Valuation and consulting for financial reporting, federal, state and local tax, investment and risk management purposes.Valuation Advisory
In this edition of Valuation Insights, we discuss how cybercriminals are increasingly targeting company employees as the entry point from which to launch cyberattacks, and the measures that companies can take to mitigate their risk.
The Human Element of Cybersecurity
Cybersecurity threats are a reality in today’s global business environment. Cyber criminals and nation state threat actors are more disciplined, funded, and educated than ever before. Complex internal systems also present an increased risk from internal threats such as disgruntled employees.
A greater sense of urgency is needed to bolster organizations’ security efforts in the face of an ever-changing cyber-threat landscape. Ongoing risk assessments and business workflow assessments consistently point to the one area which has been and always will be the weakest point in any organization: the employees. As such, the “human element” must be considered in cybersecurity preparation as it is usually the key factor in a successful attack. It is critical that all users within organizations are not only made aware of potential risks but are also made aware of ways to avoid, reduce, and escalate any risk that they may encounter within the organization in order to reduce the impact of an attack.
In recent months cyber compromises have hit large retailers, banks, corporations and government agencies - the list of victims grows daily. The one consistent theme across most of these attacks is the way in which cyber criminals were successful in using the end user as the vehicle to compromise the organizations.
Users are targeted because threat actors conduct an immense amount of research on organizations to determine which user can be used as the initial target. In today’s digital world everyone has an online presence. This online public presence provides valuable data to threat actors. Data such as who you work for, your role in an organization, and reporting structure can all be found online.
While there is no way to avoid becoming a target, there is a way to reduce the impact of becoming one: training. Training begins in the form of policy and procedure introduction to a firm. Above all else, there needs to be top-down recognition within an organization that cybersecurity is a major area of concern and companies need to take the appropriate measures to mitigate this risk.
What’s more, training your users in online practices when they are out of the office is crucial as it prepares users to be aware of vectors of attack. Duff & Phelps works with companies to make users aware of how best to behave online both in and out of the office. In addition to training, our team creates policies and procedures to effectively message the importance of online practices in reducing the risk of cyber threats to your organization.
A cybersecurity training and awareness program should be complemented with the right set of internal controls. The implementation and regular assessment of internal controls can help safeguard against the risks posed by both accidental and malicious employee actions.
Our services include: in-depth reviews of current cybersecurity risk posture and IT infrastructure; governance and compliance arrangements; drafting and implementing customized cybersecurity policies and incident response plans; specific regulatory advice and support on IT and cybersecurity; and cybersecurity staff training.
Duff & Phelps assists with:
Duff & Phelps Increases Recommended U.S. Equity Risk Premium
The Equity Risk Premium (ERP) changes over time – it is cyclical through the business cycle. Fluctuations in global economic and financial conditions warrant periodic reassessments of the selected ERP. Based on prevailing market conditions, Duff & Phelps increased its U.S. ERP recommendation from 5.0% to 5.5% when developing discount rates as of January 31, 2016 and thereafter. This recommendation will be maintained until such time evidence suggests that equity risk in financial markets has materially changed.
We developed our current ERP recommendation in conjunction with a “normalized” 20-year yield on U.S. government bonds of 4.0% as a proxy for the risk-free rate, implying a 9.5% (= 4.0% + 5.5%) “base” U.S. cost of equity capital estimate at the end of January 2016. Were one to use the spot yield on 20-year U.S. Treasuries of 2.4% as of January 31, 2016 in building a cost of equity estimate, the corresponding ERP would be 7.1% to reflect the difference in the base risk-free rate of 1.6% (= 4.0% - 2.4%).
The ERP is a key input used to calculate the cost of capital within the context of the Capital Asset Pricing Model (CAPM) and other models. Duff & Phelps employs a multi-faceted analysis to arrive at its recommended ERP, which takes into account a broad range of economic and financial markets information, as well as different estimation methodologies.
During 2015, we started seeing some signs of increased risk in financial markets. Concerns that the global economy might be slowing and deflationary pressures troubled investors in 2015. Tumbling oil and other commodity prices reinforced investor anxiety over stagnant growth in the Eurozone and Japan, as well as a deceleration in several emerging-market countries, with a particularly focus on China (considered by many analysts as the engine of growth for the global economy). Global financial markets reacted negatively to these trends in August and September of 2015, but settled down towards year-end.
Early 2016 economic indicators pointed to moderate real growth for the U.S. economy. In recent years, the U.S. economy has been expanding at a modest rate, but generally better than other major developed economies, with risks of recession seemingly tempered. The U.S. employment situation has been improving markedly, while consumer confidence and business sentiment have been generally stable.
On the other hand, inflation has been persistently below the Federal Reserve Bank’s (Fed) target of 2.0%. The sharp decline in oil prices since 2014 has put additional pressure in an already very low inflation environment. For perspective, the price of Brent crude oil was at $115/barrel in mid-June 2014; since then prices declined to $38/barrel at the end of 2015, a cumulative 67% decline in the space of a year and a half.
While the evidence was somewhat mixed at December 31, 2015, we saw clear indications that equity risk in financial markets had increased significantly as of January 31, 2016. During January, broad equity indices (e.g., the S&P 500) across the globe suffered significant losses, market volatility spiked, and credit spreads of U.S. high-yield over U.S. investment-grade corporate bonds continued to widen substantially (affecting companies outside the oil and mining sectors).
This led global investors to seek safe-haven investments, such as securities issued by the U.S., Germany, and United Kingdom governments, causing sharp declines in government bond yields for these and similar countries. Despite the fact that in December 2015 the Fed decided to raise U.S. interest rates for the first time since the beginning of the 2008 global financial crisis, financial markets began attaching a lower probability of further increases in the near term.
Duff & Phelps monitors two additional quantitative models as corroboration of the qualitative factors discussed above. Both of these models indicated a higher ERP at the end of January 2016 relative to our prior recommendation issued back in February 2013. Taken together, we found sufficient support for increasing our recommended ERP relative to our previous recommendation. Accordingly, Duff & Phelps recommends a U.S. Equity Risk Premium of 5.5% when developing discount rates as of January 31, 2016 and thereafter, to be used in conjunction with a normalized risk-free rate of 4.0%.
Since early March, financial markets have somewhat stabilized, with volatility decreasing, credit spreads narrowing somewhat, and stock market indices recovering from their low levels of February 2016. Nevertheless, signs of risk aversion remain high, with yields of safe-haven government bonds remaining at depressed levels, and lower than at the end of 2015. At its mid-March 2016 meeting, the Fed decided not to raise interest rates and downgraded its expectations of further hikes in 2016 to just two (from the four predicted back in December). Its decision was partly based on a dimmed view of global economic growth and associated volatility in financial markets.
We do not adjust our recommended ERP until there is clear indication that it has meaningfully changed. While the stock market itself may fluctuate widely at times, we examine several indicators before changing our ERP recommendation. Our clients are generally making long-term investments and need a long-term ERP perspective. Small interim up-or-down changes in ERP indications are inconsistent with a longer-term view.
No Quick Fix on Valuation
In July 2013, two years after it hit the EU statute book, the Alternative Investment Fund Managers Directive was transposed into UK law. Designed to improve the administration, management and marketing of alternative investment funds throughout the EU’s 28 member states, the Directive’s investor protections present a series of potential compliance problems.
While those challenges are material, the slow pace of transposition at a national level may have lulled some managers into a false sense of security about the willingness of regulators to take enforcement action against funds yet to take steps to comply. This, however, could be a potentially very costly mistake, as regulators are beginning to bare their teeth.
Indeed, the consequences of making insufficient provision on valuation can be severe. Between 2013 and 2015, there were a number of sanctions or settlement agreements between investment managers and the French financial regulator, the Autorité de Marchés Financiers, around valuation shortcomings. Luxembourg’s Commission de Surveillance du Secteur Financier (CSSF) and the UK’s FCA have adopted tough standards for investment managers – particularly those who have appointed management companies (ManCos). Inadequacies in valuation processes could potentially result in further action, especially after the FCA publishes the final version of its consultation paper on valuation.
Valuation of assets poses a particular problem. The Directive mandates several layers of conditions for legal valuation and where legal complexity is great, the chances of being found liable are high. For example, the EU legislators have aimed to decrease conflicts of interests and increase transparency within funds. Consequently, the Directive mandates that those valuing assets must be functionally independent from portfolio management, while all policies for valuation have to be procedurally consistent, fully documented and tailored to each asset within the fund.
The question of who is best qualified and placed to value the assets within a fund is extensively addressed within the Directive. Regulators can deem fund managers themselves competent to value fund assets. However, according to strict rules separating the valuation from the investment function, putting in place sufficient governance around valuation is impractical for many managers. Because ManCos, however, are by definition separated from the investment function, establishing independence isn’t the problem. The problem for ManCos is in having the breadth and depth of professional expertise to value all of the different types of financial instruments and asset classes that their investment managers may venture into. When the assets held by a fund are illiquid or so called ‘hard-to-value’ level 3 assets, the problem is dramatically amplified. Hiring external valuers may be an option. This isn’t a quick fix, however, as the Directive is clear that these hired hands must be professionally registered and have strong valuation expertise. The underlying assumption throughout these regulations is that only the best asset valuers will do.
ManCos are often intricate vehicles that were growing in popularity even prior to the Directive, as they offered funds a platform for expansion into new territories without the requirement for large local capital investment. With the advent of the Directive, however, they have taken on a new purpose – compliance with Article 15, which requires the risk management functionaries to be separate from the people who actually put money to work.
While ManCos don’t interfere with the day-to-day running of a fund, they take a prominent role in corporate governance and often take responsibility for asset valuation. This frequently presents a potential compliance risk, as that valuation service is often not sophisticated enough for the purposes of the Directive. Furthermore, the responsibility for effective valuations remains with the fund, even if it has delegated that function to a ManCo.
AIFMs can ill afford the reputational damage amongst investors that even the mildest regulator action can inflict. Consequently, putting unqualified ManCos in charge of valuation, with no accompanying transfer of responsibility, is a gamble not worth taking.
Those managing an alternative investment fund face both an opportunity and a threat from the Directive. The ability to market throughout Europe is an opportunity many funds will understandably wish to seize. But before they proceed, managers must ensure that they properly comply with the Directive’s regulations.
Thorough initial and ongoing operational due diligence when using external valuers is key, as is a deep understanding of the nature of their services. Acting on qualified advice, investment managers and ManCos must decide whether they are competent to undertake valuations themselves, with the support of an independent valuation opinion, or whether they are more suited to a conventional external valuation team. Whichever route they take, they must be able to demonstrate to both investors and regulators that they have taken the decision with compliance, rather than cost or convenience, in mind. The ramifications if they cannot could be grave.
American Appraisal Rebrands as Duff & Phelps
In February of 2015 Duff & Phelps completed the acquisition of American Appraisal Associates, Inc., a global full-service valuation and fixed asset management advisor. The transaction bolstered Duff & Phelps’ world-class valuation capabilities, adding professionals in more than 50 offices globally and significantly expanding its geographic footprint in Europe and Asia.
On April 1, 2016, the American Appraisal business was rebranded as Duff & Phelps. The business has been seamlessly integrated into Duff & Phelps’ Valuation Advisory Services business unit. The acquisition significantly expanded Duff & Phelps’ capabilities in the areas of financial reporting and tax valuation, machinery and equipment valuation, fixed asset management, and property insurance appraisal, among other services. The combined practice provides valuation services, spanning every asset class, delivered with independence and technical rigor.
As a result of this transaction Duff & Phelps is now the largest, independent provider of valuation services in the world. Noah Gottdiener, Duff & Phelps’ Chief Executive Officer, said, “The American Appraisal acquisition represents an important milestone for Duff & Phelps. We brought together firms that, collectively, possess more than two centuries of experience providing superior client service and insight to boards of directors, senior management teams and finance professionals around the world.”
Valuation and consulting for financial reporting, federal, state and local tax, investment and risk management purposes.Valuation Advisory
Leading provider of goodwill, intangible and long-lived asset impairment testing.Goodwill and Intangible Asset Impairment
Alternative investment valuation for private equity and hedge funds.Portfolio Valuation
#1 ranked provider of fairness opinions for boards of directors and special committees.Fairness Opinions
has been acquired by
a portfolio company of
has sold its Power Solutions Business to
Independent financial advisor to the board of directors of Johnson Controls