Empowering Independent Directors with Independent Information

Due Diligence for fund governance professionals.

In an ever more sophisticated governance, risk and compliance environment, fund directors must oversee both investment and operational risks as part of their fiduciary and regulatory obligations when serving on a fund board.

GovernanceDiligence provides directors with a powerful set of diligence tools to meet these evolving challenges - across operational, investment and cybersecurity risks.

Delivering a wholly independent and objective perspective, GovernanceDiligence helps directors benchmark fund operational practices against the broader industry. Directors can then validate that service providers such as administrators, auditors and compliance consultants actually meet best practice - rather than relying on the service providers' own representations as to their service quality. 

GovernanceDiligence equally provides comprehensive, independent risk tools to evaluate the investment strategy, process and risk management as well as the manager’s cybersecurity framework maturity, access and procedures.


Onsite due diligence and comprehensive due diligence reporting for higher risk managers.


RiskReview provides our assessment of the strengths and weaknesses and our overall risk and investment diligence opinion.


Informing the Board around cyber risks.


OpsReview provides our assessment of the operational strengths and weaknesses of each manager and fund.

Each OpsReview includes:

  • Detailed data pack, including Castle Hall’s “trust but verify” check
  • Onsite review to evaluate the manager’s control environment, systems and culture face-to-face
  • Administrator due diligence, validating that the administrator's controls operate as described. Castle Hall also identifies gaps which could impact the quality of administrator oversight around accounting, reconciliation, valuation and cash movements
  • Comprehensive due diligence report

For Directors, OpsReview engagements can be conducted pre launch to support the initial establishment of the fund, leveraging Castle Hall's decade plus exposure to operational best practice. OpsReview engagements can equally be conducted later in a fund's life, as directors look for new information to inform their oversight and help meet their fiduciary responsibilities.


RiskReview provides our overall risk and investment diligence opinion. Each RiskReview evaluates the investment approach, the investment process and risk management across a proprietary, 20 factor risk matrix.

RiskReview includes RiskAnalytics, our quantitative reference pack, confirmation of key data points (portfolio holdings, position size, and track record), and an In-depth review to evaluate the strategy and the manager’s investment decision making process and risk management methodology and process.

Similar to OpsReview, a RiskReview engagement equips the directors with objective, external information to help improve the quality of Board oversight. The investment manager will often justify individual decisions to increase leverage, not close out a trade in line with previously discussed stop losses, or increase the allocation to Level 3 hard to value securities. Directors, however, should be aware of the aggregate risk landscape and be proactive to identify a changing risk profile. RiskReview provides the tool for directors to ask more informed questions and more effectively monitor the manager's investment process and risk management procedures.


Each CyberSecurityReview considers a consistent matrix of more than 150 risk factors. The inventory of risks considered, in each of the 10 key risk areas, include:

  • Cybersecurity Ownership
  • Cybersecurity Framework
  • Data Classification
  • User Access
  • Data, Network and Hardware Security
  • Change Management
  • Personnel
  • Vulnerability and Patch Management
  • Incident Response
  • Security Awareness and Training

For directors, a cybersecurity review provides an independent perspective on the asset manager's cyber risk profile. With more information, directors can question the manager and their IT provider around hard issues (network security, vendor selection etc.) and soft issues such as training programs, documentation, and overall cyber posture across the firm.

Learn More About GovernanceDiligence

Contact us to learn more about our GovernanceDiligence services.

Contact Us
govD - ipad + iphone