Operational Risk and Societe Generale – some lessons to be learnt.
Recently, I could secure a translated version of “Mission Green” – Societe Generale’s General Inspection Department’s French summary report into the fraud committed by Jérôme KERVIEL (JK), trader on the Turbo warrants market within the equity derivatives division.
Before going into the salient features of this report, let us revisit the recent happenings in Societe Generale. In January 2008, it created a sort of history when it announced that it had to book $7.2 billion due to series of unauthorized transactions put through by one of its traders over a period of years.
In investment banking parlance, such a trader who makes unauthorized trades on behalf of his/her employer is nicknamed a ‘rogue’ trader. This activity is in the grey area between civil and criminal illegality for the reason that the ‘rogue’ trader is a legitimate employee of the investment bank yet enters into transactions on its behalf without permission.
Thus our Jerome Kerviel (2008, Societe Generale, Loss $7.2 billion) joins the band of big time league of rogue traders, namely:
1) Nick Leeson, 1995 Barings Bank Loss £827 million
2) Toshihide Iguchi, 1995 Resona Holdings Loss £557 million
3) Yasuo Hamanaka, 1996 Sumitomo Corporation $2.6 billion
4) John Rusnak, 2002 Allied Irish Banks Loss £350 million
5) Luke Duffy, Oct 03 - Jan 04 National Australia Bank Loss AU$360 million
Some of the reasons now adduced by the bank in the said report, which emboldened our Jerome Kerviel are
- Supervision was lacking
- A new desk manager assigned to the ‘rogue’ trader was ineffective and weak, and did not have enough support from his superiors
- Several alerts by the front office got little attention and less response
- The ‘rogue’ trader’s manager had an overly tolerant attitude toward intraday trading activities.
- The operations environment was critically chaotic
- Inadequate IT security
- abuse of confidence and illegal access to computers
It is reported that our Jerome Kerviel achieved his activities by
- Recording fictitious trades canceling positions and latent earnings generated by fraudulent positions. (He entered one or several false transactions into the systems so that they would be taken into account in risk and valuation calculations. He defined the parameters of these transactions such that they covered the fraudulent positions actually taken elsewhere)
- Recording pairs of fictitious transactions matching each other in the inverse. (He entered pairs of fictitious reverse transactions (purchase/sale) concerning equal quantities of the same underlying asset for different “off-market” prices in order to conceal the realized earnings without creating a directional position (the balance being zero)).
- Recording provision flow (“flux pro”). (He used the option, in principal reserved for trading assistants (but without any technological protection preventing access by traders) to correct modeling bias, to enter positive or negative provisions modifying the value calculated by the Front Office system. He entered such flows to conceal the amount of earnings generated by his fraudulent positions. He knew that they were only monitored at the end of the month and cancelled them before the control took place. Generally speaking, He managed to vary his techniques sufficiently in order to reduce the number of cases where he would deal with the same control agents in case of a problem.)
Regarding the first two techniques (fictitious trades or pairs of fictitious trades) - He cancelled fictitious trades before they gave rise to any confirmation, settlement or control. In order to do so, he used features that left him the time to cancel these trades and to replace them with new false trades.
Well. What a wonder and mastermind Jerome Kerviel had.
I agree. Almost all the banks have a very high focus on and expectations from their trading desks to contribute to boost their profit books. Societe Generale was no exception. When the stakes are very high, these banks are expected to have robust systems and controls to monitor the activities of their traders. Some of them at the very essential levels are:
- Strengthening IT security through the development of strong identification solutions, the acceleration of any structural plans for the management of access security and targeted security audits
- Reinforcing controls and alert procedures to ensure that the appropriate circulation of information between different units and at the appropriate management level
- Strengthening the organizational structure and governance of operational risk prevention system to develop its cross functional nature and better take account of fraud risk including from a human resources perspective.
In these days of high stakes and volumes in business, only technology can provide the ultimate solution to the requirements of systems and control to raise flags when violations are noticed for the first time and to prevent operations when frequent violations are noticed. Only then our banks can escape from such huge losses.
More than anything, traders are to be selected for their roles only after thorough investigation. They are to be regularly screened, watched and reported. Minimum code of conduct should be expected of them. Surely, proper selection and regular screening can easily overcome fraud risk.
And one more observation – despite our best practices, systems and controls, if frauds do happen, in addition to blaming our ‘rogue’ dealers, we should also own up responsibility as an organization for failure to implement and enforce robust systems and controls. Only then, the market will respect such organizations. Losses are a part of any business. But learning from such losses only make organizations ‘lasting’ organizations.
|