A decade on, banks still haven’t learnt from the Kerviel fraud case
This year marks a decade since Jerome Kerviel was taken into custody accused of perpetrating the biggest financial fraud case in history.
As a trader at Societe Generale, Kerviel carried out unauthorised trades to a reported value of €49.9bn. Just five days after the bank released details of Kerviel’s illicit activity, the market had experienced losses of around €5bn.
Kerviel was sentenced to five years in prison and ordered to pay back the €5bn that he lost. The months that followed saw blame shift around: some thought it was the work of one greedy trader, others maintained that the company, and the industry in general, encouraged the sort of competitive corporate culture that facilitated disregard for policy.
The bank responded to its internal crisis of negligence by implementing a technological solution, joining the dots across its control framework and to proactively identify high-risk trading activity. Many leading financial institutions implemented similar solutions designed to ensure employees would not be able to do what Kerviel did without detection.
The solution solved a specific problem, but inadvertently set a troublesome precedent in the way institutions would deal with similar scandals.
Only four years later, in May 2012, it emerged that JP Morgan trader Bruno Iksil (known as the London Whale) had carried out aggressive trading activities in the credit default swaps market which led to market losses of $7bn.
Just as they did after Kerviel, banks developed specific solutions to protect against this type of high-risk trading.
One month later, in June 2012, London bankers were found to have been habitually altering the interest rates they submitted to the Libor administrators for their own benefit.
Once again, after heavy fining, banks employed more technological solutions and industry-wide regulations to prevent further Libor manipulation, but failed to look at the conduct of their employees in depth.
So, what have we learnt in the last decade? To start with, there has been a positive shift in culture – responsibility for risk management and indeed, prevention, weighs more heavily on the shoulders of the front office. It is no longer a case of “let’s make money, whatever the cost”. Protection of reputation and accountability to shareholders and the public is just as important.
However, it appears that when a scandal emerges, banks have a tendency to implement a strategy that prevents that particular problem from happening again but does not address wider issues of conduct. A bank must assume that, no matter what culture it manages to create, it is always at risk of employee fraud. Until this is accepted, banks will remain vulnerable.
Essentially, the banks are making the same mistakes that they always have by inadvertently allowing high-risk trading to go undetected until it is far too late.
Developing a specific solution after each individual scandal complicates the monitoring space by introducing a range of overly simplistic point solutions that only respond to the immediate high-profile behaviour, not to the wider issues.
Technologies already exist in this area that would allow banks to address immediate priorities as well as leverage best-of-breed artificial intelligence and big data to protect themselves in the future without their systems quickly becoming out of date.
In order for any real change in the area to occur, the industry as a whole must see the merit in taking a proactive, holistic approach towards employee misconduct. It is not a regulatory box to be ticked, nor a single problem that can be solved in isolation. It is the responsibility of all banks to do everything in their power to prevent another rogue-trading scandal.
Because the question is not “if” something like the Societe Generale debacle will occur again – it’s “when”.