“That men do not learn very much from the lessons of history is the most important of all the lessons that history has to teach.” – Aldous Huxley
It is to be hoped that by now, every financial institution that holds a portfolio of anything other than the simplest, most liquid of financial instruments has undertaken an in-depth and broad review of exactly how the constituents of that portfolio are valued and stress-tested.
This is an even greater imperative for those financial institutions that create and sell more complex instruments to others, and so constitute the sole market for their own products — not only to confirm that the valuation process is under control, but also to check that their trading and settlement position reflects reality. It is simply staggering that, nearly 14 years after Joseph Jett, Nick Leeson and Toshihide Iguchi managed to lose their employers almost $3bn between them, recent events such as those at Société Générale and Credit Suisse can still happen.
Will you be next?
Credit Suisse and SocGen — the common thread
The most obvious common thread, based on publicly available material, is the failure of both institutions to invest in, and support, the control functions that were responsible for the independent verification of traders’ activities.
Products and markets continue to become increasingly complex. Any prudent institution will try to ensure that it employs control staff who: are readily able to understand and engage with complex issues; have the confidence to challenge the front office; have the dogged persistence to keep going until they get an answer that satisfies them; and can easily access a clear and supported escalation route in the event that a satisfactory answer is still not forthcoming.
What happens if this is not in place?
The Financial Services Authority’s final notice for Credit Suisse was extremely clear:
“Certain personnel within control functions with responsibility for recording or checking prices were overly deferential in challenging certain SCG traders and do not appear to have had sufficient seniority or management support to challenge effectively;” and “too much reliance was placed on inexperienced and/or junior staff to resolve pricing issues with the Front Office and to challenge Front Office staff. Insufficient senior level oversight was committed to supervising and supporting day-to-day control processes.”
Compare this with statements earlier this year from Maxime Legrand, an inspector of trading operations at Société Générale from 2001 to 2004. While he may have had an axe to grind — Société Générale went so far as to describe his remarks as defamatory — the sentiment is broadly consistent with Société Générale’s own special committee findings, and, sadly, entirely believable:
“There are quite certainly a number of traders who did not follow risk control instructions and who went unpunished even when their offences were discovered, because they were earning money for the bank,” and “when I was an inspector, the old traders would almost throw out by the seat of their pants inspection chiefs with five or six months’ experience, saying: ‘Come back when you have something intelligent to ask me.'”
If both are true, then why were these situations allowed to prevail? A large part of it starts with the fact that “speed to market” has become the enduring mantra, particularly in the structured products arena: if you are the innovative bank that sellotapes a number of products together in a new way, the product team will inevitably be looking nervously over its shoulder. Has a competitor had the same idea as us? Will they hit the market first, hoovering up most of the available revenues before we get there?
Engaging with the control functions at the new product approval stage immediately puts the brakes on the process. It takes time for them to understand and become comfortable with the new product. It takes time for them to understand what the external references are for valuing the individual constituents of the product, and how the valuation of the parts interact to give a sensible valuation for the whole. From there, it takes time to model future scenarios that are based around the crystallisation of future risk events to understand what this, and similar products, may do to a firm’s balance sheet if the external environment changes in uncomfortable ways (as it usually does).
Consequently, the control functions are in the way, and the business needs to find ways around or over them. This is particularly true where the function is held in low regard, and is, therefore, not an attractive career choice for the sort of staff who would give it credibility within the organisation. If a firm regards product control, risk, audit or compliance as a necessary evil, as a pure overhead, the message it gives out is that it needs to operate as cheaply as possible. That is not consistent with employing reasonably high calibre staff. Where this is true at one point in an organisation, it very quickly becomes true across the whole organisation, and this does not just apply to the most complex products any more. To quote from Société Générale special committee’s May report: “More generally, the Bank must mobilize high levels of expert human resources in numerous support and control positions. The Bank will therefore have to recruit, train and integrate experienced employees.”
Making and taking comfort
To ensure that their control functions are operating correctly, firms may want to undertake a few simple tests:
- Ask the chief risk officer for verbal assurances that the risk numbers and the underlying mark-to-market and counterparty exposures reported to the board are entirely accurate.
- Also ask the CRO whether the quality and standing of staff across the risk functions is satisfactory from his/her perspective.
- Where you have not already done so, commission internal audit to undertake, as a matter of the highest priority, a deep dive into end-to-end control processes that surround position and counterparty management, from new product and counterparty approval, through trade booking, confirmations, cancels and amends, through to counterparty and trading book/portfolio reconciliations and valuation, including independent price verification processes for products and components, where available.
- Ensure the risk and portfolio management information that you receive includes analysis and trending, rather than just absolute values.
- Ask for evidence that escalation processes are used appropriately, operate on a timely basis, and that escalated issues are actually resolved satisfactorily rather than merely “closed”.
- Understand which desks and front-office staff the risk teams are most concerned about, and why.
- Consider to what extent firms trust their institution’s star performers.
- Communicate, on a routine basis, the institution’s values and the potential impact on the individual — in personal and career terms — of any kind of material breach.
Société Générale is now closing the stable door, at a predicted cost in excess of €100m over the period 2008 to 2009. Credit Suisse has undertaken a wide-ranging internal review and embarked upon a remediation programme, and chief executive Brady Dougan’s compensation was reduced by 40 per cent from the previous year — at least in part because of this incident.
How sure are you that your horses are still in the stable?
First published in Complinet ‘Senior Management Responsibility’ September 2008.