22. The SWF should have a framework that identifies, assesses, and manages the risks of its operations.
22.1. The risk management framework should include reliable information and timely reporting systems, which should enable the adequate monitoring and management of relevant risks within acceptable parameters and levels, control and incentive mechanisms, codes of conduct, business continuity planning, and an independent audit function.
22.2. The general approach to the SWF’s risk management framework should be publicly disclosed.
The APFC Board is concerned with operational and investment risk to the Alaska Permanent Fund. There is no single document that codifies a risk management framework, but there are various means by which the Board addresses risk.
The Fund’s asset allocation is based on the risk profile of each asset type both separately and collectively as a portfolio. Reviews, that are conducted at least quarterly, and in some cases monthly or daily, ensure the Fund’s investments are in compliance with the Board’s stated policies.
To limit the risk of fraudulent actions, the custodian and APFC have written policies and procedures that must be followed for all asset movements.
APFC’s employees have controlled access rights to the cash transfer system and all transfers must be created by one employee and authorized by at least one other employee. All cash flows are reconciled daily and monthly by various staff members.
The Fund’s information technology network has security procedures and firewalls in place and is regularly backed up.
There is a business continuity plan and contingency plans are in place for transferring the management of the Fund to other locations or outside managers on a temporary basis.
Investment reports are produced internally on a daily and monthly basis, both internally and by the APFC Board’s consultant. APFC’s investments are regularly reviewed at the portfolio level for historical risk scenarios, stress tests, tracking error and value at risk among other measures. Individual asset class managers use specific measures for their asset classes to monitor duration, credit risk, etc. The duties of APFC’s investments and accounting sections are kept separate, and each employee’s duties are listed in their job description.
APFC has system access controls with written policies and procedures, as well as monthly reconciliations. State law requires that an audit be performed annually by an external auditor.
The ethical conduct of APFC staff falls under the Alaska Executive Branch Ethics Act, and APFC-specific statutes require APFC Board members and staff to report personal investments which are also held by the Permanent Fund.
APFC has a risk management framework that is applied at the portfolio and Fund level, it is included in APFC’s Investment Policy. The APFC Board of Trustees regularly discusses its approach to risk management at public meetings, the board packets and minutes of which are posted at www.apfc.org.