The Societe Generale Fraud

The Societe Generale fraud: An example of poor risk management

Incident:

The 2nd largest bank of France, Societe Generale, was struggling to square up the huge $ 7.2 billion loss it incurred on account of the biggest fraud committed by its young equity dealer -- the biggest loss an individual has inflicted on a bank. 31-year-old Jerome Kerviel put the survival of Societe Generale at stake. Kerviel took positions in the derivatives trade far beyond what the bank permitted. He took positions to the extent of 50 billion Euros plus, which is much more than the market value of Societe Generale. To cover up the positions in the market and avoid any takeover attempts, the bank was forced to mop up funds worth billions of dollars from the market. It is estimated that Societe Generale’s loss was to the tune of 5 Billion Euro ($7 Billion). Incidentally the biggest fraud in banking industry was announced on the day the US Central Bank announced its biggest rate cut (since 1990) of 75 basis points. A few even wonder whether there is any link between the Fed’s announcement of rate cut and the fraud in Societe Generale. By December 2007, he had made gains of over € 1.4 billion through such positions. By mid-January 2008, the compliance officers at Société Generale found abnormalities pertaining to the trades carried out by Kerviel and they informed the authorities. Kerviel admitted to the Head of Société Generale’s investment banking division that he had committed unauthorized trades and fictitious transactions. The CEO of the bank, its board, and the Central Bank of France were informed about these transactions and they decided to close the trading positions that Kerviel had created. However, by that time, the markets were falling sharply, and Société Generale had to incur a loss of € 6.3 billion on unwinding these positions.

Analysis:

1. When a bank creates policies and procedures for Risk Management it should also make sure that the employees are trained on these procedures and should be well aware of the Risk Management systems. In the case of Societe Generale the bank was not able to educate its employees about the needs to ensure the secrecy of the password.

It was like installing a huge ultra modern alarm in a building but with its window wide open so the thief can conduct his overnight raid.

2. In the trading business every trader is assigned some limit within which he can trade. The traders are assigned day limit or overall limit of trade and at any point of time they cannot exceed that limit. But in practice traders cross their limits in an attempt to make more profit for their bank and pocket fat incentives for themselves. In an attempt to earn a huge profit for Societe Generale, Kerviel booked deals in excess of Euro 50 billion.

3. Usually forward contracts are off-balance sheet items, which are regarded as “not so important” by banks. Keeping this in mind Kerviel used a fine mix of equity trading, futures and forward contracts. On behalf of Societe Generale, Kerviel used to bet on the movement of the stock market index. Whenever he booked a genuine transaction, he used to book the other leg of the transaction in the form of fictitious forward contracts (an agreement to buy or sell any commodity at an agreed time in future for an agreed price), with his supervisors finding the books tallied and he appearing to be trading within the limit assigned to him. To reflect several of the booked contracts as genuine he would use his colleagues’ systems. Thus he managed to convince his auditors / bosses about the authenticity of the transactions, since the transactions ostensibly were entered by another employee. For doing so, he made use of the passwords of several of his colleagues.

4. An independent verification was not carried out on traders' positions and trade cancellations. The fictitious transactions were not monitored and reconciliations were not carried out.

5. Kerviel's main responsibilities included handling proprietary deals in the futures market. He was required to purchase a portfolio of stock index futures and at the same time, sell a similar mix of futures, with slightly different value. His main job was to hedge the funds. By purchasing a stock and at the same time selling the stock at a higher price the person is actually hedging his position. His job was to take bets on small price differences between futures contracts and not to place directional bets. The idea was to take a long position by purchasing certain stocks and at the same time take a short position by short-selling other stocks. The combined positioned balanced or hedged the investment fund against changes in the overall level of the market, and allowed him to profit from a change in the relative price of the two positions. Today, this is known as a "relative value" investment strategy. Thus the original meaning of the term "hedge fund" does not mean that the investment is completely hedged, but rather that it is hedged against the risk of a change in direction of the overall market. However, instead of maintaining a hedged position, Kerviel began placing unauthorized trades by taking directional bets, which were initially in small amounts. The investment strategy that he followed was Macro or Global hedge. These funds take directional bets on market prices of securities, foreign currencies, commodities and derivatives. Global funds investment in emerging market economies and macro funds seek to profit from changes in interest rates and prices based on changes in a country’s macroeconomic prospects. An example of directional bet is one instance the person shorts the 30-year bond and long the 29-year bond in the expectation of profiting from a fall in the spread between their yields. In order to execute this strategy he makes extensive use of leverage in the repurchase agreement or "repo" market by financing about 99% of their purchase of the 29-year bond and borrowing the 30-year bond in order to sell it short.

6. Unauthorized trading of this scale may have gone unnoticed initially due to the high volume in low-risk trades normally conducted by his department.

The Cause for the disaster:

1. Lack of automated process: Ignored Trader Limits - Societe Generale only paid attention to net limits (difference between long and short trades). By ignoring the gross trading numbers, Societe Generale failed to detect huge anomalies in the long and short positions. Failure to scrutinize Margin Calls - Societe Generale failed to scrutinize the breakdown of the margin calls and pinpoint the calls attributed to one trader.

2. Lack of Internal Controls Culture: Trusted Insider- The trader previously worked with SocGen’s middle office. He exploited his knowledge of controls and segmented his trades in order to ensure interaction with a different controller. Unverified Emails - SocGen failed to verify the trader’s fake emails provided as proof of hedging positions.

3. Lack of Strong Access Controls: Lax Access Security- The trader used other staff’s access credentials (username & password) to gain privileged access into the bank’s systems.

How directional bets using hedge funds affect the market:

1. Although they have a small proportion of the capital in financial markets, they use leverage to take significantly large size positions in those markets. In addition, their market reputation creates followers and induces trend investors to take the same bets so that the combined effect is often the self-fulfilling investment strategy against the value of a nation’s currency.

2. Their use of direct credit from banks and broker-dealers to financial their trading operations, and the use of indirect credit through repurchase agreement and securities lending markets to take highly leveraged positions in securities and derivatives markets is another big issue. These credit relationships mean that a failure of a hedge fund could undermine the solvency of banks which hold government insured deposits and money centered banks which also serve critical roles in the economy’s cash payment and securities clearing systems.

What needs to be done in the future?

The incident is an eye-opener; financial institutions and banks should first remind themselves to stick to the basics. While chasing money and business if we do not stick to the basics (like ensuring the secrecy of the password), in this super computer age where practically everything is possible online, we are risking our future as well as that of our organizations.

An effective program of governance and employee surveillance must focus on the four greatest practical threats to a financial institution in order to provide a business case for developing and extending an employee surveillance program, in order to align that program with a enterprise-wide process of corporate governance, to achieve regulatory compliance, and ultimately to reduce fraud losses. By connecting the risk analysis done across different silos of the institution, whether in risk management, operations, trading compliance, and corporate/IT security as well as putting in place a thin layer of analytics to spot specific anomalies characteristic of rogue trading schemes, an institution can take a practical approach to employee surveillance across the enterprise that positions it well to spot rogue traders early on.