Of all the catastrophes banks have faced in recent years, the news of £1.4bn losses caused by the fraudulent transactions of a rogue trader at Swiss bank UBS last year, is one of the most shocking to hit the financial industry.
Recently Kweku Adoboli was convicted of two counts of fraud and sentenced to seven years in prison. Now the bank has to stomach the consequences as regulators step in. The FSA has fined UBS almost £30m for failings related to these losses which is a massive blow to the bank’s finances, especially considering it’s the third largest fine the regulator has imposed in its history. What is most alarming is that this crisis could have been avoided had an IT system, designed to protect the bank against unauthorised trading, done what it was supposed to do.
After all the high profile episodes in recent years, it is alarming that rogue trading is still alive in a highly regulated market. Perhaps the most infamous rogue trader of all was Nick Leeson, who lost Barings Bank over £800m in unauthorised trading in 1995. In 2008, Jerome Kerviel, a rogue trader who cost French bank Société Générale £3.6bn, used computer passwords belonging to others, and his experience of the controls placed on traders by the back office, to dabble billions on high-risk trades.
“Seriously defective” were the words used by the FSA to describe the systems and controls supporting Mr Adoboli’s desk. The FSA reported the computerised system operated by UBS to assist in risk management was insufficient in reducing the risk of unauthorised trading. The idea that an electronic system which was created to identify exactly the type of trading Mr Adoboli excelled in, failed to work, reflects badly on the financial activities of the whole bank. Had it been running smoothly, management would have flagged up Mr Adoboli’s unauthorised trades and excessive risk-taking as soon as it began.
Also concerning is the revelation that Mr Adoboli was left largely unsupervised and had an easy game to play in exceeding the limits. By not noticing the increasing revenue of the desk, UBS simply failed to manage the risks surrounding his activity. Did UBS bankers turn a blind eye?
One thing is certain: UBS did not respond to risk in the right away. With an absence of tight technological controls embedded on the desk and strict processes, it appears a relatively junior trader was able to take on substantial, unsafe market positions resulting in excessive risk taking.
The incident has unleashed the floodgates of speculation on operational risks, swamping the financial services sector with further regulatory problems to battle with. It isn’t good news for the wider financial climate, with banks already walking on egg shells. Focus must turn to the fact that many banks have ancient IT systems, often making it hard for internal data to be collected and for fraudulent activity to be uncovered. Failure to do so highlights the need for banks to constantly monitor and upgrade their fraud systems and computer software.
On any scale, failure to manage risk properly can cause systemic harm and bring powerful financial organisations to their knees. In future, to prevent a storm from sweeping across the trading floor, better security and risk protection must be set in place. This case shows the harm that inadequate computing software can have, and the potential dangers that can arise when control malfunctions let deficiencies exist in a bank’s regulatory landscape.
Paul Hunt is managing director of Phoebus Software Ltd