Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
It's funny.  Laugh. The Almighty Buck

How To Lose $7.2B With Just a Few Basic Skills 234

Cityslacker recommends a Register piece speculating on how a lowly trader at the French bank SocGen was able to lose billions using only Excel VB. The author freely admits that his story is not based on hard sources, but his experience in the banking industry lends plausibility.
This discussion has been archived. No new comments can be posted.

How To Lose $7.2B With Just a Few Basic Skills

Comments Filter:
  • by Richard.g.k ( 1215362 ) on Friday February 01, 2008 @11:25AM (#22261350)
    The solution is clearly to blame microsoft for it.
    • Re: (Score:2, Insightful)

      by nullCRC ( 320940 )
      You mean Bush.
    • a common preception (Score:3, Informative)

      by RingDev ( 879105 )
      I worked a contract gig a few years back for a non-consumer bank. Their average transactions were on the order of tens of thousands to millions of dollars. The IT director was a lady who loathed Microsoft. Not that she ever really explained her hatred of MS, but she stuck to it. As a result, they were using Netware 3.0 for all of their networking needs. Now, that in and of itself isn't a major problem, Netware was a solid system in it's time. The problem though was that while I was working that contract the
      • I am missing a point. Novel 3 although being 10 years old and missing some patches seems to be working for her and the company... Why change?

        Problems occure when people upgrade for the sake their old system is old. Then you get a brand new system with many more features and different security problems. If you have known problems and you have a workaround fix for it. It is often better to keap it then get new ones that you don't know about.
        • The point is that the difference between 3 and 3.3 is security patches.. there's no reason not to upgrade
    • The sollution is to sell GOOG like crazy now. The overvaluated stock will plumet in the next month or two... More if Yahoo accepts MS offer.
    • by _KiTA_ ( 241027 )

      The solution is clearly to blame microsoft for it.

      If they didn't make it so easy for complete and utter fools to use PCs, maybe so many fools wouldn't do so much damage with them?
    • by sempernoctis ( 1229258 ) on Friday February 01, 2008 @02:22PM (#22264276)
      Do you really want to throw away $7,200,000,000?

                <OK> <Cancel>
    • Re: (Score:3, Funny)

      by fm6 ( 162816 )
      And there's good reason to do so! VBA still doesn't have a binary-coded decimal data type. So people use binary floating point to handle currency values. Do enough transactions, and you can easily misplace $7.2B through rounding errors!
  • Seriously? (Score:3, Insightful)

    by Anonymous Coward on Friday February 01, 2008 @11:26AM (#22261366)
    As someone who has spent too many years in financial services... while some traders are famous for thier bubble-gum and duct-tape approaches to things, this article is this biggest pile of BS I've ever read.
    • by Chrisq ( 894406 ) on Friday February 01, 2008 @11:42AM (#22261642)
      In a place (bank) I worked a branch had a new trainee employee start and forgot to notify the IT department. When they phoned up and let us know we said we would do it as soon as possible. The answer we got was "That's OK, the branch manager has let him use his password for now".

      While this really was a clueless trainee someone with the manager's password could authorise over-limit cash withdrawals, reverse transactions, see all sorts of files and make queries on customers that ordinary staff cannot do.
      • Re: (Score:3, Informative)

        by afidel ( 530433 )
        Yeah when people say things like that to me it's an immediate logoff and new password required along with an email to our it security team and their manager. If it's the second time it's usually cc'd to their departments director/senior vp. Not sharing passwords is covered in new employee orientation as well as the annual IT policy update that everyone has to sign, and it's been like that at ever midsized or larger company I've ever worked at. Where do these people get the idea that sharing their password i
    • Re:Seriously? (Score:5, Interesting)

      by Corporate Troll ( 537873 ) on Friday February 01, 2008 @12:03PM (#22261962) Homepage Journal
      It is? I have worked in IT at financial institutions in the last 10 years. Nothing what he said sounds even remotely improbable. If you knew the stuff, I have seen, you can be happy that a simple wire tranfer doesn't fuck up every time.
      • Re:Seriously? (Score:4, Interesting)

        by Amouth ( 879122 ) on Friday February 01, 2008 @01:09PM (#22263090)
        it amazes me how banks are suposted to be secure.. and think they do everything perfect.. then i see the reality..

        we had someone apply for a job here.. they where an ex bank data center admin.

        in the profolio that they provided to show what they had worked on.. was a detailed layout of the data center and all the interconnects between servers and the branch offices.

        looking through it even had detailed info on all the os and software and respective patch levels for each server in the data center.

        sadly it was recent - ver recent .. they had printed it out with in a week of handing it to me.. after seeing that.. there was no way we would ever hire them..
      • Re:Seriously? (Score:4, Informative)

        by HangingChad ( 677530 ) on Friday February 01, 2008 @02:04PM (#22263988) Homepage

        Nothing what he said sounds even remotely improbable.

        And it's not limited to the financial service sector. I worked at one mid-cap company using Excel linked spreadsheets to do all their quarterly numbers. A massive, bloated pile of VBA that would lumber through the reporting cycle every quarter. It was backed up by the auditors so it couldn't have been too far off. That was before SOX, not sure that audit trail would pass today.

        I'm never surprised about what I find being done in Access or linked spreadsheets anymore.

    • Re:Seriously? (Score:4, Informative)

      by Anonymous Coward on Friday February 01, 2008 @12:25PM (#22262298)
      As someone who spent a long year at an unnamed investment bank:

      1) they didn't bother using shadow password files (this was around 2000-2001)
      2) they did everything with Excel and VBA - my line manager had a box dedicated to running VBA macros on spreadsheets to calculate tons of Equity Derivatives data throughout the day
      3) nobody cared that much about telling each other their passwords

      This was 8 years ago so they may be using Java for everything now - that was the way things were slowly, slowly heading when I left. But I do think VBA is overused and abused in finance more than some other sectors.
    • Re:Seriously? (Score:5, Interesting)

      by jdigital ( 84195 ) on Friday February 01, 2008 @12:34PM (#22262452) Homepage
      Maybe you haven't spent enough years to recognize the author of the article Dominic Connor - a highly regarded individual in these circles.

      I found $2.34x10^x dollars yesterday when I worked out that one of our manual data entry people forgot to put a minus sign in front of a trade. Happens all the time.
    • by 7-Vodka ( 195504 )

      As someone who knows the business, do you think it's possible for one lowly trader to do what he did?
      Do you think it's likely?
      What's more likely, that a loner did this or that he is a scapegoat?

      I'm having tremendous difficulty believing that one person could pull this off with what amounts to a little bit of operational knowledge. I'm much more inclined to believe that we are being fed a story and the truth about what happened will not be revealed to the general public.

    • Re: (Score:3, Informative)

      by ILuvRamen ( 1026668 )
      how can you read it? This is one of the most poorly written articles ever. The guy can't even form a sentence properly. I'm through the whole first page and I'm not even sure what this article is about. Some guy was trading a bought the wrong stocks and then something about programming?
  • lemme try (Score:5, Funny)

    by gEvil (beta) ( 945888 ) on Friday February 01, 2008 @11:26AM (#22261374)
    Give me $7.2B and I'll conveniently "lose" it for you. And I have no skills!
  • Stupid? (Score:3, Informative)

    by scrotch ( 605605 ) on Friday February 01, 2008 @11:26AM (#22261384)
    I may be stupid, but I read the entire article and still don't know what the guy is accused of doing. He traded stocks without permission? Can anyone clue me in?
    • Re:Stupid? (Score:5, Informative)

      by Yvanhoe ( 564877 ) on Friday February 01, 2008 @12:09PM (#22262050) Journal
      Quick summary : He was a trader at one of the biggest French bank, manipulating millions owned by the bank using the usual scheme : buy low, sell high. Except, he managed to fool controls to manipulate more money than he was allowed by several orders of magnitude, allowing him to have a very good overall performance. His objective was _apparently_ only to get higher raises, not to steal that money. So he traded billions in order to make millions of profits. He has been doing this for several months. A few weeks ago, bank officials discover his hidden account with ~50 billions worth of unauthorized stocks on it. They panicked, they sold this as discreetly as possible in a few days at loss (~ 5 billions of loss ), possibly causing a worldwide fall of stock exchanges. The trader admitted that he did something he was not authorized but called the selling a bad decision made in a hurry.

      Of course there are many speculation about all that he could have done by bypassing usual controls.
      • Re: (Score:3, Informative)

        by Orne ( 144925 )
        My understanding, in addition to the information above, was that he was a junior trader (newb), and because of that had an artificial limit on his portfolio, which he then circumvented that limit by obfuscating his trades into hidden accounts.

        He would then use any profit from the hidden account to make his "official" portfolio look like it was performing well, and he would get bonuses from his employer. However, since Dec 07, the markets have been in a down slide, and the value of the hidden account went n
        • Re: (Score:2, Interesting)

          by robertjw ( 728654 )
          So, bottom line is the bank blamed the trader for the $7bn loss when they actually created it themselves. The newbie trader was smarter than they guys that went in to clean up after him.

          Sounds to me like they deserved to lose that money.
      • by CBravo ( 35450 )
        5bn is not that much. You cannot say that the 5bn (that was poured into the market, vapourized) could cause the 10 percent drop in value in a market that is worth over 1000bn.

        There may be secondary effects that caused it, but not the 5bn.
        • From what I can see, the loss was 5 billion, but the total amount sold was 50 billion. A sudden sale of 5% of the market causing a 10% drop seems a lot more plausible than a sale of 0.5% causing a 10% drop.
        • It was more like 50bn of sales. The losses on these sales were 5bn.

          The crash started in Israel on Sunday, continued in Asia in the early hours of Monday morning and finished in the US on Tuesday afternoon - (all times with reference to Central European Time). Most of the positions were in the French and German markets. They fell a lot more than other markets, and this is probably the reason, but certainly the crash was happening anyway, and that's why they had losses they had to close out on in the first
      • Not quite right (Score:5, Interesting)

        by Anonymous Coward on Friday February 01, 2008 @02:11PM (#22264096)

        Better summary: he was a financial derivatives trader at a big French investment bank. Derivatives traders don't buy and sell stocks, but rather, more exotic financial instruments, whose value is tied to stocks. His job was to find mispriced trades when they momentarily occurred, and jump in quickly to make the bank a small profit of them. In general, the way this works is that you have two investments, A and B, whose prices are supposed to stay in the same relation regardless of whether they go up or down; if the prices of A and B are spread too far apart from each other, for example, his job was to spot this, and to simultaneously short sell the overpriced one and buy the underpriced one. This is a form of what's called "arbitrage," because it's supposed to be riskless; if the market goes down, the buy loses money, but the short sale makes you money, and vice-versa. The amounts of the transactions in the pair are set up so that if A and B move the same amount, the losses and gains cancel each other out exactly; you only make money in that example when the prices move relatively closer to each other.

        So now, essentially, what he's accused of doing is two things:

        1. Instead of making his trades in mutually canceling pairs as described above, he'd leave out one trade in the pair, and hide this by producing fake evidence that he'd made that counteracting trade.
        2. Taking on very huge positions, and also concealing them by similar methods. (Faking counteracting trades is a way of concealing them, too, because what the bank really cares about is not the absolute size of the trades, but rather, the risk exposure of the trades. Two very large trades that mostly cancel each other out will have small risk, taken together.)

        One further thing is needed to understand this: derivatives allow one to take huge positions with very little money down, because when you buy, say, a 3-month futures contract to buy on GOOG for $600 (more or less randomly picked number), you don't have to put in $600 for that contract; you only need to put in a fraction of it, as decided by the broker (this is called a "margin requirement"). For the sake of argument, let's say 10%; then with $600, you could buy one share of GOOG, or you could use that as a margin to buy 10 futures contracts on GOOG, that give you, over 3 months, the return of $6,000 worth of GOOG stock. If GOOG goes up, you make 10x as much with the futures contracts; if it goes down, you lost 10x as much.

        This is relevant to this case because Kerviel's job was a futures trader. To take positions worth $50 billion USD, he didn't need to procure that much money from the bank; he only needed to obtain much less.

      • Re: (Score:3, Interesting)

        by jafac ( 1449 )
        He did not just "sneak past controls".

        The higher ups were somewhat aware of what he was doing.

        RISK Magazine awarded them Equity Derivatives House of the Year award for 2007, for their performance, largely due to the $73 Billion in profits this guy leveraged on his $7 Billion. (The award issue was published 2 days before the news of this guy went public, heh).

        It was only when his trades started losing the bank money that they raised a stink.
    • He was supposed to be buying stocks in companies who's market value of the outstanding shares were far lower that the value of their assets less liabilities, or were selling on one exchange for less than they were on an other exchange; in short we was supposed to be looking for and trading sure-things or close to it.
    • I don't think you're stupid. I found the article to be so dry, I couldn't sap any information out of it due to it's lack of obvious direction. Thanks to slashdot readers who have summed it up, I have an idea of what happened.
    • by oni ( 41625 )
      I read the entire article and still don't know what the guy is accused of doing.

      Thank you. I came here to say the exact same thing. The article pissed me off by being needlessly obtuse. "I met with people and they told me stuff. But later, the bigger picture changed. Oh sure, different people disagreed and some of them would prefer to play golf. I went to paris and drank coffee."

  • Easy! (Score:5, Funny)

    by arcite ( 661011 ) on Friday February 01, 2008 @11:29AM (#22261430)
    Buy high, sell low!
    • by JonTurner ( 178845 ) on Friday February 01, 2008 @12:22PM (#22262260) Journal
      Q: Want to know how to make a small fortune in the stock market?
      A: Start with a large fortune.

      thankyouverymuch. Don't forget to tip the waiter. No stock tips, please.
      • Re: (Score:3, Insightful)

        by Lumpy ( 12016 )
        Scary part is people think you are being funny.

        Honestly it's easier to get rich playing Texas Hold-em at a casino than on stocks. at least at the casino you can get tanked and oogle the scantily clad waitresses.
    • by fm6 ( 162816 )
      What a cliche! Knowing which stocks are poised to crash is harder than most people realize. Really, if you're determined to wipe out your life savings, you've got to be prepared to buckle down and do some work. Gasoline and matches are also useful.
  • by wcrowe ( 94389 )
    I read TFA and I have only a vague idea what the author is talking about.
    • Re: (Score:2, Funny)

      So here is how I understand it. He modified the system so that when a transaction used fractions of a cent, it truncated it and put the fractions of a cent into a new account he had made. However, he must have missed a decimal point, because when he checked the next day, he had 7.2 billion dollars. He lost it by writing a check and putting it under his bosses door when the office was closed.
  • by Malevolent Tester ( 1201209 ) * on Friday February 01, 2008 @11:35AM (#22261510) Journal
    10 STEAL Money
    20 GOTO 10
  • Insider knowledge (Score:5, Informative)

    by Dan East ( 318230 ) on Friday February 01, 2008 @11:37AM (#22261556) Journal
    He pulled this off using insider knowledge. He worked previously in the back office, which oversaw all trading. The bank then moved him into trading, which according to statements I've read from other bankers, was practically a violation of policy.

    Since he knew the flow of information through all parts of the bank, he was able to cover his tracks and employ creative accounting. He knew what types of accounts and trades would not raise flags, so he would flow money though those routes.

    This type of security risk can exist in practically any business. If you're a developer or IT person, and suddenly find yourself working within the infrastructure you design and maintain, then guess what? You can most likely bend the system around some rules. The same type of rule applies for relatives and spouses. Most businesses will not let an employer be managed or supervised by a relative or spouse for the same reason. They can cover each other's tracks, and have more complete knowledge of the system.

    Dan East
    • by sskagent ( 1170913 ) <blackspade01.gmail@com> on Friday February 01, 2008 @11:45AM (#22261692) Homepage
      ...employ creative accounting.
      Is that where they draw little faces out of the 0's and make 8's into eyes??
      • ...employ creative accounting.
        Is that where they draw little faces out of the 0's and make 8's into eyes??

        Why, yes. Yes it is. As a matter of fact, I make a pretty nice looking decimal point.
    • by Kelz ( 611260 )
      Granted, a bit of luck was involved if it was indeed his goal to make the bank lose money. The bank had to even all debts on one of the absolute worst days for the market.
  • by gedhrel ( 241953 ) on Friday February 01, 2008 @11:48AM (#22261738)
    This - very entertaining book - explains the process better. The characterisation of traders who blow up is particularly damning.

    Curiously, Nick Leeson (the man who sank Barings Bank) supplied a soundbite saying how he didn't believe that the losses in this instance could have reached such a size. And that's the problem: he hasn't learned anything from his experience.

    The difference between "trader" and "rogue trader" is simply one of the amount of luck the lucky idiot has.
  • by mbaGeek ( 1219224 ) on Friday February 01, 2008 @11:49AM (#22261752) Homepage

    What he did
    Basically the guy was "gambling" on stocks and losing - then making bigger bets trying to catch up. He claimed that he was simply trying to get a big bonus and didn't have any malicious intent.

    how he did it
    He went largely "unsupervised" because he was considered unimportant (and hadn't taken a vacation in a long time - so he covered his own tracks until the whole thing collapsed).

    Most financial institutions require mandatory "vacations" so they can check up on people (this guy would have been caught much sooner if someone else had a chance to look at his "trading desk")

    the funny part
    what I love is that they haven't fired him yet, he has been told to not come to work and they aren't paying him, but France's labor laws require a "sit down" before they kick him out the door.

    In the short term he is being looked at as a "Robin Hood" type figure by some people (who think he just ripped off the greedy bankers, not that he committed fraud and stole) - so mark this up as an unintended consequence of ridiculously strong labor unions

    • Those Silly Frogs (Score:3, Informative)

      by fm6 ( 162816 )

      so mark this up as an unintended consequence of ridiculously strong labor unions

      I'm not current on the French labor scene, but somehow I doubt that there's a union for financial analysts. The strong labor unions in France are more of an effect than a cause: French society is suffused with an us-versus-them mentality that makes Rush Limbaugh look like a Quaker.

      Then again, Americans have their share of anti-business, pro-Robin Hood prejudice. One reason everything we do is so bound up in liability concerns

  • A New Low (Score:3, Insightful)

    by Nom du Keyboard ( 633989 ) on Friday February 01, 2008 @11:56AM (#22261832)
    So now Slashdot is carrying articles that are mere speculation. I realize that "serious programmers" love to trash VB everywhere, but can't we at least have facts on our side first?
    • Re: (Score:3, Insightful)

      by jacksonj04 ( 800021 )
      I'm not even sure what VB has to do with anything. As far as I can tell it was a purely human cock-up which would have applied if he'd had skills in anything. Moving people around, failure to revoke permissions, poor security, and non-enforced policies all make for a bad day's work.
    • So now Slashdot is carrying articles that are mere speculation.
      Here's how to fix that problem:
      1. Go to the Preferences Page
      2. Select Homepage
      3. Find the section marked "Customize Sories on the Homepage"
      4. find the Authors column on the right
      5. Uncheck the box next to kdawson
      That should significantly reduce the amount of purile drivel that you see on the front page. Good luck!
  • Read: (Score:2, Interesting)

    "The author freely admits that his story is not based on hard sources, but his experience in the banking industry lends plausibility." Read: "This guy has no proof, evidence, or accounts of what happened, but this sounds good, so lets blame MS" I'm on board with that. This is /.!
  • by spectrokid ( 660550 ) on Friday February 01, 2008 @12:08PM (#22262046) Homepage
    is that anybody with some VBA knowledge will sooner or later get access to other peoples Excel sheets in order to fix problems. This is just a form of social engineering. Once you sit in front of the PC, logged in as another user and telling that gratefull person you get nervous when other people look you on the fingers while you try to solve a complex problem...
    Another interesting point is "Rights-creep". Often people are given acces rights as they move between functions, but these rights are never revoked when moving on to the next...
  • Bad banks (Score:5, Interesting)

    by Anonymous Coward on Friday February 01, 2008 @12:16PM (#22262152)
    I interviewed for a senior IT management position at a fairly decent size bank several years ago. Maybe this bank is within the top 25 in the USA.

    I met with the CIO, and we had a great discussion in terms of where they were in terms of their systems. The CIO seemed to be an honest, straight-shooting guy. He was new to the bank - he started perhaps 8-12 months earlier.

    He stated that the systems of the bank were in danger of total catastrophe. There were internally-built programs without source code. The divide between production, QA, and development environments broke down. Production runtime was manipulated by developers in real time. Some hardware was so old that it was running obsolete operating system software. If the machines failed, recovery would be extremely difficult, at best.

    Coming from another class of institution, I found these statements shocking and disheartening. I liked the CIO - he was certainly fighting a huge, dangerous battle... and it was clear that he knew how much trouble he was in.

    I ended up turning down the position offered, as their financial compensation wasn't nearly commensurate with the career risks I'd be taking stepping into such a huge minefield.

    The CIO said he understood, but his budget was constrained - the bank was in severe cost-cutting mode, looking for a merger.

  • by ShakaUVM ( 157947 ) on Friday February 01, 2008 @12:21PM (#22262238) Homepage Journal
    According to Richard Branson, the best way to become a millionaire is to start as a billionaire and found an airline.
  • by griffinme ( 930053 ) on Friday February 01, 2008 @12:24PM (#22262276)
    I have seen several instances where someone that did a little digging on the back end could easily make the system do what ever they wanted. They become more valuable because they can fix the system when it hiccups. "Customer Joe has a weird charge on it. The system won't let us fix it. What are we going to do?" The guy that knows the backend then goes in and changes it right on the database and is a hero. But if he can fix things then he can also break things and cover it up. It goes back to managements desire to wear blinders. They want to put super locks on the physical doors but give the keys to kingdom on the system to anyone that is willing to help.
  • by i-neo ( 176120 ) on Friday February 01, 2008 @12:24PM (#22262286)
    Here in France someone is not guilty until it has been proven.
    Just let the justice do its work, we can then speak about it using some hopefully serious investigation to base our comments on.

    Several things are unclear:
    - Why and How can this man be responsible for a such thing ?
    - What gives its employer the right to judge him ? (nothing according to French laws)
    - Is it really a fraud or is it a professional mistake ? This point is still unclear according to the justice.
    - How are the amount accounted ? According to the latest news the bank itself is responsible for the loss and it was determined by the bank strategy not the trader's.

    I think this is a very complicated situation involving various interests (financial places, politics, justice...).
    It is not obvious how things will be sorted out, speculating about it will not help.

    I am giving up my karma on this one ;)
    • by Yold ( 473518 )

      1.) Why and how can he be responsible?
      His job was to make risk-free investments (from TFA), which isn't particularly risky. He lost 7 billion dollars making risky investments without authorization. BTW, it is quite possible to eliminate unsystematic risk, and profit from undervalued securities.
      2.) See answer #1.
      3.) See answer #1.
      4.) Of course the bank is going to bite the bullet.

      Explain to me how a trader making unauthorized trades with unauthorized sums of money is not responsible.
      • Re: (Score:2, Insightful)

        by i-neo ( 176120 )

        Explain to me how a trader making unauthorized trades with unauthorized sums of money is not responsible.

        Because it is usual to take such action as a trader, even if it is not official.

        First the numbers must be forgotten because they are not yet determined. Furthermore it is normal for traders to manipulate very large amount of money, especially on his market (arbitrage). Due to the ROI of this sector, banks use large amounts to generate more money.

        Second first elements in the investigation indicates that he was doing it successfully since 2005... he has won a lot of money that way, for who ? the bank. Now he

  • How to lose this kind of money is SIMPLE! Get married.
  • by bockelboy ( 824282 ) on Friday February 01, 2008 @01:06PM (#22263034)
    I hate to say it, but the Reg might be right. Assuming the linked CV is the real thing, he only claims to have experience with Excel macros and a smattering of VB.

    The real part of his hack is probably social engineering and stumbling upon oversights in the trading system. How many IT folks, even the dumb ones, can say "I could take this whole system down if I wanted!" - this guy actually did.

    Goes to show that there's a difference between checking off boxes for auditors and actual security. Auditors can make sure the proper safeguards are in place; auditors can't tell if everyone in the department uses the same password.
  • First, you start with a large fortune...

  • "...bleeding edge programming in F#, to cruel and unusual C++..."

    All credibility of the author lost in one absurd statement.

    • He's not saying that C++ in general is cruel and unusual. He's saying he dealt with people who essentially were C++ experts and hence coded extremely low level/extremely complicated C++ apps. Presumably an example would be kernel coders or people who work on compiler design etc.

      If you did some research it would become clear that the article author is highly respected in the field of trading/investment banking and the technology used by these organizations.
  • Maybe this is just a cultural difference between the UK and the USA, but I can't stand the Reg house writing style. Most pieces consist of a meandering, rambling narrative with tedious in-joke acronyms and what I can only describe as linguistic cruft splayed out over three ugly pages. I used to enjoy the Reg (a while ago, when I was more heavily invested in "IT" as a career) but I can't say I've made it to the end of an article in years.
  • by jadin ( 65295 )
    I was thinking of joining a fantasy stock exchange game, but this looks a lot more fun.

    Sign me up!

  • "I don't know what happened, I must have missed a decimal point or something..."
  • by Anonymous Coward on Friday February 01, 2008 @03:51PM (#22265604)
    I don't post much on Slashdot (ever), but I read the site a lot. I work in the financial industry and got some feedback from senior Risk Management ppl at SocGen regarding this little fiasco.

    This is what they said happened:

    As is now well-publicized, JK was able to use his knowledge of SocGen's back office procedures and controls to subvert them. Somehow (SocGen still seems unsure how) he obtained the access passwords of 3 or 4 other middle/back office individuals; but not only that, because these are changed regularly, he obviously managed to keep "updated" with the changes; (*my theory is that he figured out that people use easy to remember passwords like MonthYear and change it every month).

    JK was able to hide what would have been massive swings (because of the size of real gross positions he was taking, primarily on Eurex) in his P&L from SocGen's P&L and Risk Management systems;

    An alternating pattern of 5 basic types of transactions was used. (I believe these were described in a press release last weekend);

    One thing that JK was apparently doing (which gave us an instant "flashback" to Barings and the infamous 88888 account!), was that JK would fail to put the required broker reference on at least some of his transactions, which would cause them to go into an error or suspense account for subsequent reconciliation (i.e., not as part of the overnight routine), allowing JK the opportunity (presumably) to reverse out or cancel the trade before it was spotted and questioned;

    JK was hiding a few fictitious transactions in the midst of a slew of real ones. When some of these were picked up by controllers, he was able to find excuses to allay suspicion- e.g., by saying that the size of transaction entered must be an error and he would rectify it

    He would cancel forward starting transactions before SocGen's system generated the relevant Confirm; [If I understood JPM correctly, SocGen has stopped the practice of deferring sending these out];

    SocGen has combed its books and it believes that it has found all the fictitious transactions; and does not believe there was anyone else acting with JK. JPM stated that the bank was "99% certain" that it knows the full extent of its losses;

    There were clear weaknesses in trader management. The Delta One Desk was supposed to have small risk sensitivities and hence a modest net daily P&L movement. JK's superior "reconciled" the daily P&L on a net basis, but never appears to have looked at the gross positions- the clear inference from JPM was that, if he/she had the fact that something didn't add would/should have been spotted;

    With regards to margin calls, most of these would have related to positions on Eurex. For administrative convenience, SocGen received a single consolidated account for the whole bank- i.e., no granularity. Given how big a player SocGen is on Eurex, this made it easy to miss individual movements {Altho' this begs the question about control over actual movement of cash/margin];

    As JPM pointedly said, SocGen's Market Risk Management never failed, but its Operating Risk Management certainly did;

    Boston Consulting Group is now helping SocGen with making changes to its controls and the bank has a number of immediate and short term fixes underway- including reviewing the use of biometric identity checks for at least key controls; looking at gross and not just net positions in reconciling daily P reconciling positions between internal counterparts daily (not monthly as before); tougher and more granular controls on deposit and margin calls and reporting; better enforcement of the holiday policy (e.g., JK was able to find an excuse not to take holiday last November);

    As is public knowledge, when JK was found out, SocGen discovered that it had open positions on Eurex (EUR 30BN); DAX (18BN); and FTSE (EUR 2BN), aggregating EUR 50BN. JPM was adamant that SocGen had no choice but to close out those positions, while trying to avoid moving the market. In mitigation of the

In less than a century, computers will be making substantial progress on ... the overriding problem of war and peace. -- James Slagle