top of page

George Ralph (RFA): Technology Compliance in One Place 

George Ralph, Global Managing Director of RFA describes his company’s role as a technology partner to alternative investment firms. He sees opportunities in Luxembourg because the shortage of technology cloud, cyber & compliance skills raises increasing threats. Interview. 

Can you describe RFA in a few words? 

RFA is the technology partner of choice for alternative investment and finance firms. We serve mainly private equity companies, hedge funds, family offices, wealth managers throughout their life cycles, from start-ups to global leaders. Richard Fleischman, our chairman, created the company over 35 years ago and shares the leadership with four associates. Our 400 colleagues serve 900 clients across our 14 offices and service $2tn+ in AUM. We act as CTO or CISO for small companies with up to 500 users. They outsource all their technology aspects, from ordering equipment to cybersecurity, technology compliance, white-glove support, infrastructure, managed data services, or infrastructure & application strategy. In London, for example, we dominate the market in our historical focus: Hedge funds. Luxembourg (Our European HQ) is a fundamental jurisdiction for us: We are a PSF, regulated by CSSF which clearly demonstrates how serious we are with our clients’ data. We have tremendous traction and are expanding our services to banks, fund administrators, and insurers for example. To my knowledge, we are the only tech PSF in Luxembourg with a global cloud, cyber & compliance team specifically trained to help Financial Services and Alternative Investment professionals. 

Can you describe RFA in a few words? 

RFA is the technology partner of choice for alternative investment and finance firms. We serve mainly private equity companies, hedge funds, family offices, wealth managers throughout their life cycles, from start-ups to global leaders. Richard Fleischman, our chairman, created the company over 35 years ago and shares the leadership with four associates. Our 400 colleagues serve 900 clients across our 14 offices and service $2tn+ in AUM. We act as CTO or CISO for small companies with up to 500 users. They outsource all their technology aspects, from ordering equipment to cybersecurity, technology compliance, white-glove support, infrastructure, managed data services, or infrastructure & application strategy. In London, for example, we dominate the market in our historical focus: Hedge funds. Luxembourg (Our European HQ) is a fundamental jurisdiction for us: We are a PSF, regulated by CSSF which clearly demonstrates how serious we are with our clients’ data. We have tremendous traction and are expanding our services to banks, fund administrators, and insurers for example. To my knowledge, we are the only tech PSF in Luxembourg with a global cloud, cyber & compliance team specifically trained to help Financial Services and Alternative Investment professionals. 

“We are a PSF, regulated by CSSF which clearly demonstrates how serious we are with our clients’ data."

 

How can financial players remain technology-compliant? 

I identify three main aspects: First, regulators focus on resilience. They want to know how firms keep their systems online. Secondly, they look at bottlenecks. How are teams structured? How is remote work impacting operations? And finally, they evaluate the ability of companies to adapt to new regulations like DORA. RFA can help on all three fronts. We help them go into the Cloud. We provide staff augmentation with qualified RFA employees working physically in our clients’ offices for a day, a month or a year. And we take care of regulatory transitions with consultancy, training, cyber testing and digital monitoring of all kinds. When an investor does due diligence on one of our clients, RFA answers all tech-related questions. The fact that we have so many full-time employees and engineers on our payroll all around the world including our in-house SOC, represents tremendous competitive advantage for our clients. Remediation is much faster. 

 

What risks and opportunities do you identify?

We feel that the risks are well identified in Luxembourg: The lack of highly qualified talents to move into the Cloud, which implies a lack of resilience and high costs. People also realize that professionals with technology compliance skills are rare here. And finally, they understand the potential damage that cybersecurity breaches can represent. Instead of simply betting on insurance, our clients are working with us to put the most efficient systems in place. After DORA, a solid set-up on a public cloud is offering a solid solution. Our clients outsource CISO roles to us. Most of the time we can detect malicious activity and stop it before it reaches Luxembourg. Very often we get contacted by non-clients when they are in trouble, and we continue the collaboration after fixing their issues!  

 

bottom of page