Document Sample
					The Journal of

Risk &
Banking, Financial Services & Insurance

                 This article has been reproduced with permission from Finsight Media (
                      from the February 2009 issue of the Journal of Compliance, Risk & Opportunity (CRO).

                         MANAGING OPERATIONAL RISK
                                              Through the Credit Crisis
                                                       Penny Cagan

     Current environment                      Northern Rock, but 2008               lend money to individuals who
                                              witnessed the collapse and near-      could never pay them back?’ The
     The global financial services            collapse of some of the largest       abbreviated answer to that
     sector experienced the worst             and most diversified financial        question is that they did not care
     imaginable of times during the           institutions in the world.            because the risk had been
     past 18 months. Many of the                                                    seemingly passed on to investors
     world’s mature banking systems           In order to understand the present    through securitisation. This is why
     failed and were the recipient of         financial crisis, it helps to trace   India, for the most part, avoided
     government rescue funds. 2007            how the rapid growth of the           many of the large losses that
     might have seen the collapse of          securitisation markets changed        plagued other regions. A
     lenders who were mostly                  the credit culture within banks.      combination of culture and
     concentrated in the subprime             The question has been asked           regulations resulted in a lending
     sector, such as Countrywide and          again and again: ‘Why did banks       sector in India that held loans on

     COMPLIANCE, RISK & OPPORTUNITY                                                          Reproduced with permission
                                                 February 2009

its books. This is a key                they were favoured by investors in   largest operational risk loss
differential.                           the secondary market for their       events that occurred in 2008.)
                                        higher returns. This was a self-     Both operational risk events
In the United States, credit            perpetrating loop which led to the   included frauds that were
cultures changed when loans were        payment of higher commissions        originally undertaken prior to the
bundled and sold to investors.          to sales executives who sold         global credit crisis, but the state
Banks acted as if they had              higher priced mortgages to           of the markets escalated their
‘outsourced’ their credit risk.         borrowers - many of whom were        severity.
Securitisation changed how banks        unable to meet their credit
grew their lending business; they       obligations.                         The bookend events in the US
used to rely on collecting deposits
to finance the initiation of new        Managing operational risk in         The operational risk events in
loans. This is not the most             the current environment              2008 were outsized, according to
‘efficient’ and ‘speedy’ method for                                          the statistics compiled by
bringing in cash. Banks discovered      From an operational risk             Algorithmics’ FIRST database of
that they could grow their              perspective, which is the            risk case studies. For instance,
businesses much faster if they          broadest and most far-reaching       Graph 1 below demonstrates that
turned to the capital markets.          risk type that a financial           2008 does not represent the
Larger and larger percentages of        institution can experience, and      largest number of events
these banks’ available cash came        includes systems, processes,         collected in the database for
from selling off loans rather than      people and external events, 2008     financial institutions. However,
gathering funds from customers          was the worst on record. Credit,     Graphs 2 and 3 demonstrate that
with deposit books.                     market, and liquidity risk drove     it was certainly the most severe
At the same time, lenders started       the severity of operational risk     year in terms of size of loss for
emphasising on quantity of              loss events. This can be witnessed   events involving financial
lending activity rather than quality.   by the size of two events that       institutions. Given the
Their reliance on bundling and          served as bookends for the year:     circumstances we have lived
selling mortgages in the secondary      the $7 billion unauthorised          through, these statistics reflect
markets was at the core of their        trading event at Societe Generale    large losses in the financial sector
problems because it encouraged          that was uncovered in January and    globally. Graph 5 provides a
predatory selling behaviour and         the $30 billion fraud at Bernard     geographic breakdown of the
lax lending standards. For              Madoff’s firm that emerged in        entire database in order to
instance, subprime mortgages            December. (See Table 1 at the end    provide a sense of how much the
were especially lucrative because       of this article for a list of the    most troubled markets - Europe
                                                                             and the United States - impact the
Graph 1: Operational risk events involving financial institutions            size of losses.
by number of events
                                                                             The first ‘bookend event’ that
                                                                             emerged in January 2008 was an
                                                                             authorised trading event of a size
                                                                             the markets had never before
                                                                             experienced. This event involving
                                                                             French bank Societe Generale
                                                                             served as a harbinger of the year
                                                                             to come. The bank discovered
                                                                             and unwound its trades during a
                                                                             time of great volatility in the
                                                                             markets which led to a
                                                                             substantial increase in the size
                                                                             of its loss. The announcement
                                                                             of the rogue trading incident
                                                                             came on the same day that the
                                                                             bank announced a €2.05 billion

Reproduced with permission                                                         COMPLIANCE, RISK & OPPORTUNITY
                                               February 2009

write-down related to its             uncovered because ‘in
subprime exposure. The trading        [economic] depression, all this is
loss was announced during             reversed. Money is watched
extremely volatile conditions,        with a narrow, suspicious eye.
with the markets swinging wildly      The man who handles it is
on both inter-day and intra-day       assumed to be dishonest until he
basis.                                proves himself otherwise. Audits
                                      are penetrating and meticulous.
The second ‘bookend event’ of         Commercial morality is
the year involved the                 enormously improved. The bezzle
unimaginable $50 billion fraud        shrinks.’
involving Bernard Madoff that was
disclosed in December. This fraud     Uncovering the Madoff event led
might have continued much             to the discovery of a secondary
longer if investors were not          series of operational risks
exiting the markets in droves.        associated with feeder funds
What eventually unearthed             which for the most part turned        Biography
Madoff’s fraud was the increase in    over all of their investors’ money
redemption requests among all         to Madoff. Several of these funds     Penny Cagan is a managing director
investors and across most asset       collected standard 2 and 20 (2        with the operational risk division of
classes. Madoff’s fraud, like most    percent administration fees and       Algorithmics/Fitch Group. She has
Ponzi schemes, could only exist       20 percent performance related        over 25 years of experience in the
as long as new funds were raised      fees) from their investors. They      field of financial services research.
in order to pay off investors who     issued prospectuses that indicated    She currently manages the FIRST and
had requested redemptions.            they followed certain allocation      Opdata operational risk loss event
Heavy withdrawals from Madoff’s       and portfolio management best         databases and is head of research
fund led to his inability to honour   practices. They indicated that they   for the group. Penny has published
requests from investors to retrieve   had hired companies to perform        numerous articles on the topic of
their money. If the markets had       independent valuations and            Operational Risk in Risk Magazine,
not turned so volatile and investor   verified all statements and trades    Operational Risk newsletter, FOW,
confidence had not reached such       received from Madoff. And yet,        and the John Liner Review.
a state of capitulation, Madoff’s     several of these funds simply
scheme could have continued for       turned over all their collected       A highly regarded speaker on
a bit longer.                         money to Madoff with very little      operational      risk,   Penny      has
                                      associated due diligence. In these    established the best practice
This case presents a good             cases, their investors were blind-    standard of examining and analysing
example of what economist John        sighted by their exposure to          case studies on operational risk
Kenneth Galbraith called a            Madoff.                               based on external events and was the
‘bezzle’ in his book entitled ‘The                                          first person to go to market with an
Great Crash’. He wrote in his         There are no allegations that         operational risk case study database.
treatise on the 1929 stock            feeder funds actively participated    She has managed the FIRST
market crash that there is an         in Madoff’s fraudulent scheme.        database for the past seven years
‘inventory of undiscovered            The feeder funds are likely to be     and under three different owners.
embezzlement’ that is built up        the target of lawsuits that allege    Earlier in her career, she served as
during booming markets. These         they enabled the fraud to             head of research for Deutsche Bank’s
frauds are maintained because         continue for such a long period;      North American Business Information
everyone is so happy to be            they provided new funds that          Services division and as head of
making money that there is little     Madoff used to pay off investors      reference          services        with
incentive to look closely at where    who were redeeming shares. As         PaineWebber’s investment banking
the returns are coming from.          long as new funds flowed into         division. Penny holds an MLS in
However, when market conditions       Madoff’s company, investors           library science and a BA and MFA in
change, as they did in 1929 and       were paid off and the fraud           English literature and creative writing.
2008, the ‘bezzles’ are quickly       continued.

COMPLIANCE, RISK & OPPORTUNITY                                                      Reproduced with permission
                                            February 2009

Graph 2: Operational risk events involving financial institutions          associated with a product, such
by size of loss                                                            as mortgage-backed securities.
                                                                           Every new business activity
                                                                           should include an operational
                                                                           risk review and construction of
                                                                           scenarios. If a business is too
                                                                           complex or operated by
                                                                           mathematical wizards from
                                                                           behind closed doors, it carries
                                                                           too much risk.
                                                                           Risk cannot be outsourced. It
                                                                           just returns in another and
                                                                           perhaps more virulent form.
                                                                           The apparent outsourcing of
                                                                           credit risk through the
                                                                           mortgage securitisation process
                                                                           resulted in increased
Lessons learned for growth           happy to trust his ‘black box’        operational and liquidity risk.
markets                              trading strategy and neglected        A business model that relies
                                     due diligence best practices.         upon the constant turnover of
  One lesson learned from the        Market volatility can drive the       short-term loans will inevitably
  Bernard Madoff alleged fraud is    size of operational risk events -     fail when credit markets dry up.
  how far one person with the        particularly trading events.          We have seen this with
  proper credentials can get in      Volatility should translate into      governments like Russia
  perpetrating a fraud if he ‘acts   increased attention to controls,      experienced it when it
  as if’ he belongs in a certain     oversight, and supervision of         restructured its debt in 1998,
  place, circumstance, or venture.   any area within a financial           and most recently, the US
  Wealthy investors, hedge funds,    institution that can result in        investment banks.
  money managers and banks           fraud or large unauthorised           Frauds that are perpetrated
  trusted Madoff because of his      trades. When volatility rises,        during ‘boom times’ will
  credentials. There was little      there should be no tolerance          inevitably be uncovered during
  concern for the fact that          for traders who breach their          market downturns. This
  Madoff’s trading strategy could    limits.                               suggests that the time to
  not be replicated or back-tested   Management should                     manage risk is during the go-
  by anyone. Investors were          understand thoroughly all risks       go-years when controls become
                                                                           more lax and fraud is less
Graph 3: Operational risk events involving financial institutions          feared. Management needs to
by average loss amount                                                     thoroughly understand at all
                                                                           times, including the good
                                                                           times, how profits are achieved.

                                                                         Where do we go from here?

                                                                         The prime lesson of the past year
                                                                         has been that institutions need to
                                                                         construct robust top-down risk
                                                                         scenarios across their
                                                                         organisations that include all risk
                                                                         types. Recent events suggest the
                                                                         importance of top-down scenarios
                                                                         that include issues such as
                                                                         liquidity risk, the unwinding of
                                                                         certain positions at the same time

Reproduced with permission                                                     COMPLIANCE, RISK & OPPORTUNITY
                                                    February 2009

as the rest of the market and the       Graph 4: Breakdown by BIS event category for 7,908 events by
impact upon all asset classes as        number of events and loss amount
healthy securities are sold to raise
cash to cover losses from the
unhealthy ones, the impact on a
firm’s balance sheet when the
market for an asset goes away
and there is no ability to mark-to-
market, the failure of markets
outright such as auction-rate
securities and the firm’s
obligations to investors, suitability
issues when markets are
sustaining losses across the            Graph 5: Geographic breakdown for 7,908 events by number of
board, and shareholder issues           events and loss amount
when a firm’s share price drops

The creation of a handful of top-
down scenarios holds the promise
of changing the language and
culture of a firm and engaging
senior management. They should
be vetted and signed off by the
board of directors. Such a practice
would not cost a lot of money,
would not require armies of             Graph 6: Breakdown by BIS Event Category for 60 Indian events
consultants, but would go a long        by number of events and loss amount
way towards embedding risk
concerns within a firm’s strategy.

What type of events did India

The events experienced by
financial institutions in India were
very different in complexion and
size; for the most part they
involved serious but not outsized
operational risk omissions and          Source for all charts: Algo FIRST database of risk case studies
failings. There are 60 events in
the FIRST database involving India;     involved an alleged fraud.                          ($3,54,563) in counterfeit
the events total $976 million,                                                              currency notes with authentic
although many are reputational          The following is an overview of                     ones in a box managed by the
and do not contain an actual            operational risk events involving                   financial institution for daily
dollar amount. The largest event        Indian financial institutions:                      cash flow transactions on
in the database involving a                Police arrested a former bank                    behalf of the Reserve Bank of
financial institution doing                teller of the State Bank of India                India (RBI).
business in India resulted in a loss       on charges of conspiring with                    The Securities and Exchange
of $276 million and involved an            forgers to place fake Indian                     Board of India (Sebi) announced
agreement reached in 2001                  notes in a cash box. The bank                    on August 13, 2008 that it had
between the National Housing               teller told investigators that he                set up arbitration proceedings
Board and an Australian bank that          exchanged over INR 15 million                    against seven financial

COMPLIANCE, RISK & OPPORTUNITY                                                                      Reproduced with permission
                                            February 2009

  institutions alleging that they    to buy 2 million tons of wheat       ($25,297) for client
  had failed to comply with          from the Australian Wheat            discrimination. The state
  proper due diligence efforts       Board, (now AWB) in 1998 at an       regulator claimed that the bank
  during initial public and rights   ‘exorbitant’ price, despite          denied the issuance of a credit
  offerings as well as open offers   having adequate stocks on            card to a customer based on
  since 2006. The regulator          hand. In exchange, the men are       her professional status in
  claimed that it had discovered     alleged to have received a           August 2005. The commission
  ‘serious shortcomings’ in the      ‘facilitation payment’ of $2.5       also ordered the bank to pay
  due diligence process carried      million, laundered through           the customer INR 50,000
  out by the banks.                  companies in the Cayman              ($1,264) as compensation.
  In July 2008, the former head      Islands and Bahamas.
  of India’s State Trading           In an example of people risk,      These events are representative of
  Corporation and two other men      on February 8, 2008 a              what we have been tracking in the
  were placed under investigation    consumer regulator, the Delhi      country - many involve serious
  over payments made in              State Consumer Disputes            frauds or compliance oversights,
  connection with a 1998 wheat       Redressal Commission, fined        but they are manageable and do
  deal. The Indian government        one of India’s largest financial   not pose liquidity or systemic risk
  claims that the men arranged       institutions INR 10,00,000         to the institutions or the Indian

Table 1: Ten largest operational events from 2008

Reproduced with permission                                                    COMPLIANCE, RISK & OPPORTUNITY
                                                February 2009

market. However, what has                rogue trader. The bank               through the creation of
occurred in the United States,           characterised the largest rogue      fictitious transactions which
United Kingdom and Europe                trading event to date as the         were designed to ‘lure’ investor
during the past 18 months is ripe        result of ‘elaborate fictitious      money and that the misdeeds
with lessons learned for most            transactions’ that allowed the       occurred over the timeframe of
global institutions.                     trader to circumvent a series of     a decade.
                                         internal controls. The trades in
Footnotes                                question involved the arbitrage    6 Siemens AG will seek financial
                                         of ‘plain vanilla’ stock-index       damages from 11 former top
1 Bernard L Madoff and his               futures. The trader previously       executives, accusing them of
  investment firm Bernard L              worked in a back-office              failed oversight amid an
  Madoff Investment Securities           function for the bank and            unfolding bribes-for-business
  LLC were charged with                  gained knowledge of how to           scandal. The total loss suffered
  securities fraud on December           circumvent the bank’s systems        by Siemens as a result of the
  11, 2008. The SEC alleges that         through this prior position.         scandal, including fines,
  the prominent Wall Street trader                                            settlements, tax charges and
  and investment adviser had           4 Fairfield Greenwich, a hedge         additional expenses, amounted
  perpetrated a Ponzi scheme             fund manager based in                to €2.13 billion ($2.8 billion).
  that resulted in investor losses       Connecticut, announced in mid-       The bribery scandal sparked
  of at least $50 billion. Madoff        December 2008 that it had            investigations in 11 countries
  collected funds for years from a       approximately half of its assets     with prosecutors having
  variety of private investors and       under management invested            identified more than 30
  sophisticated financial firms -        with Bernard Madoff Investment       suspects in the case, including
  including at least one hedge           Securities.                          former CFO, Heinz-Joachim
  fund that invested 100 percent                                              Neubuerger, and former
  of its assets with him - and           Fairfield Greenwich had served       management board member
  never actually executed trades.        as a feeder fund for Madoff.         Thomas Ganswindt.
                                         The firm had $14.1 billion of
2 On April 14, 2008 Wachovia             assets under management and        7 Credit Suisse announced on
  Corp announced a mortgage-             approximately $7.5 billion           February 19, 2008 that its first
  related write-down for the first       invested in funds connected to       quarter 2008 profits would be
  quarter of $2.8 billion. The           Madoff’s investment company.         less than forecast after it
  losses led to a sharp fall in          Most of Fairfield’s exposure         marked down the value of
  Wachovia’s stock price and the         was through flagship fund            certain mortgage-related bonds.
  filing of a class-action suit. On      Fairfield Sentry which was           An internal review identified
  July 22 2008, Wachovia Corp            entirely invested with Madoff.       mismarkings and pricing errors
  announced a second quarter             Fairfield was the largest victim     by a small number of traders in
  write-down of $6.1 billion, of         of Madoff’s fraud.                   its Structured Credit Trading
  which $5.6 billion was related                                              unit in London. The bank cut
  to declining mortgage-related        5 Petters Group Worldwide and its      the value of the investments by
  asset values. A class-action filed     venture capital subsidiary,          $2.85 billion after uncovering
  in federal court in California on      Petters Company, Inc, filed for      the errors and suspended ‘a
  June 6, 2008, alleges the bank         bankruptcy protection on             handful’ of traders. On March
  misrepresented its standards           October 13, 2008. The venture        20 2008, Credit Suisse revised
  for underwriting option                capital division is also under       the size of its write-down to
  adjustable-rate mortgage (ARM)         investigation for an alleged $3      CHF 2.86 billion ($2.65 billion),
  loans, with optional payment           billion accounting fraud             ascribing it to ‘intentional
  structures.                            perpetrated by CEO and               trader misconduct’ in the
                                         founder, Tom Petters.                mispricing of certain RMBS and
3 Societe Generale announced a           Investigators contend that           CDOs.
  €4.9 billion ($7.2 billion) loss       Petters and his colleagues
  on January 24, 2008 as a result        misrepresented the financial       8 On November 7, 2007 Visa USA
  of the misdeeds of a single            health of their company              Inc agreed to settle a lawsuit

COMPLIANCE, RISK & OPPORTUNITY                                                       Reproduced with permission
                                              February 2009

  filed by American Express in       9 CITIC Pacific Limited, a major   lodged lawsuits against Ascot
  November 2004. The suit              investment company               Partners which disclosed in
  alleged that from 1996 to            headquartered in Hong Kong,      December 2008 that it had
  2004, Visa, MasterCard and           disclosed on October 20, 2008    invested 100 percent of its
  their member banks illegally         that it had incurred mark-to-    assets with the fraudulent fund.
  blocked American Express from        market losses of HKD $14.7       The lawsuit, which is expected
  the bank-issued card business        billion ($1.8 billion) due to    to be one of many, was filed
  in the United States. Under the      foreign exchange forward         against Ascot Partners and its
  settlement agreement, Visa USA       contracts that an executive      founder and manager, J Ezra
  will pay up to $2.25 billion to      director entered into without    Merkin, by New York Law
  American Express. The                proper authorisation between     School which has lost $3
  settlement includes an initial       July 2007 and September          million as a result of the fraud.
  payment of $1.13 billion in the      2008.                            New York Law School also sued
  fourth quarter 2007, and                                              BDO Seidman - the American
  installments of up to $70          10 In a case related to the        arm of BDO International --
  million per quarter for the next     outsized fraud perpetrated by    which served as auditor for the
  four years through 2011.             Bernard Madoff, investors        Ascot fund.


Reproduced with permission                                                 COMPLIANCE, RISK & OPPORTUNITY

Shared By: