Category: Investment Operations


iStock_000000129907XSmallIn my experience working with investors across the nation both small and large, there is at least one recurring theme.  Their sophisticated workflows hinge on semi-automatic processes that rely in part or completely on people.  I suppose that is a good thing when operator oversight is a plus, but when I get involved most of these firms have realized that they literally want to push a button and have things done as simply, quickly and reliably as possible.

Ten years ago, one of my clients experienced organic growth so rapid that it drove their firm from one that managed hundreds of millions to billions in assets in less than two years. While investment managers are known to consistently take pains to build processes that allow their businesses to scale efficiently, explosive growth can strain or disrupt established workflows.

In this case, the effect of the growth was dramatic. It demanded that certain processes be automated. One of the most important processes was related to trading foreign stocks in local currencies.  The influx of trades from new business was overwhelming.  Back-office employees that were already working hard needed to work even longer hours to keep pace with the incoming business.

More specifically, the firm’s back office needed to manually enter both transactions to trade currencies and the associated equity trades. In the multi-currency version of Axys, purchases and sales of foreign stocks in local currency require three transactions: two to exchange the currency and one to buy or sell the security.  As a result, every purchase or sale required two additional transactions related to foreign currency exchange.  They were entering three manual transactions in the trade blotter for every trade they made – even partial fills of an outstanding order required these transactions.  The entries to the trade blotter were tedious, time-consuming, and a potential source of operator error; the firm knew they needed to automate them.


Money concept

Understanding the Required Workflows

As part of their process, the firm waited until they got the executed FX rates from an assortment of brokers before they could enter the corresponding trades and post them in their portfolio accounting system.  This backlog of trades created a slew of manual trade blotter work that ultimately had to be done after hours to make sure the firm was ready to trade the next day.

A homegrown Order Management System (OMS) populated the Axys trade blotters of the traders at the company with open trades. Those blotters were utilized to track open trades and never actually posted.  Once the execution info was reported, our automation needed to create the additional transactions that back-office staff was entering manually. The workflow also required that the trade blotters for individual traders be updated to reflect that the executed trades were no longer part of the open trades. In effect, our automation needed to rewrite the traders’ blotters as well as the trade blotter of the operations employee running the app and post the latter.


Building the Prototype/v1

In a relatively quick timeframe (40 hours), we built a working prototype using Visual Basic that:

  1. loaded the outstanding trades from each trader’s blotter into an Access database
  2. created a process where outstanding trades could be selected and associated with trade execution info to generate the required trade blotter entries
  3. imported executed trades to the trade blotter for review and posting
  4. updated the open positions in the trader’s blotters
  5. produced reports (via Crystal Reports) detailing trades pending and actual execution info

In short, the app pulled pending transactions from their homegrown OMS and allowed users to associate foreign currency execution rates and other specifics of trade execution with specific orders to produce the necessary Axys trade blotter transactions automatically.  Once the execution info was recorded, the user would exit the app, which in turn automatically updated the user’s trade blotter and the traders’ blotters.

Version 2

The next version of the app was under development for over six months and cost nearly 40k, but it met the needs of the firm. The core functionality of v1 with respect to workflow was preserved, but we added many features.  In terms of the initial cost, v2 was expensive, but over a period of nearly ten years it required almost no maintenance. The multi-currency trade automation solved an immediate and urgent need when it was originally developed, and continued to save the firm hours of back office processing work every week for nearly ten years, until it was finally decommissioned in 2015 as a byproduct of the firm’s transition to Moxy and Geneva.

Though the application wasn’t cheap to build or maintain initially, it paid for itself many times over during its tenure as an integral part of the daily workflow at firm that knows the value of automation.


About the Author: Kevin Shea is the Founder and Principal Kevin Shea Impact 2010Consultant of Quartare; Quartare provides a wide variety of technology solutions to investment advisors nationwide. For details, please visit Quartare.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@quartare.com.

HourglassWindows XP was a mainstay at many financial services firms for nearly a decade.  In keeping with the Microsoft Lifecycle Support Policy, support for Windows XP and similar aged software must eventually end.  You can learn more about the policy here.

According to Microsoft, extended support for Windows XP is scheduled to end on 04/08/2014.  If your office is using Windows XP, you should be working on plans to phase out XP by replacing those systems with new PCs or upgrading the PCs to a more recent workstation operating system in the next six to nine months.  There is no good reason to wait until or beyond April 2014 to perform these upgrades.

Why should you care?

Most security standards – for instance, 201 CMR 17.00 – require that you apply security patches on a regular basis.  It is the extended support from Microsoft that allows you to do this.  After extended support has ended, there is no guarantee that any security patches will be released for these systems.  In order to stay compliant with security standards, firms using Windows XP will need to upgrade to other systems.

Hasta la vista, Vista!

androide

Currently, we are recommending that business users implement Windows 7 Professional on workstations.  Windows 8 makes sense for home users with touch screens, but we prefer not to implement operating systems before they have become mainstream in the workplace; Windows 8 just isn’t there yet.

Vista extended support is good through 04/11/2017, but Vista has always been a dog, and any business users still using Vista should strongly consider moving to Windows 7 Professional immediately.

Server-based systems affected by the Microsoft Lifecycle Support Policy

Windows 2003 Server extended support is good through 07/14/2015.  Nevertheless, Windows Server 2008 R2 will likely be the most widely used network operating system among investment advisors by the end of 2013.  Windows Server 2012 was released on 09/04/2012 and hasn’t yet been widely implemented among SMBs we are familiar with.

Exchange Server 2003 extended support also ends on 04/08/2014.  The implications of this related to security updates are the same as those detailed above regarding XP.  If you know which version of Exchange is in use at your office, you can check Microsoft’s site here to determine when the end of extended support for Exchange will affect your firm.

Like Vista, extended support of Exchange Server 2007 is good through 4/11/2017, so there is no need to upgrade in the near term future.  Exchange 2010 adds OWA support for Firefox and Chrome.  In addition, Exchange 2010 makes better use of lower-cost disk subsystems, allowing you to get a performance boost over 2007 without spending a premium.  Those are nice features, but not nice enough to push an Exchange upgrade before a normal IT lifecycle replacement demands it.

Exchange Server 2003 will be phased out by many advisors this year, and most will move to Exchange Server 2010.  Though Exchange Server 2013 was technically released in November 2012, it may be premature for the SMBs that dominate the investment industry to adopt Exchange Server 2013 over Exchange Server 2010.  Presently, there is no direct migration path from Exchange 2003 to Exchange 2013.  A number of small investment advisors will move to hosted Exchange solutions and no longer keep Exchange servers at their offices.

With this many possible changes slated for the next ten months, now is a good time to make sure your firm has addressed the issues or has a plan to upgrade any systems affected.

About the Author: Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide.

For details, please visit isitc.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.

iStock_000009182001XSmallIn a day where security threats are constantly evolving and your business is reponsible for keeping confidential information secure, your clients’ computer systems may seem an unlikely place to prod your nose, but unfortunately, an increasing number of security threats are originating from the clients of investment advisors.

One recurring example that we have witnessed over the past year, is the hacking of email accounts.  In this scenario, your client’s email account with Google gets hacked because their password is “patriots1” or perhaps their PC has been infected with a keylogger virus.  In any event, a hacker somehow discovers your client’s password and now has access to their historic email records.

In the past, hackers might have been satisfied to use that account to SPAM everyone on earth, but today’s hackers are more sophisticated.  Apparently, they’ll actually take the time to read through your client’s emails in search of financially sensitive information.  Based on the content of previous communications with your firm, they can compose a similar looking email to one that the client might have sent in the past to ask your staff about total holdings or even request a check.

Here are some tips your clients should follow to keep their email and other accounts secure:

  1. Don’t enter your passwords in kiosks and other systems available to the public.
  2. When you get the option to store the password for various accounts and websites on your PC, don’t do it.
  3. Never send your passwords in an email.
  4. Use encrypted email connections.
  5. Institute complex passwords.  I know it’s a pain, but so is having your identity stolen.
  6. Don’t use the same passwords for multiple accounts.  Yes, this is a pain too, but there are some programs like eWallet that can help.
  7. Run up-to-date versions of security software that include protection for spyware, malware and viruses.  Don’t ignore messages from your Antivirus program.
  8. Stay up-to-date on operating system and application security patches.
  9. Be cautious of which sites you browse.  A program like openDNS can help you keep your computers clean by limiting access to potentially harmful websites.  The home version of OpenDNS is free.  You can find it at www.opendns.org.  Antivirus programs like AVG and Symantec can filter websites too, but do it with less specific controls.

Here is what your clients should to do if they do get hacked:

  1. Contact a computer professional or the email provider to help determine how you got hacked.
  2. Alert your investment advisor and other vendor relationships that hackers could try to take advantage of.
  3. Resolve any issues that may have led to the hack, such as: simple passwords, malware, spyware, and viruses.
  4. Change your passwords and any hints from a computer system, smart phone or the original system once the threats have been removed on the following: the hacked site, any other sites where you used the same username and password and any sites whose information you stored in the hacked account.
  5. If you determine that you have been a victim of spyware or malware, you will need to change all your passwords for your online accounts and follow the procedures for recovering from identity theft.
  6. If you cannot follow any of these steps because your account credentials have been changed, you will need to contact the company providing that account in order to regain control of your account.
  7. Implement better security provisions going forward.

There is only so much you can do to protect your clients.  Ensuring that email communications are secure should be at the top of the list. Your firm can implement a product like Zixmail to encrypt selected emails, but at the point where your client’s computer system has been compromised, this may only provide an additional deterrent, and should not be seen as the solution to the problem.

The best course of action is a combination of staying vigilant, educating your clients, implementing best-practice email security, and instituting additional internal controls aimed at how your firm handles client communications, such as balance and check requests.

About the Author: Kevin Shea is President of InfoSystems Integrated, Inc. (ISI); ISI provides a wide variety of outsourced IT solutions to investment advisors nationwide.

For details, please visit isitc.com, contact Kevin Shea via phone at 617-720-3400 x202 or e-mail at kshea@isitc.com.