Читать книгу Rogues of Wall Street - Waxman Andrew - Страница 4
Introduction: A Risky Business
ОглавлениеThe managing director for risk fixed him with skeptical blue eyes, “you are probably the most dangerous person at this Bank”. I was incredulous. She wasn’t talking to a swaggering trader. She was talking to her supposedly close colleague, the Head of the Global Policy Office at the Bank. The discussion for the last hour had been about the need to strengthen global compliance policies for Sales and Trading in the aftermath of the 2008 Financial Crisis. Surely, I thought, the danger must lie elsewhere.
Why do I open with this story? In many ways it’s symptomatic of what was wrong at banks before and after the 2008 Financial Crisis. There were traders losing money hand over fist, in some cases, to the point of taking their banks over the edge during The Crisis, yet the MD perceived the greater threat as stemming from the Global Policy Office. Really? The pre-Crisis view was that traders should be left more or less alone by Risk and Compliance to work their magic. This did not work out so well in retrospect. After The Crisis a new belief took hold, almost as pervasive and erroneous as the “let traders be traders” view. The new belief was that rigorous enforcement of new policies and procedures would lead almost magically to prevention of wrongdoing. The MD, perfectly cognizant of this, was afraid that risk managers would retreat behind a bureaucrat’s desk rather than engaging with day-to-day activity on the trading floor and that the effects would be just as bad as previously. Sadly, in her defense, to a significant extent it’s my view that this is what has gone wrong after the crisis.
The evidence presented in this book suggests that both these factors have been at play in the years since the Financial Crisis. The strengthened regulatory and compliance regime imposed since the 2008 Financial Crisis this has not yet resulted in a corresponding reduction in operational risk events and failures.1 Even a cursory reading of newspaper headlines in 2016 provides sufficient evidence of that point: Ponzi schemes, fictitious bank accounts, and cybersecurity failures are still common occurrences. The book’s objective is, however, not to offer a critique of these rules and regulations or to argue that they are not needed.2 The main objective of this book, rather, is to hold up a mirror to events caused by the Rogues of Wall Street – to analyze and understand them and then describe ways and techniques for identifying, mitigating, or preventing them in the future.
This past decade has been an exceedingly turbulent one for banks and the financial services industry. So many losses have been paid out to investors, regulators, and clients as either straightforward financial losses or penalties paid out for accepted wrongdoing. The trade date for many of these losses was the financial crisis of 2007–2008. Settlement date was often later – in some cases, as late as 2016 – before the penalty was paid. Even in 2017, regulators are still announcing the settlement of cases with banks that go back to 2007 to 2008.3
I worked in operations and risk management at several large banks in the 2000’s. As such, I participated in what are called “scenario planning workshops.” The goal of these workshops was (and is) to estimate the size of potential losses in the worst of circumstances, black swan type events. I have to admit, however, that during these discussions, we hardly conceived of losses at the levels they have since reached. With multi-billion penalties incurred in some cases, it is now evident that banks failed to price these types of risks properly.
It is also apparent that financial crises hold special trepidation for banks and other financial institutions. This is largely because unknown operational risks4 that, banks and other financial institutions hold on their books, are suddenly and ruthlessly exposed at such times. In 2008, bank losses suddenly ballooned from areas as disparate as credit default swaps, debt offerings, mortgage securities, money market funds, Ponzi schemes (Madoff), rogue trading, hedge fund positions and so on. Some institutions were pushed over the edge – Bear Stearns, Lehman Brothers for instance – while many others barely survived. This was no coincidence. Rogue trading positions, Ponzi schemes, even losses on mortgage securities, can be smoothed over, hidden by high profits, during the good times, but not during the bad times. Madoff’s scheme, for instance, finally came to light in December 2008 after years of successful concealment. Driven by sudden cash needs, brought on by the Financial Crisis, multiple investors asked for their money at the same time. The demand for cash could not be met by Madoff’s cash on hand and the harsh reality was suddenly exposed. This same dynamic played out across multiple venues, markets and positions. While it may have appeared then, that defenses were suddenly breached during the Financial Crisis, it was actually in the run up to the Crisis, that banks and other institutions were opened up, by and to, inside and outside threats.
This book suggests ways for banks and financial institutions to strengthen their defenses during the good times to better protect themselves during the storms that will inevitably hit from time to time. The acquisition of risk management capabilities linked to what I call the “Cognitive Era” are going to be required.
The Cognitive Era is referenced in the title of this book for two important reasons. First, the field of cognitive psychology pioneered by Daniel Kahne-man and Amos Tversky, is in many ways a gift to modern risk managers. By leveraging some of this thinking (we will study some examples in the latter half of the book) risk management errors of the past can be avoided. Second, the era of “cognitive computing”, that has been recently heralded by IBM and other proponents of Artificial Intelligence, presents new opportunities for risk managers.
Partly due to the availability of ever-increasing computing hardware and network power and also due to the availability of new AI (artificial intelligence) technologies, corporations now have cognitive digital platforms at their disposal to improve their ability to manage a wide range of tasks. These platforms encompass machine learning, reasoning, natural language processing, speech and vision, human-computer interaction, dialog and narrative generation, and more – systems that learn at scale, reason with purpose, and interact with humans naturally. We explore some specific applications in the field of surveillance and regulatory management that can support the ability of banks to prevent and mitigate operational risks more effectively in the future. Some of these techniques are already being explored and implemented in the field.
The first part of this book, Chapters 2 through 14, takes the reader through a “Rogue Gallery of Wall Street” – the characters and events behind the losses and failures at storied investment houses and securities firms in the past several years. We look at some of the factors behind the events, the causes, and some of the things that can be done to prevent their reoccurrence in the future.
The Rogue Trader, naturally enough, is the first character we come across in this Rogue Gallery. Typical of this archetype was the trading incident at UBS that occurred in late 2011 that resulted in a loss of over $2 billion for that bank. This incident was similar in many respects to the Rogue Trader incident at Societe Generale5 only four years earlier that resulted in a loss of around $7 million. We will look at these characters and incidents in more detail in Chapter 2.
Rogue Traders, however, are not the only type of bad actor that investment banks have had to deal with in the past few years. The Genius Trader is the second character we meet, and, of course, is not always bad to know. As the name suggests, this character is very smart, perhaps too smart, and his colleagues and bosses give him more latitude to trade than other traders. The trades he executes and the positions he accumulates are very complex and not necessarily understood by his bosses or by the risk managers whose job it is to protect the bank from taking on too much risk. The losses that can result from these trading decisions and miscalculations can be very, very large, leading in some cases to the fall of a major financial institution.6 We will look at the many lessons for risk management from this and other episodes in Chapter 3.
Insider trading has also been front and center in the past few years. Many of those convicted of insider trading have been traders at hedge funds. One of the consequences of banking regulations has been the multiplying of hedge funds established by traders dissatisfied by the resulting conditions at the large banks. The spate of insider trading charges at hedge funds, some of which may lack sufficiently strong and independent compliance oversight and surveillance functions, has perhaps been the logical consequence of that. The issues here and potential remedies are looked at in Chapter 4.
Banks also need to be aware that there may be price manipulators in their ranks. Traders at several banks were charged in 2012 with the crime of manipulating LIBOR rates, rates that are set by a group of specifically appointed banks. The foreign exchange rate manipulation debacle followed soon after that.7 Wide-ranging investigations following both these scandals resulted in dismissals and even criminal charges levelled at several major banks. One may wonder justifiably why all the compliance and pricing infrastructure and policies and procedures that banks have put in place failed to identify these issues. We will look at these issues in more detail in Chapter 5.
Penalties imposed by regulators following mortgage-related litigation has been a significant drain on banks since the 2008 Financial Crisis. We identify the key risk indicators and lessons learned from these events in Chapter 6.
Meanwhile, threats inside banks and hedge funds posed by Rogue Traders and others are matched by threats posed by those from outside. Wall Street also needs to do a better job of protecting itself and society from these external threats: money launderers (drug gangs, terrorists, etc.), Ponzi schemers, cyberterrorists, social media, rogue technology, spreadsheets, and Acts of God. We will look at each of these risks and episodes in some detail and draw out what can be done going forward in respect of each one in Chapters 7 to 14.
Where the first part of this book catalogs some of the major risk incidents that have taken place in the last few years, the second part of the book, starting with Chapter 16, looks at the overarching tools that financial institutions have to work with to create an environment that can prevent and mitigate catastrophic events in the future.
The tools that banks have at their disposal to address these risks are first and foremost their employees. Whether or not employees are successfully enlisted in the battle is very much dependent on the culture that they collectively create. Chapter 17 describes a risk management culture that emphasizes the role of each employee and imbues in each a sense of mutual responsibility to the bank and to one another. Is there a sense of right andwrong that is asmuch a part of the bank as the financial language they speak? We will discuss the 360-degree risk culture at some length and look at examples and tools for making that happen.
In Chapter 18, will then proceed to discuss the importance of a common understanding and language to discuss and remediate the key types of risks facing banks today. What we are talking about when we talk about risk is something that each employee needs to understand from the top to the bottom. If one employee thinks of risk as one thing and his colleague thinks of it as another, then they will look past one another and fail to come together.
Chapters 19 and 20 discuss the classic paradigm of operational risk management – summed up by the words of the historian, Geoffrey Elton: “The future is dark, the present burdensome; only the past, dead and finished, bears contemplation.”8 Risk management has always placed great emphasis on studying the past. If one can determine the risk events and losses in the past, one can learn how much capital to set aside for future losses. If one can understand how much market losses there were in the prior period, one can identify the scope of potential losses in the future. While this approach may have been adequate in the past and does provide an effective measurement baseline, it is not sufficient for the future and so in later chapters we turn to explore newer, more modern approaches and techniques. It is not just financial loss that is at stake but the loss of reputation with clients and the broader community, as recent scandals have shown. A more ambitious goal set by the most innovative risk managers today is to understand the past, not just to measure it but also to prevent it from recurring in the future.
In Chapter 20, we turn to new tools of risk management that involve advanced cognitive understanding of human behaviors and motivations. The use of psychological insight and data analytics are tools that can create incentives and programs to prevent risky behaviors and drive employees toward improved outcomes in the field.
It is no exaggeration to say that proper and appropriate trade surveillance could have helped to avert or reduce the impact of many of the events that banks have been paying for in the past few years. In Chapter 21, we explore new cognitive AI tools that can complement the current trade surveillance activities to identify risky behaviors before they result in losses and reputational damage.
Finally, we discuss external factors, in particular, the role of external stakeholders, from regulators to society at large. The level of interdependency between institutions was shown for all to see in 2008 and needs to be studied to understand how a reoccurrence of those types of events can be prevented. This may be critical in helping our banks and society to avoid a repeat of the 2008 Financial Crisis in the near future.
1
It was reported in 2014 that Citigroup Inc. would put nearly 30,000 employees to work on regulatory and compliance issues by the end of 2014. That pushed compliance staffing levels up 33 percent since the end of 2011. Sital S. Patel, “Citi Will Have Almost 30,000 Employees in Compliance by Year-End,” Market Watch (July 14, 2014), http://blogs.marketwatch.com/thetell/2014/07/14/citi-will-have-almost-30000-employees-in-compliance-by-year-end. Similar reports were filed for JPMC. Lauren Tara LaCapra and David Henry, “JPMorgan to Spend $4 Billion on Compliance and Risk Controls: WSJ,” Reuters (September 12, 2013), http://www.reuters.com/article/us-usa-jpmorgan-risk-idUSBRE98C00720130913.
2
A key scandal was unearthed in 2016 involving Wells Fargo and retail bank customers. This seems to be something new. A Ponzi scheme was also uncovered at Platinum Partners. This was something old. http://www.nydailynews.com/new-york/nyc-crime/platinum-partners-hedge-fund-bigs-face-charges-1b-fraud-case-article-1.2916343.
3
US Department of Justice, “Deutsche Bank Agrees to pay $7.2 Billion for Misleading Investors in Its Sale of Residential Mortgage-Backed Securities. Deutsche Bank’s Conduct Contributed to the 2008 Financial Crisis” (January 17, 2017), https://www.justice.gov/opa/pr/deutsche-bank-agrees-pay-72-billion-misleading-investors-its-sale-residential-mortgage-backed.
4
Operational risk is the risk that deficiencies in information systems or internal processes, human errors, management failures, or disruptions from external events will result in the reduction, deterioration, or breakdown of services provided by an FMI. http://www.bis.org/cpmi/publ/d00b.htm?&selection=48&scope=CPMI&c=a&base=term.
5
Jerome Kerviel, a French trader, was convicted in the 2008 Societe Generale trading loss for breach of trust, forgery, and unauthorized use of the bank’s computers, resulting in losses valued at €4.9 billion. http://www.businessinsider.com/how-jerome-kerviel-lost-72-billion-2016-5.
6
Roger Lowenstein, When Genius Failed: The Rise and Fall of Long-Term Capital Management (New York: Random House, 2000). Lowenstein chronicles the rise and fall of the illustrious hedge fund Long-Term Capital Management.
7
LIBOR is a benchmark rate that some of the world’s leading banks charge each other for short-term loans. It stands for London Interbank Offered Rate and facilitates the calculation of interest rates on various loans throughout the world. LIBOR is based on five currencies: US dollar (USD), euro (EUR), pound sterling (GBP), Japanese yen (JPY), and Swiss franc (CHF), and provides seven different maturities of each one: overnight, one week, and 1, 2, 3, 6, and 12 months.
8
G. Elton, The Practice of History (Waukegen, IL: Fontana Press, 1967).