Knowledge work automation
15 min read
—
Casimir Rajnerowicz
Content Creator
Operational due diligence in private equity is the investigation that sits alongside investment analysis but asks a fundamentally different question. Investment due diligence asks whether a manager can generate returns. Operational due diligence asks whether the organization running the fund is structurally capable of surviving long enough to deliver them, whether client assets are properly segregated and controlled, whether the compliance infrastructure is real or cosmetic, and whether the operational risks the fund carries are proportionate to the mandate it has accepted.
These are not secondary concerns. The high-profile failures in alternative investments over the past two decades, whether through fraud, misappropriation, or operational collapse, were almost always preceded by identifiable ODD failures: custody arrangements that were never independently verified, valuation processes that lacked genuine independence, compliance structures where the CCO reported to the PM rather than to the board, cybersecurity postures that had never been externally tested. In each case, the investment thesis was plausible enough to attract capital. The structure that was supposed to protect that capital was not.
Operational due diligence private equity programs have expanded considerably since these failures, driven by LP demand, regulatory pressure, and the growing complexity of fund structures across both private equity and hedge fund strategies. What was once a checklist reviewed by a generalist allocator is now a specialist discipline with its own frameworks, questionnaire standards, and professional associations.
This guide covers operational due diligence from first principles: what it is, how it differs from investment analysis, which workstreams matter and why, how to run the process efficiently, and where AI agents are now changing the capacity and consistency of ODD programs across institutional allocators.
Chat with your files and knowledge hubs
Expert AI agents that understand your work
Get started today
What is operational due diligence?
Operational due diligence (ODD) is the structured evaluation of an investment manager's organizational infrastructure, operational controls, legal structure, compliance practices, and risk management framework. It is conducted by allocators, including pension funds, endowments, family offices, sovereign wealth funds, and funds of funds, before committing capital as part of the broader PE fund due diligence process, and repeated on a monitoring basis throughout the relationship.
The scope of ODD has expanded materially over the past decade. Early ODD programs focused primarily on custody arrangements and fund administrator independence: verifying that assets were held by a reputable third-party custodian and that NAV calculations were performed by an independent administrator rather than the manager itself. These remain core. But the current scope now extends to governance structures and conflicts of interest, cybersecurity and data protection practices, business continuity planning, valuation policy and committee independence, regulatory registration and compliance monitoring, cash movement controls and authorization frameworks, AML and KYC processes, and, increasingly, whether the manager has a formal policy on artificial intelligence usage within the investment and operational process.
Operational due diligence covers distinct workstreams — organizational governance, technology infrastructure, compliance, valuation policy, and business continuity — each requiring specialist review.
The AIMA and ILPA have both published standardized ODD frameworks to support allocator programs. The AIMA Due Diligence Questionnaire is the industry standard for hedge fund managers; the ILPA Standardized DDQ covers the private equity manager context with expanded sections on governance, ESG, and diversity metrics.
ODD vs investment due diligence: a critical distinction
Investment due diligence and operational due diligence are complementary but entirely distinct functions, and conflating them creates systematic blind spots in manager selection programs.
Investment DD evaluates the investment process: the manager's edge, track record, risk management approach, and the sustainability of the returns they have generated. It asks: is this strategy repeatable, and is the performance attributable to skill rather than leverage or market timing?
Operational DD evaluates the organizational and structural context in which that investment process runs. It asks: if this manager's edge is real and the strategy is sound, is the operational environment capable of preserving investor capital through market stress, personnel change, a regulatory inquiry, or a cybersecurity incident? A manager can have a compelling investment thesis and a genuine track record while carrying operational risks that a sophisticated LP would consider unacceptable.
This distinction matters because ODD failures are not investment failures. They are organizational ones. The fund that generates strong returns for three years and then collapses because of a key-person departure, a custody dispute, or a data breach does not become a cautionary tale about investment process. It becomes a cautionary tale about operational due diligence.
The 7 core workstreams in operational due diligence
A comprehensive ODD program covers seven areas, each of which addresses a distinct category of operational risk.
Governance and legal structure. This workstream reviews the fund's legal entities, ownership structure, and governance framework. Key questions include: who owns the management company, and are ownership interests documented and undisputed? Is there a board with genuine oversight authority, or does effective control rest entirely with the investment team? How are conflicts of interest identified and managed? Who receives carried interest and performance fees, and is that structure aligned with LP interests?
The ODD document review problem is a volume and consistency problem: a single fund evaluation generates thousands of pages across questionnaires, audit reports, regulatory filings, and supplementary disclosures.
Key personnel and organizational stability. This workstream evaluates the human infrastructure of the firm: who are the key individuals, what are their qualifications and track records, how dependent is the business on one or two individuals, and what succession or retention arrangements exist? Staff turnover data, compensation structures, and any recent organizational changes are reviewed here. Key-person risk in small PE and hedge fund firms is among the most frequently cited ODD concerns.
Compliance and regulatory oversight. This workstream verifies the manager's regulatory registration status (SEC, FCA, FINRA, or equivalent), reviews the compliance monitoring program, assesses whether the Chief Compliance Officer has genuine operational independence, and examines disciplinary history. Any regulatory inquiries, enforcement actions, or formal investigations, even if resolved, are documented and assessed for pattern significance.
Operations and service providers. This workstream covers the mechanics of how the fund operates on a daily basis: who administers the fund, who provides custody, who performs the audit, how NAV is calculated and reconciled, how trade execution is handled, and whether any operational functions have been outsourced and to whom. Service provider independence is central: the quality of ODD is only as good as the quality of the third parties the manager has engaged.
Valuation policy and independence. This workstream reviews how the manager values its portfolio, whether the valuation policy is formally documented, whether valuations are independently reviewed by a committee that includes non-investment personnel, how frequently formal valuations occur, and whether any third-party valuation providers are used for illiquid positions. Valuation manipulation, however subtle, is one of the most persistent sources of LP harm in alternative investments.
Cash controls and financial operations. This workstream examines the fund's cash movement authorization framework: who can instruct cash movements, what approval protocols apply, how reconciliations are performed, and whether custody and banking arrangements are consistent with stated operations. Dual-signature requirements, separation of instruction and approval authority, and independent reconciliation processes are assessed here. In a well-structured fund, no single individual should be able to instruct a cash movement without a second independent approval.
Cybersecurity and business continuity. This workstream has become one of the most material in the current ODD landscape. Allocators now assess whether the manager has a formal cybersecurity policy, whether staff receive cybersecurity training, whether penetration testing is conducted by a third party, how data is maintained and backed up, and whether there is a documented business continuity plan that has been formally tested. The EY 2025 analysis of ODD priorities identifies cybersecurity and AI governance as two of the fastest-growing areas of allocator scrutiny, with AI policy documentation now appearing on most institutional ODD checklists for the first time.
The ODD questionnaire: AIMA, ILPA, and the format challenge
The primary data collection mechanism in operational due diligence is the ODD questionnaire: a structured document submitted to the manager requesting detailed information across all seven workstreams above. For hedge fund managers, the AIMA DDQ is the reference standard; for PE managers, the ILPA DDQ provides equivalent coverage. Most institutional allocators use these standards as a baseline and add their own supplementary questions.
In practice, ODD questionnaires create a significant processing burden on both sides of the relationship. An institutional allocator with 30 to 50 manager relationships may be collecting and reviewing dozens of questionnaires annually, each 40 to 80 pages in length, submitted in different formats, in different template structures, with different section conventions. Managers, particularly smaller firms, face the reverse burden: completing multiple questionnaires from different LPs simultaneously, each with slightly different question framing and documentation requests.
The AIMA and ILPA DDQ formats define the standard scope of ODD data requests — covering governance, operations, technology, compliance, and business continuity — but GPs still receive bespoke requests from each LP.
The format fragmentation problem is as real in ODD as it is in M&A DDQs. Questionnaires arrive as Word documents, PDFs, Excel workbooks, and in some cases as plain text or email attachments. Section numbering conventions differ. The same question about valuation independence may appear in section 4 of one questionnaire and section 12 of another. Without systematic extraction, meaningful cross-manager comparison is extremely difficult.
How to conduct ODD on an investment manager: the process
A well-structured ODD program follows a defined sequence, from initial questionnaire submission through on-site review and into ongoing monitoring.
Step 1: Send the ODD questionnaire and document request list. The allocator sends its standard ODD questionnaire, typically based on or supplemented by the AIMA or ILPA template, along with a document request list. Documents requested typically include: the fund's constitutional and legal documents, service provider agreements, compliance manual, cybersecurity policy, valuation policy, business continuity plan, most recent audit, and prior-year regulatory filings.
An example of logical workflow used by an AI agent. AI document analysis stage processes ODD responses the same way an experienced analyst does — extracting governance structures, identifying thin or missing answers, and cross-referencing claims against supporting documentation.
Step 2: Initial questionnaire review and document analysis. The completed questionnaire is reviewed across all workstreams, and responses are cross-referenced against the supporting documents. This is where most ODD teams spend the majority of their time: reading questionnaire responses, locating relevant sections of supporting documents, checking consistency between stated practices and documented policies, and flagging areas that require follow-up.
Step 3: Follow-up questions and management interviews. Questions that are incomplete, inconsistent, or that open new lines of inquiry are addressed through written follow-up or direct management interviews. Interviews with the CCO, CFO, and COO (where distinct from the investment team) provide context for written responses and allow the ODD analyst to assess whether stated policies reflect actual practice.
Step 4: On-site due diligence visit. For initial investment or significant re-underwriting, most institutional allocators require an on-site visit. The visit allows direct observation of the operating environment, meeting with personnel beyond the principals, and assessment of the office setup and systems infrastructure that would be difficult to evaluate remotely. On-site visits often surface discrepancies between the formal questionnaire responses and operational reality.
Step 5: Third-party verification. Independent verification of service provider relationships is an essential step that many ODD programs underweight. The allocator should independently confirm the fund's stated custody arrangements with the custodian, verify the administrator's independence and reconciliation process, and check that stated regulatory registrations are current with the relevant regulator. These checks take limited time but have, historically, been the step that would have identified fraudulent or misrepresented arrangements before capital was committed.
Step 6: ODD findings report and investment committee presentation. The ODD findings are documented in a formal report covering all workstreams, with risk ratings applied to areas of concern. For most institutional programs, the ODD report is a separate document from the investment memo, reflecting the distinct nature of the two analyses. The investment committee receives both.
Step 7: Ongoing monitoring and annual re-underwriting. ODD does not end at commitment. An ongoing monitoring program tracks material changes: key personnel departures, regulatory filings, fund administrator changes, cybersecurity incidents, and any changes to the valuation policy or compliance structure. Annual re-underwriting with an updated questionnaire ensures the operational risk profile of the fund reflects its current state rather than the state it was in when capital was first committed.
Operational due diligence in private equity vs hedge funds
While ODD frameworks share common foundations across private equity and hedge funds, the emphasis and specific areas of focus differ meaningfully between the two strategies.
In private equity, the most material ODD workstreams typically cover governance and conflicts of interest (particularly around GP co-investment terms, fee transparency, and related-party transactions), fund administration independence (NAV calculation for fund-level reporting), valuation policy for illiquid assets (where no market price exists), and cash controls around capital call and distribution mechanics. PE funds also have specific ODD dimensions around their General Partner entity structure, carried interest terms, and key-person provisions in the LPA itself.
In hedge funds, the operational risk profile is both broader and faster-moving. Trade execution processes, prime broker relationships, margin arrangements, short borrowing, OTC derivatives exposure, and daily NAV processes all require scrutiny that does not arise in a PE fund. Cybersecurity and trading system security are elevated concerns given the real-time, high-frequency nature of many hedge fund operations. Regulatory coverage is also more complex: a PE fund in a single jurisdiction may have one primary regulator; a multi-strategy hedge fund running accounts in multiple jurisdictions can have four or five simultaneous regulatory frameworks to verify.
The V7 Go Operational Due Diligence Analyzer handles this range. A single ODD questionnaire submitted by a fund manager is processed through 60+ structured extraction properties covering firm basics, key personnel, compliance, operations, valuation, service providers, cybersecurity, AML, and cash controls. The output is not just a data extract: the agent also produces a RAG-coded Flag Report identifying red, amber, and green-rated items, a coherent narrative Summary of the manager's operational profile, and a full executive HTML report suitable for investment committee distribution. In one example deployment covering four investment managers simultaneously, the extraction produced over 140 personnel records, 22 banking relationships, 14 prime broker records, and 38 cash movement authorization entries, each structured, cross-referenced, and flag-rated.
For allocators managing programmes of 20 or more manager relationships, V7 Go's PE due diligence automation and AI Financial Due Diligence Agent sit alongside the ODD Analyzer as complementary workstreams in an integrated due diligence pipeline.
The ODD checklist: key questions by workstream
The following checklist covers the essential questions across each ODD workstream. It is not exhaustive (a full institutional ODD questionnaire runs to 40-80 pages), but it maps the critical areas where red flags most commonly emerge.
Governance and legal structure
What is the legal structure of the management company, and how long has it been established? Who are the beneficial owners, and are ownership interests documented? Does the fund have an independent board, advisory committee, or LPAC with genuine authority? How are conflicts of interest between the GP and LPs identified, disclosed, and managed? Are there any material related-party transactions, and if so, are they conducted on arm's-length terms?
Key personnel
Who are the key individuals, and what are their professional qualifications? What succession or retention arrangements protect against key-person departure? Has there been significant personnel turnover in the last three years, and if so, what were the circumstances? Are key individuals' compensation structures aligned with LP interests, or do they create incentives for excessive risk-taking?
V7 Go applies this structured approach across an entire fund evaluation in a single pass. The following walkthrough shows the platform processing an ODD document package in practice:
V7 Go's AI Concierge processing an NDA agreement with answers cited to the source questionnaire pages.
Compliance and regulatory
What regulatory registrations does the management entity hold, and are these current and verifiable with the relevant regulator? Who is the CCO, and to whom do they report in the organizational structure? Is compliance monitoring conducted in-house, outsourced, or both? Are there any past or current disciplinary actions, regulatory investigations, or enforcement proceedings? Has the firm received a regulatory examination in the last three years, and if so, what were the findings?
Operations and service providers
Who is the fund administrator, and is the NAV calculation process fully independent of the manager? Who provides custody services, and are the custody arrangements verifiable directly with the custodian? Who is the auditor, and is the audit firm appropriate in scale and specialist capability for the fund's asset class? Are there shadow accounting processes in place to provide internal verification of administrator calculations? How are service providers selected and reviewed?
Valuation
Does the firm have a formal, written valuation policy? Is there a valuation committee with independent (non-investment) representation? How frequently are formal valuations conducted? Are third-party valuation providers used for illiquid or hard-to-price positions? Is there documented evidence that the valuation process is operationally independent from the portfolio management function?
Cash controls
What is the cash movement authorization process? Does the authorization structure require dual approval for all cash movements? Are cash movement instructions segregated from approval authority (i.e., the same individual cannot both instruct and approve a transfer)? How are cash reconciliations performed, and who is responsible for verifying them? What limits and protocols apply to transfers above defined thresholds?
Cybersecurity and business continuity
Does the firm have a formal, written cybersecurity policy? Is third-party penetration testing conducted, and how frequently? Do all employees receive cybersecurity training? Has the firm experienced any data breaches or security incidents? Does the firm have a documented business continuity plan, and has it been formally tested? Where is data maintained, and what backup and recovery protocols are in place? Does the firm have a formal AI usage policy?
ODD red flags: what demands closer scrutiny
Experienced ODD analysts recognize a consistent set of warning signs that correlate with elevated operational risk. Not all red flags are deal-breakers individually, but each warrants specific follow-up, and patterns of multiple amber flags in a single workstream are more significant than any single item in isolation.
Valuation independence failures. A valuation process where the portfolio managers have direct influence over the valuations applied to their own positions is the single most significant operational risk in alternative investments. This includes: no independent valuation committee, a committee that is formally independent but functionally dominated by the PM, third-party valuation providers who receive business from the manager and face implicit conflicts, and valuation policies that are not formally documented or are inconsistently applied.
Concentrated key-person dependency without succession. Small PE and hedge fund firms are structurally vulnerable to key-person risk. A single individual who simultaneously manages the investment process, controls the banking arrangements, directs the administrator, and has the trust relationship with LPs represents an operational risk that no diversification in the portfolio can mitigate. Absence of documentation of succession arrangements, combined with absence of any organizational depth, is a consistent red flag.
CCO reporting to the PM. The Chief Compliance Officer's organizational independence is a direct indicator of the quality of the compliance program. A CCO who reports to the portfolio manager, receives their compensation at the PM's discretion, or lacks the authority to escalate compliance concerns to the board or LPAC is structurally compromised regardless of their individual capability.
Custody or administrator that is economically connected to the manager. Third-party administrators and custodians who have financial relationships with the management company (through common ownership, shared revenue arrangements, or referral agreements) cannot provide the independent oversight that the separation-of-duties principle requires. These arrangements are not always disclosed in the questionnaire; direct verification with the service provider is necessary.
Cybersecurity posture inconsistent with the firm's risk profile. A hedge fund managing USD 2 billion in assets across multiple prime brokerage relationships with no formal cybersecurity policy, no documented penetration testing, and no staff cybersecurity training program represents an operational risk that is increasingly material. Cyber incidents affecting investment managers are no longer hypothetical events: the frequency and sophistication of attacks targeting financial firms has increased consistently across successive years, a trend documented across the industry's operational risk literature.
Gaps between stated policy and documented practice. The most useful ODD insight often comes from the gap between what the questionnaire states and what the supporting documents show. A firm that describes a comprehensive valuation committee process in its questionnaire responses but cannot produce meeting minutes, a formal valuation policy document, or evidence of independent committee membership is providing a theoretical description of a process that may not operate as described. Systematic cross-referencing between questionnaire responses and document evidence is what separates rigorous ODD from box-ticking.
How AI agents are changing operational due diligence
Operational due diligence has a structural bottleneck that investment analysis does not: the extraction problem. An ODD questionnaire submitted by a manager contains 40 to 80 pages of structured responses, supporting exhibits, and referenced documents. Processing that material into a usable format (extracting the specific fields relevant to each workstream, applying consistent risk ratings, cross-referencing responses against document evidence, and producing a findings report) is time-intensive work that scales poorly when an allocator is managing a programme of 30 or 40 manager relationships.
V7 Go's Operational Due Diligence Analyzer was built for this extraction problem. It ingests an ODD questionnaire in any format and processes it through 60+ structured properties organized across the seven ODD workstreams. For each field, the agent extracts the relevant response from the questionnaire, applies the appropriate classification (text extraction for narrative fields, single or multi-select for binary or categorical questions, and collection tables for repeating data like key personnel or banking relationships), and flags any responses that warrant elevated scrutiny.
The output includes several distinct deliverables. Structured field extractions allow allocators to compare managers on specific dimensions: which ones have independent valuation committees, which ones use third-party penetration testers, which ones have formal AI usage policies. The RAG Flag Report surfaces items rated red or amber with explanatory notes: the compliance gaps, the conflicts, the absences that require follow-up. The executive Summary provides a coherent narrative of the manager's operational profile for internal review. And the full executive HTML report is a formatted, investment-committee-ready document generated directly from the extraction, without a separate drafting step.
The practical implication for an allocator team is that the extraction and initial classification phase, which typically consumes the majority of ODD analyst time on each questionnaire, can be completed systematically and consistently across an entire manager programme. The analyst time that remains is the judgment-intensive work: evaluating the significance of flagged items, conducting follow-up interviews, verifying service provider arrangements independently, and making the final risk assessment that requires professional judgment rather than information retrieval.
For the full landscape of AI-native tools available for due diligence programs, V7 Go's comprehensive guide to AI due diligence and comparison of due diligence software for M&A and investment management provide additional context on how these capabilities fit within broader institutional programs.
The data flowing through V7 Go's ODD project view populates a shared, auditable workspace where the full team can review extractions, add comments, escalate flagged items, and track re-underwriting cycles over time. Via API integration or MCP-connected systems, the structured ODD data can also populate a CRM, risk management system, or reporting database directly, making the output available wherever the allocator's existing workflow requires it, not just as a standalone document.
What an ODD findings report should contain
The ODD findings report is the primary deliverable from a manager review and the document that the investment committee uses to evaluate operational risk alongside the investment case. A well-structured ODD report contains the following elements.
Executive summary and overall risk rating. A one-to-two paragraph overview of the manager's operational profile, the key findings from each workstream, and an overall operational risk rating (typically red, amber, or green). This section should be written for a senior reader who will not read the full document.
Workstream-level findings. A section for each of the seven ODD workstreams covering: the key findings from the questionnaire and documents, the risk rating for that workstream, specific items requiring attention or follow-up, and any prior-year findings that have been resolved or remain open.
Red and amber flag summary. A consolidated list of all red and amber-rated items across workstreams, with a brief explanation of each and a recommended action (further investigation, specific representations, contractual mitigation, or investment committee escalation).
Service provider verification status. A record of which service provider relationships were independently verified directly with the service provider, and which were accepted based on questionnaire assertion only. This creates an audit trail for the allocator and makes clear which elements of the ODD relied on manager-provided information versus independent confirmation.
Year-on-year comparison (for re-underwriting). For existing manager relationships, a comparison of current ODD findings against the prior period's report, highlighting changes in the operational profile, resolution of prior concerns, and any new areas of risk. This comparison is what distinguishes a genuine ongoing monitoring program from a periodic repetition of the same exercise.
For allocators conducting due diligence on fund managers managing multiple strategies or structures, V7 Go's resources on AI data room analysis and the broader legal due diligence workflow support the document review workstreams that run alongside ODD in a full manager evaluation.
What is operational due diligence in private equity?
Operational due diligence (ODD) in private equity is the structured evaluation of an investment manager's organizational infrastructure, controls, governance, and compliance framework. Unlike investment due diligence, which evaluates the manager's ability to generate returns, ODD evaluates whether the organization is structurally capable of protecting investor capital: proper custody arrangements, independent valuations, sound cash controls, and an effective compliance program. ODD is conducted before initial capital commitment and repeated on a monitoring basis throughout the relationship.
+
How is ODD different from investment due diligence?
Investment due diligence evaluates the investment process: edge, track record, risk management, and strategy sustainability. Operational due diligence evaluates the organizational context in which that process runs: governance, key-person risk, custody arrangements, compliance infrastructure, and cybersecurity posture. The distinction matters because operational failures are not investment failures. A manager with a genuine edge and strong returns can still cause LP harm through fraud, misappropriation, or operational collapse. ODD is the discipline that specifically addresses these risks.
+
What are the main areas covered in an ODD questionnaire?
A comprehensive ODD questionnaire covers seven workstreams: governance and legal structure, key personnel and organizational stability, compliance and regulatory oversight, operations and service providers, valuation policy and independence, cash controls and financial operations, and cybersecurity and business continuity. Both the AIMA (for hedge funds) and ILPA (for private equity) publish standardized ODD questionnaire templates that most institutional allocators use as a baseline. Questionnaires typically run 40 to 80 pages and are submitted by the manager with supporting documentation.
+
What are the most common ODD red flags?
The most consistent ODD red flags include: a valuation process where portfolio managers influence their own valuations, a CCO who reports to the portfolio manager rather than an independent oversight body, a fund administrator or custodian with financial ties to the management company, concentrated key-person dependency without documented succession arrangements, cybersecurity posture that is inconsistent with the fund's scale and complexity, and gaps between stated policies in the questionnaire and the supporting documentation. Patterns of multiple concerns across a single workstream are typically more significant than any single isolated finding.
+
How often should ODD be conducted on existing managers?
AI agents are addressing the extraction bottleneck that has historically limited ODD program capacity. Ingesting a 60-80 page ODD questionnaire and extracting structured data across 60+ fields, applying risk classifications, producing a RAG flag report, and generating an executive summary is now achievable systematically at scale. The time released from extraction and initial classification allows ODD analysts to concentrate on judgment-intensive work: evaluating flagged items in context, conducting independent service provider verification, and making risk assessments that require professional expertise. For programmes covering 30 or more manager relationships, the capacity increase from systematic AI-assisted extraction is material.
+
How is AI changing operational due diligence programs?
Go is more accurate and robust than calling a model provider directly. By breaking down complex tasks into reasoning steps with Index Knowledge, Go enables LLMs to query your data more accurately than an out of the box API call. Combining this with conditional logic, which can route high sensitivity data to a human review, Go builds robustness into your AI powered workflows.
+
