Trading security: 'If I were to say it couldn't happen here, well, that's bullshit'
Sunday 03 February 2008
Banks across the City of London have launched urgent reviews of their security procedures in the wake of the Société Générale scandal.
It is understood that several have contacted the Financial Services Authority (FSA) during the last few days to inform the City regulator of their actions in the midst of growing alarm at the way in which SocGen trader Jérôme Kerviel was able to circumvent internal controls to place multi-billion- euro bets (although in interviews with police he has reportedly claimed that his superiors must have been aware of his activities).
Despite this, the FSA is known to have concerns that some London banks still fail to enforce a demand that traders take at least two consecutive weeks of holiday in a year. This is seen as a key security measure because it means their trading "book" will be taken over by another employee and the timeframe is long enough for any anomalies in their trading positions to be spotted.
The FSA has stopped short of calling for new rules to enforce this requirement, believing that too many regulations could allow banks to adopt a "box ticking approach" that they would be able to use as a shield in the event of a scandal. It prefers a "principles based" approach that requires senior management to be on the ball, and comply with what is seen as best practice.
But the two-week holiday is seen as "best practice" and it is not being adhered to in all cases.
The 31-year-old Mr Ker- viel is also reported to have told police during last week's interviews that: "The simple fact that I did not take any holidays in 2007 should have alerted the management. That is one of the primary rules for the internal controls."
One senior London-based risk manager says he agrees this is a key requirement, adding: "If I were to say it couldn't happen here, well, that's bullshit. You'd like to think it wouldn't – that the culture is strong enough to detect it. But no, you can't say it couldn't happen."
Typically, banks have compliance and risk managers "on the floor" and expect traders to talk to them regularly. These people, however, have a degree of independence from the trading business proper and their reporting lines are different – the former to a bank's compliance department and the latter to more senior risk executives.
The activities of traders are also scrutinised by "external" functions in banks, including human resources, who could enforce the two- week rule. The third line of defence would be internal audit, which could pick up discrepancies.
But the risk manager spoken to by The Independent on Sunday says: "What I would be asking in this case [Mr Kerviel] is what the head of his desk was doing. Ultimately, you can have all the checks and balances you want, but they are there all day and would have been best placed to pick up on anything that went wrong.
"I've seen that he's said people must have known what was going on. Well, he is being advised by his lawyers. But if they didn't know, then they were asleep at the wheel."
The FSA currently expects banks to separate the duties of front-line traders, risk managers and the back-office staff who will be involved in the clearing and settlement of trades. It has no objection to back-office personnel such as Mr Kerviel rising to become traders, but it does insist that security should be strict between departments.
That means measures should be taken to ensure passwords and access to secure systems for the back office, who process trades, are not available to people who move into the front line where the trades are struck. A knowledge of the back office, and access to its systems, could have been vital in helping Mr Kerviel to keep his off-book trades "secret", if indeed they were.
The regulator believes there are three key things banks could do that would minimise the risk of being attacked by a rogue trader (detailed in the box on the right). However, like the risk manager above, senior regulators privately admit that a really determined rogue could still cause chaos from London, just as Mr Kerviel did from Paris.
And with the increasing complexity of derivatives markets, rising volumes and the desire among traders to be seen as "big swinging dicks" who pocket multi -million-euro bonuses for fun, Mr Kerviel is unlikely to be the last to go rogue.
The risk manager says: "Ultimately, it is often about the culture. If you have a culture with a dominant individual in charge, who barks at staff and who people are afraid to take bad news to – well then its much easier for something like this to happen. And a sophisticated and determined individual can always find ways around the rules, particularly if there is collusion with others."
The measures needed to ensure security
The FSA guidelines say that banks should:
t Ensure the clear separation of duties between different parts of its business – such as traders, risk managers and the back office – with separate reporting lines. Staff on the trading desk should not have access to IT and passwords used by the back office.
t Have a system that checks trades entered against confirmation from the external counter party – be it a bank or an exchange. Be aware of trades entered on a provisional basis.
t Ensure that anomalies are identified and followed up, particularly odd looking trades, variations in a trader's usual pattern and breaches of trading limits.
- 1 King Salman: Just five days in, Saudi Arabia's new king has already overseen a beheading
- 2 The BBC has just done more to eradicate ‘terrorism’ than all our wars since 9/11
- 4 Presidential optical illusion offers clues to how brain processes faces
King Salman: Just five days in, Saudi Arabia's new king has already overseen a beheading
Auschwitz liberation 70th anniversary: Woman sent to three Nazi death camps describes surviving gas chamber
Saudi preacher who 'raped and tortured' his five -year-old daughter to death is released after paying 'blood money'
Ukip Jelly Babies cause uproar on Amazon
Chilling drone footage captures Auschwitz ahead of 70th anniversary of liberation
'We would evict Queen from Buckingham Palace and allocate her council house,' say Greens
French court convicts three over homophobic tweets, in case hailed as a 'significant victory' by LGBT rights campaigners
Greece elections: Syriza and EU on collision course after election win for left-wing party
British Muslim school children suffering a backlash of abuse following Paris attacks
British grandmother Lindsay Sandiford faces execution by firing squad in Indonesia
Liberal Democrat minister defends comments suggesting immigration causes pub closures
iJobs Money & Business
£23000 - £26000 per annum + Benefits: Ashdown Group: Market Research Executive...
£25000 - £35000 per annum: Recruitment Genius: A Technical Report Writer is re...
Competitive salary & benefits!: MBDA UK Ltd: MBDA UK LTD Indirect Procurement...
£16500 - £16640 per annum: Recruitment Genius: This fast growing Finance compa...