Overview
With a commitment to building the next generation of fund administration, Vector offers closed-end fund managers industry-leading technology, top-tier talent, innovative workflows, and a comprehensive suite of integrated fund services.
Service Provided
- SOC 1 Reports
Challenge
To demonstrate the effectiveness of its internal controls over financial reporting, Vector AIS enlisted Sensiba to conduct a SOC 1 audit. As a service organization, Vector needed to demonstrate it had effective controls in place to safeguard the funds it was managing for clients.
“Our clients want their investors to feel comfortable that we’re taking care of the investments in the funds we service,” says Chief Operating Officer Kristina Dayback. “Having a SOC 1 report helps us demonstrate we’re a trusted service provider.”
Being satisfied with two SOC 2 audits Sensiba had performed previously for Vector, the client engaged the firm and began preparation for the SOC 1 review.
Solution
To kick things off, Vector and Sensiba began by reviewing the audit approach and methodology to ensure Vector understood the goal of the engagement. Next, Sensiba performed walk-through meetings with the Vector team to understand the system and identify current controls that were already in place, as well as noted areas that lacked controls. Finally, Sensiba was able to perform the audit by outlining the required and expected evidence needed from Vector. “They made us feel really comfortable about the process,” says Dayback.
“They outlined the controls they were testing, what they would be looking for, and the best ways to provide the information they’d need. We knew well in advance what we had to do to support their team, and we were confident the audit would be a seamless experience.”
Result
Obtaining a clean audit opinion in the SOC 1 report has helped improve Vector’s position in the marketplace. Vector had two clients that were requesting the firm demonstrate SOC 1 compliance, and Sensiba was able to deliver a report that met those client needs. Working with Sensiba, Vector was also able to complete the audit well ahead of client deadlines. “Clients are looking at this,” says Dayback. “SOC compliance helps legitimize our business offering and lets everyone know we’re a real player in this space, and we take what we do seriously.”
Examining its controls and documentation to prepare for the audit also enhanced Vector’s understanding of its key risks, as well as the steps it has taken to mitigate those exposures. “The process was relatively easy and we’re continuing to see benefits because we established a clear framework from the beginning,” says Dayback.
Dayback recommends that firms approaching a SOC 1 audit invest time to examine the risks first, and then prioritize the controls addressing those risks. “Focus your efforts on the controls that make the most impact. I’ve done other SOC audits, and some vendors made it overly complicated by focusing on all the controls at one time. Start with the critical risks, put the controls around them, and work with your internal teams to ensure the controls align with how they do their job internally.”
Ready to get started?
Find out how our Risk Assurance team can help you with your compliance. Contact us to learn more about how we can work together toward your goals.
