Insights from SIFEM’s Pilot Initiative for its Fund Managers.
Insights from SIFEM’s Pilot Initiative for its Fund Managers.
Cyber threats and data protection are growing challenges for businesses and investors everywhere. As technology becomes increasingly central to how we work and live, the risks of cyberattacks, data breaches, and regulatory pressures are rising, especially in emerging markets, creating both challenges and opportunities.
For institutions like SIFEM, whose mission is to drive positive impact in developing economies, these risks represent a barrier to achieving development goals. If left unaddressed, cyber and data vulnerabilities can undermine trust, disrupt operations, and ultimately stifle the financial performance and impact potential of investments.
Recognizing these challenges, SIFEM, via its portfolio and technical assistance facility (TAF) manager responsAbility Investments AG, has taken a proactive step. SIFEM’s TAF launched a pioneering pilot program in 2024 to help its portfolio fund managers efficiently assess and strengthen their cybersecurity and data protection practices, and to share tools and insights that may inspire collaboration and further exploration by other Development Finance Institutions (DFIs).
Cybersecurity is both a technical issue and a matter of trust, reputation, and the ability to securely do business in a connected world. Investors, regulators, and even insurers are paying closer attention to how organizations manage digital risks. Poor management of such risks can also erode the very impact that DFIs seek to create, by exposing communities and businesses to avoidable harm and potentially, to high costs.
For fund managers and the companies they support, strong cybersecurity and data risk management practices are now critical parts of good governance and long-term success.
SIFEM has adopted a practical and collaborative approach to its efforts. The project, implemented by Valoris Stewardship Catalysts, worked closely with a group of nine “pathfinder” fund managers from across Asia, Africa, Eastern Europe, and Latin America. These managers helped SIFEM design, test, and refine a new cybersecurity assessment tool for SIFEM’s fund managers, reflecting their risk priorities and operating realities, and tailored to the realities of emerging markets.
The project team developed a streamlined questionnaire covering key “red flag” areas of cybersecurity risk management, including risk governance, data governance, key technical controls, third-party management, incident response, and business continuity. The questions reflect globally recognized standards distilled into practical checkpoints accessible to business and investment staff understanding, and consistent with standards of fiduciary expectations. Twenty-six fund managers, including the nine pathfinders, in SIFEM’s portfolio responded to the streamlined survey questionnaire. The team also developed scoring and visualization methodologies facilitating assessment of fund manager performance, including against peer managers operating in similar jurisdictions and sectors, all sourced from the survey responses.
The pilot revealed that most participating managers were already aware of cybersecurity risks and had started taking action, there remain important areas where further support and improvement are needed. Notably:
The project team found a wide range of cybersecurity maturity across SIFEM’s partner fund managers, ranging from initial awareness, to evolving maturity, and clear industry leadership. The spectrum of capacities and strengths opens up potential opportunities for knowledge-sharing and cooperation that can be enhanced through an intentional, supportive approach.
This finding yields one of the most promising project outcomes. By sharing experiences, lessons learned, and practical tools, and by bringing in industry experts, this community can help everyone raise their game—making funds more competitive, resilient, and attractive to investors. Moreover, the tools and resources developed by this project—such as the survey questionnaire, analytical charts, and guidance notes that can help identify areas for improvement—are designed to be open and adaptable. As the community strengthens, the community can enhance the tools offered, benefiting from a wider range of perspectives, expertise and experiences.
Finally, by equipping fund managers with practical cybersecurity and data protection solutions, the initiative helps them strengthen the governance of their investee companies, and ultimately enhance trust and long-term value across their portfolios.
The experience and insights gained from this SIFEM-led pilot demonstrate, first, that fund managers value practical guidance in cybersecurity and data governance, even (or especially) in resource-constrained, and sometimes challenging environments, and, second, that carefully prioritized tools can establish an efficient, streamlined platform for investor assessment and fund manager support.
Building on the findings and momentum generated by this project, SIFEM believes there is a real opportunity to scale this initiative further, to incorporate the lessons learned and expertise from its peer DFIs, and to drive industry-wide progress. To do so, SIFEM looks forward to partnering with peer DFIs that share the vision of safer, more resilient, and trustworthy investment ecosystem in emerging markets.
By joining this growing community, fund managers can access practical tools, share best practices, anonymized peer benchmark on cybersecurity maturity, and collaborate on solutions tailored to emerging markets. For DFIs in particular, this is an opportunity to help shape the scale-up phase of this project and explore ways to strengthen cybersecurity practices across portfolios.
The Swiss Investment Fund for Emerging Markets (SIFEM) serves as Switzerland’s Development Finance Institution (DFI). Established in 2011 as a public limited company fully owned by the Swiss Confederation, SIFEM plays a key role in Switzerland’s international cooperation strategy. SIFEM provides long-term financing to small and medium-sized enterprises (SMEs) in developing and emerging countries through local financial intermediaries. By doing so, SIFEM aims to reduce poverty while fostering sustainable, inclusive, and resilient economies. Its focus also extends to tackling the root causes of climate change and enhancing communities’ resilience to its effects.SIFEM AG is a private limited company, the shares of which are 100% owned by the Swiss Confederation. It is legally domiciled in Bern, Switzerland, under UID CHE-112.401.487. The shareholder rights are exercised by the Federal Council, the highest executive authority in the country. The State Secretariat for Economic Affairs (SECO), together with the Federal Finance Administration (FFA), assume supervisory and controlling functions ensuring that investments are fully in line with their remit and that federal funds are used purposefully.
If you’re interested in learning more or want to get involved, please reach out to the SIFEM Technical Assistance Facility via Tej Bhattarai, Senior Project Manager at responsAbility Investments AG, to join our next meeting and/or discuss how your organization can benefit and contribute.
How AI can transform finance.
