Proper risk monitoring and trade limitation tools, backed up with strong management supervision, are the only ways to stop rogue trading, experts say after UBS derivatives trader Kweku Adoboli ran up a $2 billion (£1.26 billion) loss.
UBS’ risk management IT systems may have entirely failed to identify the fast-worsening financial position that led to Adoboli running up the loss, analysts say. However, potentially serious management problems have also emerged after it was reported that the trader had been concerned about his position for a week, posting his concerns on Facebook and apparently highlighting the problem to managers.
Oswald Grubel, the chief executive at UBS, has made public his fight to restore the bank’s reputation following the financial crisis, and had insisted it was implementing strong risk management.
UBS declined to explain to ComputerworldUK.com what controls it had in place, and if Adoboli – whose many friends have come to the defence of his character – had circumvented these controls. A police investigation continues.
Analysts say it is vital, and technologically straightforward, to implement the right systems to help prevent rogue trading. They express surprise that a bank as large and advanced as UBS had failed to stop the problem.
Matthew Clay, a senior research analyst at IDC Financial Insights, with expertise in capital markets and risk, says: “There are a whole range of ways in which those trades should have been caught.
“Most importantly, trader surveillance systems should have highlighted unusual activity and poor financial positions early on, and limit-management software should have stopped him when he hit a pre-defined bad risk profile. Managers then need to act decisively.”
Rik Turner, senior analyst at Ovum, agrees that efforts to catch rogue traders required a mix of management and the right tools – and neither would work in isolation.
“Just like security for your house, you can fit all the locks, have a big ugly guard dog, alarms and electric fences, but if someone cuts your electricity, shoots your dog and smashes a couple of windows, you’re still gonna get burgled.”
It is a standard expectation for investment banks to have continual monitoring of network activity and applications, with a risk management system analysing the data, he explains. That system would highlight “activities approaching certain predefined thresholds, or of an anomalous nature and requiring further investigation”.
Brian Anderson, chief marketing officer at IT security supplier BeyondTrust, says it is time for investment banks to improve management and implement more thorough monitoring practices. They also need “to think more critically about how existing implementations of key system monitoring tools can be better used to track user behaviour”.
Observers have been speculating as to the potential reasons why Adeboli was able to lose so much money. The problems at UBS “suggest that the banker has been controlling trading accounts to which he should not have had access”, says Philip Lieberman, president at security firm Lieberman Software.
“Clearly there was a problem with segregation of duties and the need for ‘dual-controls’ as well as attribution. This sounds a lot like they did not have any type of suspicious trading analysis software in place. The sad part is that all this technology exists," but UBS may have chosen to save money on software and security to the detriment of its shareholders, he said.
Clay at IDC states that a combination of trade desk supervisors, and risk and compliance managers, should watch the systems for warning flags, and call for dangerous trades to be pulled off the books.
“Managers need to be watching this carefully and to have the authority to stop things,” he says. “If any sort of dispute occurs about whether there should be a stoppage then it should be escalated up the chain, as far as the chief executive if necessary. The board needs to have a clear understanding of the risks being taken.”
Societe Generale rogue trader Jerome Kerviel, who ran up €4.9 billion losses in 2008, had argued that he was actively encouraged to take risk, a point refuted by that bank.
In spite of that and other incidents, a culture of high risk appears everpresent among investment banks, in spite of the serious consequences of dangerous trading before the credit crunch, analysts maintain.
“We are sceptical as to whether the culture has really changed at all,” says Clay. “Maybe the change is simply superficial.”