20-investment-industry-documentation.pdf

CHAPTER 20 INVESTMENT INDUSTRY DOCUMENTATIONby Ravi Nevile,CFA, and Robin SolomonLEARNING OUTCOMESAfter completing this chapter, you should be able to do the following:a Define a document;b Describe objectives of documentation;c Describe document classification systems;d Describe types of internal documentation;e Describe types of external documentation;f Describe document management.209INTRODUCTIONDocumentation touches every aspect of investing, from internal documents to con-tracts with external parties. Every time an investment manager places an order and purchases a security, for instance, a large number of documents are developed to record the trade.Documentation provides evidence of how companies operate, interact internally and externally, and deliver their services. Documentation varies across the investment industry and across companies in the investment industry. But the general rules, structure, and logic of internal and external documentation apply to all types of com-panies. This chapter explains why documentation is important, provides examples of different types of documents, and describes how documents are managed.OBJECTIVES AND CLASSIFICATION OF DOCUMENTATIONA document is a piece of written, printed, or electronic matter that provides infor-mation or evidence or that serves as an official recordfor instance, of the purchase or sale of a security. Some documents are for internal use only. They are generally administrative and reflect a companys philosophy, approach, and activities. Other documents are for external use. These documents convey information to and from the public domain and often help limit the risks that interaction with the public creates.2.1 Objectives of DocumentationWhen policies, procedures, and processes are undocumented or poorly documented, there is room for doubt because these policies, procedures, and processes may be subject to interpretation or undue influence. Proper documentation removes ambi-guity and is thus critical.Policies, procedures, and processes are the fabric of companies. They are essential in the investment industry to ensure successful outcomes for clients. Recall from the Regulation chapter that policies are principles of action adopted by a company. They are typically driven from the top down, with rules cascading down through the vari-ous business units and functional areas of the company. Procedures identify what the company must do to achieve a desired outcome. Processes are the individual steps that the company must take, from start to finish, to achieve that desired outcome. Documentation of policies, procedures, and processes helps to communicate them and to ensure compliance with rules, laws, and regulations. 12Objectives and Classification of Documentation 2015 CFA Institute. All rights reserved.210As illustrated in Exhibit1, documentation in the context of the investment industry does the following:Educatesinforms or provides instructionCommunicatesconveys ideas, concepts, or informationAuthorisesprovides the basis, and often the authority, for actionFormalisesestablishes roles, deliverables, and obligationsOrganisesensures thoroughness and consistency of action, allowing the com-pany to function more efficiently and effectivelyMeasuresprovides a benchmark for measurement and auditRecordspreserves learning within the company (also known as institutional memory)Protectsprovides assurance of a system to safeguard interests and manage risksExhibit1 Objectives of Investment Industry DocumentationObjectivesofDocumentationEducatesCommunicatesAuthorisesFormalisesOrganisesMeasuresRecordsProtectsFrom a legal perspective, documents also establish proof: proof of existence, authority, activity, and obligation. 2.2 Document Classification SystemsWhen using, developing, or reviewing a document, companies and individuals should consider three factors: origin, direction, and level of standardisation.Chapter 20 Investment Industry Documentation211Origin relates to the source of the document. Documents can be classified by their source asoriginal documents,derived documents, orassociated documents.Example1 describes an activitytravelling for workand the classification of docu-ments related to this activity.EXAMPLE1. CLASSIFICATION OF DOCUMENTSAn employee travels for work and incurs expenses while doing so.The receipt for a taxi or a train ticket is an original document.The expense claim form the employee has to fill out when she returns to the office is a derived document; this document exists because of other documentsin this case, the taxi or train ticket receipt.The companys travel policy is an associated document. When filling out the expense claim form, the employee may have to refer to the travel pol-icy to determine which expenses will be reimbursed.Documents “flow” in different directions. Typically, documents associated with pol-icies and procedures “flow down” through a company. Referring back to Example1, the travel policy document may flow down from the human resources department to all employees via an employee handbook. In contrast, documents associated with reporting usually “flow up”. For example, the monthly reports produced by the sales teams flow up to management for review.A distinction can be made between standardised and ad hoc documents:Standardised documents are pre- established. They are crafted for a range of specific purposes. Some standard contracts are tailored by negotiation, but their form, content, and purpose are still pre- established.Ad hoc documents, such as letters, memos, and e- mails, are typically informal. The free- form nature of ad hoc documents means that they carry additional risk for the company, particularly if the records are subpoenaed in a legal dispute. Consequently, companies may implement policies and procedures to impose a process of peer review for ad hoc communication. Peer review should be docu-mented and auditable.Example2 illustrates the objective, origin, direction, and level of standardisation of documentation for a policy relating to risk management, a topic covered in a previous chapter in this moduleRisk Management.Objectives and Classification of Documentation212EXAMPLE2. RISK MANAGEMENT POLICYObjectiveAuthorise, formalise, and communicate in order to explain the companys risk tolerance and risk appetite.OriginDerived from regulation, but specific to the company. Associated with the companys mission and strategy and a variety of related internal documents.DirectionInternal document that flows from the top down.Level of standardisationStandardised policy template, formally drafted, approved by the companys board of directors or similar governance body, and adopted by management. Implemented by the risk management and compliance groups.INTERNAL DOCUMENTATIONInternal documents are generally administrative and formalise policies, procedures, and processes. They help reduce risk by preventing errors and unethical behaviour. So, internal documents are the backbone of a companys risk management and are as important as external documents, such as contracts and regulatory submissions. Internal documents are fundamental to conveying a companys philosophy, approach, and activities. Companies in the investment industry, similar to all companies, are expected to have policies and procedures in place to ensure compliance by employ-ees with applicable laws and regulations. As we noted in the Regulation chapter, it is important to document these policies and procedures so that the company can prove it is in compliance if it is inspected by regulators. It is also important to document that the company follows and enforces its policies and procedures.3.1 Document CreationAn important aspect of document creation relates to the production stylefor instance, the use of a standardised template. Documents that are clearly presented in a style that most people are familiar with help individuals read and understand these docu-ments. They are also easier to use and enable individuals, including board members, to perform their duties more effectively.A standardised template helps maintain version control. Given the level of legislative and regulatory activity affecting most companies, it is rare for policy and procedure documents to remain static. Any changes reflected in a policy document need to be similarly reflected in all associated procedure and process documents. Simply stating the document title, the version number, and the date on which the version came into effect helps ensure that, in case of a review, a company can show it has made efforts to meet the required standards imposed by the relevant laws and regulations. 3Chapter 20 Investment Industry Documentation213Policies, procedures, and processes are living documents and should be subject to a regular review and confirmation process as a function of good governance. This review and confirmation process should not be merely event driven. Even without a notable event, attitudes and practices change over time. So, if policies, procedures, and processes are not regularly reviewed, they can become outdated or even obsolete.A regular review process is often managed with the use of registers, which are doc-uments containing obligations, past actions, and future or outstanding requirements. Registers of the previous and next review dates should be maintained by a control function (generally, the compliance or internal audit function) and scheduled for dis-cussion. A sign- off process is generally also incorporated into the document template.To ensure clear communication and compliance, it is critical to understand the context of the documentation. Rather than just outlining what to do or not to do in a situation, it is better practice to include a sense of why the policy and required documentation are in place and to whom they apply. Examples 3 and 4 show how providing context may improve compliance with a travel policy and limit the risk of insider trading.EXAMPLE3. IMPROVING COMPLIANCE WITH A TRAVEL POLICYA travel policy that simply states that employees must provide both receipts and boarding cards for air travel is not as effective as one that provides additional context of the reasons for the policy. The companys travel policy not only should clearly state that employees are prohibited from downgrading their class of seat or ticket, but also should mention that the rule prevents employees from booking a higher class of seat, downgrading, and then benefiting from either a cash credit or free flights. The consequences of violating the travel policy should also be explained.EXAMPLE4. LIMITING THE RISK OF INSIDER TRADINGA policy statement that merely states that a companys employees will not engage in insider trading is not as effective as one with additional context to make the statement “real” for the employees. It should be explained that the policy has its origin in law and that violation carries penalties for the company and the individual. It should also be explained that the policy applies to everyone who has access to sensitive information that could be considered “inside information”, which includes not only decision makers but also anyone with access to sensi-tive information. For example, the boardroom attendant serving refreshments during board meetings may have access to sensitive information and, therefore, would require training.The importance of understanding the origins of, reasons for, and implications of doc-umentation, for both the company and the individual, should not be underestimated. People create and implement policies, procedures, and processes, and they need Internal Documentation214context in which to learn them, understand them, and attribute the proper degree of importance to them. Failure to do so increases operational risk, which can have severe consequences, as noted in the Risk Management chapter.3.2 Policy DocumentationLaws and regulations require that companies in the investment industry maintain certain policy documents. Policy documents often describe the companys mission, values, and objectives. These documents should be consistent with the companys documents and bylaws, which summarise the legal identity, purpose, and activities of the company.One role of the board of directors is to ensure that the company works within the law and, in doing so, protects and represents the interests of all stakeholders. This over-sight usually results in policy documents that help a company develop and implement procedures and processes. In general, regulation concentrates on outward- facing documentation, such as prod-uct disclosures and other client- focused material. Regulators may issue guidelines for internal documents, but those guidelines are usually not prescriptivethat is, companies generally have flexibility in whether and how to adopt the guidelines or they can develop their own standards.Many companies look externally to identify standards that should be followed. There are numerous standards that can be readily adopted and applied, including those issued by professional groups. For example, CFA Institute has established the Global Investment Performance Standards (GIPS) for the presentation of investment perfor-mance information. In some instances, professional standards are considered “best practices”.It may not be economically feasible, however, for smaller companies to adhere to best practices. An alternative approach for such companies is to apply standards that suit their own specific circumstances. These standards are known as “fit for purpose”, and a company using this approach has to critically assess and document its own needs and requirements. The result should strike a balance between practicality and cost on the one hand, and between control and assurance on the other hand.The keys to good policy documentation are simplicity and transparency. Policy state-ments do not need to be overly detailed, but they should include a statement of intent that explains the purpose and goals of the policy. The statement of intent should cover the circumstances under which the policy is invoked and establish any parameters for its use. The policy document should also clearly designate who needs to comply with the policy and who is responsible for controlling and monitoring activities.3.3 Procedure and Process DocumentationThe role of procedure documentation is often to provide a bridge between the activ-ities that are allowed at the policy level and what needs to happen at the process level. Policies broadly set the rules, procedures help apply policies, and processes divide procedures into manageable actions. To ensure that policies are embedded in Chapter 20 Investment Industry Documentation215a companys culture, various procedures must typically be adopted across different business units and functional areas of the company. In addition, a single procedure could have hundreds of associated processes to be followed.Example5 provides an