Know our risk management

Aug 1, 2023

Risk management

Know our risk management

1. Risk Management


The operation of Futurum Capital Asset Management Ltd. ("Futurum" or "Company") in the capital markets is subject to risks, which are inherent to the nature of the service provided as a securities portfolio manager. The main risks are:

  • Image or Reputation Risk: Any information can damage Futurum's reputation. Therefore, it is essential that all employees follow the compliance rules and the policies and guidelines of the Compliance Department to preserve the Company's image.

  • Operational Risk: Risk related to administrative and technological controls, as well as human errors that may delay or prevent business operations. The main types are:

    • Obsolescence risk;

    • Equipment risk;

    • Technology risk;

    • Electronic market risk;

    • Unintentional error risk;

    • Fraud risk;

    • Staff qualification risk;

    • Money laundering risk;

    • Access risk.

  • Legal Risk: Risk resulting from the inadequacy of the regulatory or legal framework, or from failures in the formalization of business that generate uncertainty over their compliance or existence.

Futurum considers the controls for risk mitigation essential, seeking the continuous improvement of its internal controls (compliance) and staff training. Strategic planning is one of the main control resources, and integrated risk management is assessed at all stages of the Company's investment process.

Any questions or need for advice on actions or investments that may generate risks should be immediately directed to the designated responsible party.

The Compliance Department operates independently from other areas and is not subordinate to any other department or entity of the Company's management. Its main activities include:

  • Client registration (Know Your Client procedures - KYC);

  • Carrying out Anti-Money Laundering (AML) procedures;

  • Verification of compliance and investment policies of the funds;

  • Monitoring of risks of the funds under management;

  • Review of applicable policies in conjunction with external legal advice.


2. Occurrence of Internal or External Frauds


In addition to daily monitoring by the responsible party and the Compliance Department, the Company maintains reports on compliance with its internal policies. The policies contained in the Code of Conduct and Compliance (security, confidentiality, and negotiation) assist in addressing the risk of fraud.

The Company obtains mandates from its clients with specific powers, allowing the movement of resources to be made only between previously authorized accounts, thus preventing possible diversions. Futurum also provides its clients with monthly reports detailing all negotiations carried out on their behalf.

All hired professionals undergo a rigorous evaluation process that includes interviews, analysis of resumes, and references from previous employers.


3. Workplace Security


The headquarters of Futurum, located in a commercial building in a prime area of São Paulo, has access control both at the reception and at the entrance of the Company, with electronic attendance registration and private security. The data processing centers (data centers) also have access control mechanisms to mitigate digital access by unauthorized individuals.

From a virtual security perspective, Futurum has constantly updated antivirus systems and a firewall, in addition to logical control through access passwords for all computers to ensure the integrity of information.


4. Inadequate Practices Related to Clients, Products and Services


All professionals receive appropriate training upon hiring and whenever necessary. The head of the Compliance Department is always directly involved in communication with clients, except in exceptional cases.

With respect to products and services, Futurum promotes active monitoring and analysis of the inherent risks of the assets that comprise the investment funds' portfolios.


5. Compliance of Operations and Products and Exposure to Risks


The continuous monitoring of Futurum's positions aims to verify whether the portfolios are adjusted, in compliance, and fulfilling the investment policy of each fund and with applicable laws. The Company seeks to evaluate and mitigate the following inherent risks of its operations and products:

  • Market risks;

  • Credit risks;

  • Liquidity risks;

  • Portfolio concentration risk;

  • Securities portfolio misalignment risk.

The results of the Compliance Department's evaluations are reported daily to the manager responsible for portfolio management before the CVM.

Futurum conducts pre and/or post-settlement supervision to check for active or passive irregularities in the portfolios whenever there is a change. If a pre-settlement supervision detects the possibility of an active irregularity, the manager is immediately notified so that effective measures for cancellation and/or prevention of liquidation are taken.

If a post-settlement supervision detects a passive irregularity, the Company adopts the best alternative to eliminate it, observing the procedures and terms provided by law. Identified irregularities are immediately reported to the responsible manager before the CVM, who reports them to Futurum's management in weekly meetings, and they are included in the monthly risk exposure report.


6. Concentration Limits


Futurum's activities focus on managing investment funds that may have significant concentration in financial assets of few issuers, with the risks arising from this. Such investments may also be allocated to offshore assets.


7. Liquidity Risk


The assets that compose Futurum's portfolios are of very low liquidity, as they consist of early-stage venture capital investments with a divestment horizon exceeding 10 years and without liquidity in the secondary market. Therefore, periodic liquidity control is not considered necessary or relevant.


8. Counterparty Risk


Futurum manages and minimizes this risk by working only with large market players that have solid financial situations. The Company adopts a rigorous practice of selecting counterparties that requires evaluation of service quality and pricing.


9. System Failures


The Company uses software from recognized companies that undergo rigorous testing and regular maintenance. Futurum adopts back-up systems that store all necessary information, in addition to antivirus systems and firewall to prevent breaches. The security policy in the Code of Conduct and Compliance describes additional practices for controlling the systems.


10. Verification of Compliance with Legal Duties


To mitigate legal risk, the Company relies on legal advice from renowned law firms. These firms keep Futurum informed about updates related to compliance rules and legal obligations through regular publications that update the Company on ongoing changes in Brazilian legislation, norms, and regulations.


11. Business Continuity Plan of the Company


Futurum is also subject to disruption and contingency risks, mainly related to staff shortages and system failures, which can cause cyber attacks and information leaks. The aim of the plan is to anticipate emergency situations and outline strategies for resuming activities in a short timeframe, minimizing the negative impact.

The business impact analysis is conducted annually through a questionnaire developed by the designated responsible party. This form serves as a basis to relate the functioning of teams before, during, and after the occurrence of an event, defining actions and responsibilities for the return to normality.

The Company maintains physical files, with electronic back-up, organized by client and relevant ongoing work. The files are updated monthly and stored in a Google system, with access control segregation by department and responsible party. Each professional must keep their files organized and updated so that, in case of an unforeseen event, another professional can easily continue the work. The filing processes are part of the Company's training policy in the Code of Conduct and Compliance.

Regarding recovery strategies, Futurum adopts, within a maximum of 24 hours, the following measures to implement the plan after a disruption:

  • Recovery of the workplace: Use of alternative and temporary facilities;

  • Utilization of remote access (home office): Employees have the autonomy to perform their activities via remote access system;

  • Utilization of shared data center: Futurum maintains a complete data center containing the necessary information for the full functioning of the Company.

To ensure the effectiveness of these measures, the Company conducts annual tests that evaluate the response speed of employees and the soundness of the proposed solutions, including the capacity for operationalizing work in other locations, the connectivity of the remote access system, and the consistency of the data center.

The Business Continuity Plan is activated upon the Compliance Department's knowledge of any incidents or through communication from any employee to this department.


12. Policy Review


This Risk Management Policy should be reviewed at least annually.

Name: Heloísa Lourenço Ishii Position: Administrator