What is SFTP? What is it used for?

SFTP stands for Secured File Transfer Protocol or SSH File Transfer Protocol. It is a network protocol that provides a secure connection for file access, file transfer, and file management on both local and remote systems by leveraging SSH (Secure Shell) data stream. It is considered by many to be the optimal method for secure file transfer. This is because it uses encryption algorithms to securely move data and keep files unreadable during the process, and authentication prevents unauthorised file access during the operation.

For hedge funds and asset managers, it is a common method for transfer of trade files, billing statements and various reports.

The difference between SFTP, FTP and FTPS, and why we chose SFTP?

SFTP vs FTP 

FTP is an old and popular file transfer method that has been in existence longer than the internet. Back then it was designed without malicious online activity, therefore it was not designed to deal with cybersecurity threats.  With FTP, both channels are unencrypted, leaving any data sent over these channels vulnerable to being intercepted and read. SFTP is a more secure version of FTP, it offers strong protection through authentication options that FTP can’t provide. 

SFTP vs FTPS

FTPS is FTP with TLS (previously known as SSL) protocol applied to protect communications over a network. While FTPS adds a layer to the FTP protocol, SFTP is an entirely different protocol based on the network protocol SSH.

One major difference between them is the use of ports. SFTP needs only a single port number for all SFTP communications, making it easy to secure.

FTPS uses multiple port numbers, the one for the command channel that is used for authentication and passing commands. But every time a file transfer request or directory listing request is made, another port number needs to be opened for the data channel. You and your trading partners will therefore have to open a range of ports in your firewalls to allow for FTPS connections, which can be a security risk for your network.

Why we chose SFTP?

As hedge funds and asset managers are dealing with high-value information, security is key. We recommend using SFTP as it is more secure than FTP, while also being more usable with firewalls compared to FTPS. It is also the standard protocol in the industry.

How does SFTP-based file management help hedge funds and asset managers?

1. Saves time

Hedge funds and asset managers are often dealing with a large volume of trade files, billing statements and reports from counterparties. Traditional fund operations may start the day by downloading these files from each counterparty’s portal, and organising these into folders. The time taken may seem trivial at first, but as the volume of data grows, this task alone can take hours, not to mention the interruption on the operations person’s work as they check for file arrival throughout the day.

With SFTP-based file management, the entire file acquisition process is automated from download to organisation. Files will automatically arrive in the right spot as they are ready, and good systems will even notify you when a file has arrived or that it hasn’t by a set time. Operations teams can save time and increase productivity. These are things a local network drive cannot do.

2. Improves accuracy of decisions

Hedge funds and asset managers make the majority of their investment decisions racing against the clock. The more up to date their insights are, the more accurate their decisions are. For example, current exposure will affect decisions on future trades, and accurate exposure is calculated from reconciled positions. Timing intervals at which reconciliation is performed is therefore critical. Many funds push reconciliation to the month end to avoid the daily chore of collecting and organising files, outdated information can cloud PM’s judgments. By investing in SFTP, file collection and organisation can be simplified, reconciliation can be easily automated, allowing reconciliation to become a daily process, hence, significantly improve accuracy of decisions.

3. Clearer oversight – reduce key person risk

Typically only one junior operations person is in charge of the file collection and organisation process, and only they know best when the files typically come in. If that person is sick, other members of the team tasked with other responsibilities may have to jump in. We’ve even witnessed COOs spending their mornings downloading files. The likelihood is that the substitute may take some time to find the logins, the folders, and will have no idea if certain files are late compared to usual.

With SFTP-based file management, the whole team will have full transparency of what files have arrived without relying on just one person. More advanced systems might offer a front end showing file arrival times, volume and status of the files (see Messer’s data warehouse for example). This means the COO will know when to expect reports to be finished and compare counterparties’ delivery.

4. Foundation for efficient automation

While SFTP-based file management is a financial automation itself, given the majority of the automations for hedge funds and asset managers utilises trade files, SFTP is often the foundation that other automation modules sit upon. As a manager adds new funds, processes more files or adds more automation, the benefits from SFTP are exponential.

5. Data Storage

Apart from collecting data, the storage of which post-collection can also be an issue. Many SFTP-based file management providers will store the data for you and/or provide a front-end from which you can manage or see insights about your files. For example, Messer’s SFTP file management comes with storage of files in their data warehouse for up to 7 years, and the option to add a front-end which also shows files number, arrival time, status, etc. Talk to your providers to find out more. Local network drive is a common intermediate solution, but it runs out of storage much faster.

6. Remote Access

During the pandemic, secure remote access is becoming increasingly important. As remote working becomes more prevalent, it is worth long term investment into. Funds with increasing number of counterparties and files typically set up local network drives as an intermediate solution, but this will no longer be sufficient. SFTP can be accessed safely through the browser anywhere, whereas network drives requires access in office or through remote desktop only.