on risk management and the part which Regulators believe insurance can play.
The requirement in connection with off loading Operational Risk (OpRisk) is that either the AIFM holds additional own funds or Professional Indemnity (PI) insurance “to cover potential liability arising from professional negligence”.
In relation to insurance, to date, the concerns have focused on the oft found exclusion of liability for negligence, save for gross negligence (the “exoneration clause”) found in many AIFM agreements with investors, and much of the debate has focused on this aspect when professional policies will, in any event, give cover absent these contractual exclusions1.
In the writer’s view, this is not the principal issue which should be exercising underwriters which, as noted, can be capably addressed within current PI or Investment Management Insurance (IMI) wordings – it is what is meant by professional negligence in these Regulations and the multitude of activities which do not fall within professional negligence which are required to be covered and how PI/IMI policies are required to respond.
The Regulations go to great lengths to describe what comprises professional liability risks, which include, without limitation2, risks of:
- Loss of documents evidencing title of assets of the Alternative Investment Fund (AIF).
- Misrepresentations or misleading statements made to the AIF or its investors.
- Acts, errors or omissions resulting in a breach of:
- Legal and regulatory obligations
- Duty of skill and care towards the AIF and its investors
- Fiduciary duties
- AIF rules or instruments of incorporation
- Terms of appointment of the AIFM by the AIF
- Failure to establish, implement and maintain appropriate procedures to prevent dishonest, fraudulent or malicious acts.
- Improperly carried out valuation of assets or calculation of units/share prices.
- Losses arising from business disruption, system failures, failure of transaction processing or process management.
The Regulations stipulate (for example, see section 2.1.71 of the GenPru Source Book) that any professional indemnity policy should cover professional liability. What the Regulations fail to appreciate is that the risks which are identified in Article 12 of the EU Regulations, and which are replicated exactly in the GenPru Source Book, are not all synonymous with professional liabilities – an obvious example being business disruption, which may stem from the failure to supervise or from the activities of third parties.
Moreover, these activities do not fall within one single line of insurance business. The activities which the Regulations countenance range from the Crime Bond or Bankers Blanket Bond (Fidelity and On Premises) through to forms of electronic (or cyber) liability and (potentially) business interruption cover. Some, but not all activities are to be found within traditional IMI products.
Aside from the impetus from the Regulator, a further issue (absent the Regulator’s input) is the pressure from investors. Certainly, in the UK the reason for these products is because investors (for example, local authorities, pension administrators) are requiring insurance as a precursor for investing (as opposed to capital being set aside), as well as removing contractual exclusions where liability may only accrue where there is gross negligence (and where there are repeated acts of negligence, the view taken by the Regulator is that this, in itself, could constitute gross negligence). Finally, ERISA exclusions are now being bought out.
As with many new products which respond to changes in the regulatory environment, lifting the text from the Regulations and reflecting this in the insuring clauses is a firm favourite. However, such a solution fails to appreciate in this context that different lines of business are identified in the Regulations and that certain activities can be addressed by a number of different insurance solutions, and not necessarily referenced to the loss or peril. Accordingly, a clear underwriting view needs to be taken as to how these risks are to be accommodated within the more traditional (and tried and tested) wordings. What can be said is this:
- The principal requirement of covering professional negligence, which generally involves the accruing of liabilities by the managers (which has been expanded to cover trustees, fiduciaries and administrators) to third parties, can be accommodated comfortably within standard form PI/IMI policy wordings with the addition of a dishonesty extension to deal with the fraud elements, where the dishonest activities of an employee causes loss to an investor.
- Certain PI and IMI wordings willaddress first party infidelity (i.e. theft by employees, similar to the cover offered by Section 1 of the Bankers Blanket Bond (BBB)) and the loss of documents (again, these have been addressed previously by the traditional On Premises cover (e.g. see Insuring Clause 2 of the NMA 2626) whether stolen, lost, damaged, destroyed or mysterious disappearance)).
- A greater challenge is the BI element (or business disruption as the Regulations term it), which also envisages forms of cyber risk; for example, denial of service. Certainly, the latter risks together with transmission of viruses/computer crime are covered by the “traditional” forms of computer/cyber liability policies and obviously assume some importance where time critical transactions cannot be completed (and a Data Breach Response Package would undoubtedly be a prudent purchase too if individual’s data is retained).
- An alternative way of regarding the “BI” element of this requirement is to consider Mitigation of Loss cover. Whilst these covers have been scrutinised following Standard Life v ACE European Group and Others [2012] EWCA Civ. 1713, there is no denying (in the writer’s view) that where they seek to recover trades or mitigate their impact (e.g. resulting from “fat finger syndrome” and similar activities that can be ascribed to these funds) such covers inure to the benefit of underwriters and insureds, and would seem to address many of the hallmarks of “business disruption”.
One should not lose sight of the other insurances which may be responsive either through the underlying activities or the failure to manage risk – the obvious candidate is D&O – and, given the structures of these investment vehicles, the Outside Directorship Liability extension assumes importance. Often IMI products will include D&O cover within the main policy as well as those other coverages which are now to be found within broad form D&O covers e.g. Employment Practices Liability covers.
The insurance requirements also mirror the Basel II requirements as applied to banks’ OpRisk capital mitigation, insofar as the policies are provided to banks adopting the Advanced Measurement Approach, e.g. an initial term of 12 months (although there is no requirement that there be 12 months of cover at any point in time), a minimum cancellation period of 90 days and the cover being placed with a third party entity (and not through a captive).
One final aspect which will undoubtedly benefit both AIFMs and underwriters in seeking to understand the risks is the requirement that AIFMs implement OpRisk management policies, including the establishment of an historical loss database in which operational failures, loss and damage experience shall be recorded (these requirements are reflected in the FCA’s own Source Book).
Footnote
- These contractual exclusions have exercised regulators for a number of years – the FSA felt that it constituted a conflict of interest and, as observed in this paper, many investors are not prepared to countenance such exclusions. And see also the requirements of section 2.1.4R of the Conduct of Business Source Book.
- (and therefore a broad form cover is advisable given this gloss)
Professional liability risks and corresponding insurance cover
- Activity Loss of documents evidencing title of assets of the AIF.
Coverage PI/IMI (akin to IC2 BBB) - Activity Misrepresentations or misleading statements made to the AIF or its investors.
Coverage PI/IMI - Activity Acts, errors or omissions resulting in a breach of:
- Activity Legal and regulatory obligations
Coverage PI/IMI - Activity Duty of skill and care towards the AIF and its investors
Coverage PI/IMI - Activity Fiduciary duties
Coverage PI/IMI - Activity AIF rules or instruments of corporation
Coverage PI/IMI - Activity Terms of appointment of the AIFM by the AIF
Coverage PI/IMI
- Activity Legal and regulatory obligations
- Activity Failure to establish, implement and maintain appropriate procedures to prevent dishonest, fraudulent or malicious acts.
Coverage PI (Dishonesty Extension)/IMI/Crime - Activity Improperly* carried out valuation of assets or calculation of units/share prices.
Coverage PI/IMI - Activity Losses arising from business disruption, system failures, failure of transaction processing or process management.
Coverage PI/IMI/Mitigation of Loss/Cyber
* This would seem to countenance an activity over and above one which would give rise to negligence and which would impact crime elements of cover.
For more information, please contact John Barlow, Partner, on +44 (0)20 7264 8188 or john.barlow@hfw.com or your usual contact at HFW.