Risk Management For PE Firms

Events over the past few years have put into question the adequacy of risk management within the private equity industry.

Gone are the days when directors and fund managers can manage risk through policies and procedures that are only casually followed and enforced. Recent changes to, and the enactments of, domestic and foreign rules and regulations surrounding risk oversight have some controversial, far reaching effects that must not be taken lightly. This new legal landscape is making its way through the international community. In order to ensure compliance on the international level, changes to internal policies and procedures with regard to risk oversight must be made by general partners and fund management companies for the benefit of themselves and their portfolio companies.

The Legal Landscape

Regulators are starting to stress the need for better risk oversight and a greater degree of risk awareness in the broader investment community. The common idea inherent in most of the rule changes? The “tone from the top” is the leading theme—measures taken by top-level management trickles through a corporate hierarchy, which results in successful risk oversight. For instance, at the most basic level, recent case law in Delaware has emphasized the importance of a director’s involvement in managing risk. Although it can be difficult to hold any director of a company liable for failing to manage risk properly, it has been held that a director’s obligation includes a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate, exists, and that failure to do so under some circumstances may, in theory, render a director liable for losses caused by non-compliance with applicable legal standards.

The Securities and Exchange Commission has also adopted rule and form changes that seek to improve corporate disclosure regarding risk. More specifically, the changes require registrants to make new or revised disclosures about, among other things, the board of director’s role in risk oversight. Further, the Dodd-Frank Wall Street Reform and Consumer Protection Act, which mainly focuses on the regulation of financial institutions, addresses corporate governance policies with respect to risk committee structures. For instance, the Dodd Act calls for each non-bank, public financial company supervised by the Board of Governors of the Federal Reserve System to form a separate risk committee, as well as public bank-holding companies with total assets in excess of $10 billion. Lastly, the Walker Report, an extensive assessment of corporate governance practices in the major UK banks, financial institutions and other organizations, emphasized through various recommendations the need to achieve a higher level of corporate and risk governance that is reflective of the complexity, systematic importance and the inherent nature of such organizations’ risk taking activities.

The rules and regulations discussed above, although important, are not nearly as troublesome as the UK Bribery Act 2010, which not only exposes these organizations and anyone associated with them to civil liabilities, but criminal liabilities as well. The Bribery Act constitutes a sweeping revision and expansion of the United Kingdom’s anti-corruption legislation. It creates broad prohibitions on both public sector and commercial bribery for essentially any company or person with a connection to the United Kingdom. The jurisdictional reach of the Bribery Act is potentially profound and generates the need for any fund with operations in the United Kingdom, or funds doing business there (e.g., retention of local advisers, acquisition of UK portfolio companies, employees or directors residing in the United Kingdom, etc.) to closely evaluate its anti-corruption compliance policies and procedures.

Investor’s Perspective

Some investors were shocked by the unpredictable market moves that have occurred during the recent financial crisis. Some argue that the failure of current risk management practices when they were most needed are what caused the demise of certain private equity funds or their portfolios. This has caused many investors to question fund managers’ and general partners’ risk oversight strategies and the meaning of a well-diversified portfolio. As a result, investors in private equity funds have seen an increase in their influence for setting terms and conditions in the formation documents. Additionally, investors are beginning to be more cognizant themselves of the risks associated with the funds in which they pool their assets. Accordingly, they also have an increased interest in a well-functioning risk management concept, framework and process, which are imperative for minimizing risks and maximizing future performance of a fund’s portfolio companies.

Managing Risks

In order to establish sound risk oversight principles, it is necessary to recognize the risks particular to an industry and effectively monitor and manage those risks. Most importantly, the risk management framework should align itself with the investment objectives of the fund, and touch upon multiple aspects of risk. In addition, with regard to portfolio acquisitions, inherent financial, legal, managerial and operational risks can often be difficult to unearth in a relatively short due diligence process. While no deal is completely free of risk, a private equity fund can increase its success rate by identifying as many potential risks as possible early enough to mitigate any potential effects.

Many funds are now hiring or designating a risk officer to help coordinate the oversight of risk. However, risk management should not be limited to a single risk oversight officer. Everyone involved in the investment process, from the CEO and board members of the portfolio companies to the fund manager and general partner, should be focusing on risk oversight. For instance, fund managers and portfolio companies’ boards and senior management should set the appropriate “tone at the top” by requiring a strong compliance culture that is well communicated and incorporated into day-to-day operations. It is also important to use the information from the recognition and monitoring layers effectively to ensure that the portfolio management is aligned with risk expectations and tolerance.

Finally, risk management should not be limited to just after-the-fact reporting. Those responsible for making investment decisions and managing a fund’s portfolio should continue to monitor and assess the risk versus return tradeoffs. Being prepared for unexpected or unlikely market events is imperative, and requires fund managers and general partners to analyze the global economic outlook, understand the aggregate portfolio exposures and align the portfolio structure with the assessment of the risks that may impact the well-being and success of the portfolio.

Limiting Indemnification Risks

In addition to risks inherent in the private equity industry, the case of Levy v. HLI Operating Company Inc. has many re-thinking risks associated with indemnification arrangements found in fund formation documents and how they interrelate with their portfolio companies. Issues may arise when a fund’s general partner is entitled to indemnification both from the portfolio company on whose board one of the partners sits and from the fund itself. The court in Levy held that absent an agreement to the contrary, the fund and the portfolio company have shared liability for indemnity claims required to be paid. This is contrary to what has initially been the thought—that claims were automatically first a portfolio company responsibility and that the fund would only be liable to the extent such portfolio company was unable to pay what was required under the indemnification (including whatever could be recouped through D&O insurance). Practically, the Levy case may have broad implications on funds, their sponsors and investors. Many formation documents have similar indemnification provisions, which may cause confusion and unintended results as to the order of sharing liability in the case of an indemnity claim. This is all more the reason to be explicit in the fund documents as to the order of sharing liability preferences if the fund managers intend for portfolio companies to be liable for indemnification claims first and foremost.

The legal landscape surrounding risk oversight is continually evolving. As more guidance is issued, it is becoming clearer what will be expected of fund managers and general partners with respect to their risk management or monitoring procedures that must be in place. Fund managers and general partners must also be able to recognize risks before they occur and take a more proactive role in their management rather than a reactive one. In addition to the typical risks associated with the private equity industry, it is also imperative that they focus on incorporating clear and well-thought out indemnification provisions within the formation documents to prevent confusion and unintended results with regard to order of sharing liability. All of the above will enable private equity funds to reduce risk exposure and ensure legal compliance.

Heidi Lawson is a partner in the London and New York offices of the international law firm of Chadbourne & Parke. She is reachable at 011 44 20-7337-8166 or 212-408-2330 and by email at hlawson@chadbourne.com