Rogue traders are rare but can be extremely dangerous. They can cause major losses, despite the fact that financial and commodity trading firms are generally extremely sophisticated in their use of information technology and analytics. Companies facing immense pressure to generate revenue, however, do not always implement the risk-aware culture and implement the capabilities needed to support their trading and risk management operations.
Rogue trading reflects a breakdown of a firm’s risk management governance, culture, processes and technology. Risk management practices designed to prevent rogue trading must be comprehensive but also holistic and integrated. All too often, organizational “silos” prevent effective integration of risk management structures and responsibilities. Gaps in integrated practices and segmentation of front, mid and back offices have been exploited by rogue traders. In addition, the pressure for revenue can incubate a rogue trading culture that turns a blind eye toward the behavior of star traders. Although such individuals represent opportunities to make significant profits in a short period of time, these behaviors can lead to serious consequences.
Accenture’s recent Risk Management Research surveyed hundreds of executives across many industries, and found that senior managers face more and larger risks in their trading operations than ever before. We see leading practice companies addressing four key elements in their efforts to manage risk effectively:
1. Governance. A governance structure or internal control system should start with a Risk Management Committee and then extend to the board of directors as well as the following functions: Internal audit, strategy, planning, security management, legal, finance, tax, treasury, accounting and IT. Our research indicates that ownership of risk management is another key issue; having a dedicated executive in place – often called the Chief Risk Officer (CRO) – is essential to mastering this problem.
Having a CRO in place, however, is not enough to make that executive successful. Many CROs at large capital markets and commodity trading firms struggle with independence and the necessary support to stand up to the trading organization. Leading companies often use an independent risk committee to assess positions, and also have the CRO report directly to the Board of Directors.
Within the trading and risk management organization, reporting relationships between front, mid and back offices need to be segmented. Conflict of interest can arise in absence of a robust governance structure of clear checks and balances in reporting and reconciling trading activities.
2. Culture. The strongest systems and measures can be foiled by people who are motivated to attain profit by any means possible. Systems can let an organization down, sometimes with significant downside. Industry-leading risk management organizations value the fine balance of risk and reward and the means at hand to mitigate risks. Compensation structures that ignore the risk-reward balance create an environment for excessive risk taking.
3. Processes. The integration of trading and risk management processes is an essential component of effective risk management. In a number of recent major incidents involving rogue traders, such process integration was not in place – especially those integrating activities across the front, mid and back office organizations. Several of these firms did not have a daily process of tying all trades back to either the broker statements or counterparty confirmations. Without the oversight of the mid-office, traders could continuously adjust their positions to cover the mounting losses. Front, mid and back office functions should be integrated in information flow and information should also be aggregated enterprise wide, for a comprehensive corporate view of risk exposure.
Effective processes, when coupled with an integrated reporting system, allow firms to not only identify their enterprise-wide exposure to an individual counterparty, but also to have the processes in place to act on such information.
Other important integrated processes include review of trading aggregation structure; mandatory vacation or “cooling off” periods for traders; review of limit breaches; and review of all amended and cancelled trades. Finally, processes need to keep pace with technological changes.
4. Technology. Technology needs to be aligned with governance, culture and processes and alone, cannot guard against rogue trading events. The proper design and implementation of technology and systems is a critical piece of the overall risk management puzzle. Innovative technologies can help firms monitor and report on their positions, allowing them to understand their risk exposure in near real-time. These systems can also review trade patterns and highlight activities that do not align with the overall strategy of the trading desk. A complete understanding of a firm’s overall position can not only mitigate the risk of rogue events, but also limit the exposure to a particular commodity, derivative type or counterparty.In light of recent trading scandals, regulators are paying special attention to compliance controls related to trade surveillance. While traditional surveillance systems spot rogue behavior after it occurs, the next generation of risk management technologies will be more proactive, identifying risky patterns in a way that may prevent disaster in the first place. When questioned by compliance personnel about their actions, traders will often use the defense that, “if the system let me do it, then it must be OK.” Thus, controls and policies must be embedded within the system to identify and block undesired behaviors.
Financial and commodity trading businesses cannot be completely insulated from adverse events. A comprehensive, integrated approach to risk management, however, can help these firms protect themselves (and their shareholders) from the serious risks of rogue traders.
Shelley Hurley is Executive Director of Risk Management and Global Resources Lead at Accenture.