Slashdot Mirror
Madoff's Programmers Indicted
jason8 writes with news that two programmers who worked at Bernie Madoff's investment firm have now been indicted on charges of 'conspiracy, falsifying records of a broker-dealer and falsifying records of an investment adviser,' for their role in hiding the firm's activities (PDF) from the SEC and external accountants. Quoting Reuters:
"O'Hara and Perez, employed at the firm from 1990 and 1991, respectively, were primarily responsible for developing and maintaining computer programs in the investment advisory unit at the center of the fraud. Many of the programs were run on an IBM server known as 'House 17,' according to court documents. Prosecutors said the men took hush money to help keep the fraud going and designed codes to make up fake trade blotters and phantom records. US prosecutors said the two men worked under the supervision of Madoff and his top aide, Frank DiPascali, to deceive the US Securities and Exchange Commission and a European accounting firm. DiPascali is cooperating with prosecutors, who said his information led to the arrests of the programmers and the now defunct firm's outside accountant."
Wake me up when someone at AIG gets indicted.
Give me Classic Slashdot or give me death!
That if they're actually guilty of helping pull this stuff off then fuck them but then I'm reminded if they get convicted that's probably actually going to happen to them.
Did you know 80 to 90% of the moderators on slashdot wouldn't recognize a troll even if one dragged them under a bridge.
If your boss asks you to break the law, the argument "I was just following orders!" doesn't hold up according to the authorities, especially when your boss decides to "cooperate with them" and throw you under the bus. Always question the motives and the legality of a system you design, and if your boss asks you to break the law, tell them that you won't do it, and if they persist, explain that you are going to contact authorities immediately.
I had a sig, but
Insert "scheme" joke here. Or "chroot jail", "execution protection", "dropping privileges",...
org.slashdot.post.SignatureNotFoundException: ewg
I took the high road. I've been unemployed for three years since. I wish I had just done the fucking job and then my kids would have money in the college fund, my wife and I would have some savings, and I wouldn't stress about paying the mortgage each month. I did contact the authorities, and they couldn't care less about my situation. (found a huge hole where the exec mgmt had been moving money off the books, and either taking kickbacks, or using it to pay for "business expenses" they would rather not have been made public.)
I hope I would say "no" to something like this. As engineers and software developers, we generally feel obliged to do what we are told.
Reading the article and the indictment no details are given that the men knew it was a fraud other than the allegations. Also no details are given about "hush" money.
Well, there's spam egg sausage and spam, that's not got much spam in it.
"Hey I was just following the spec!! Honestly I didn't know it's all hex to me!"
On the bright side, you came through this mess with the knowledge of how to correctly use the "couldn't care less" phrase. Kudos!
http://www.youtube.com/watch?v=n6lzEhoXads
In Capitalist America, bank robs you!
In Thank You for Smoking the lobbyist called that the 'Yuppie Nuremberg Defense'
Sorry for the Godwin. But I agree, it seems the roles of who is cooperating are reversed here from what I'd expect.
meep
Maybe if they weren't taking extra "hush money" for doing something they *knew* was illegal, maybe the "following orders" defense would have worked.
Indymac Slap in our Face
Damned if you don't.
Since they only worked for him for a total of 2 years, 20 years ago, it makes you wonder who did the programmer dirty work for the next 17 years. These guys sound like small fish.
AccountKiller
The problem is that somebody who's orchestrating a billion-dollar scheme likely uses more subtle techniques to manipulate people into acquiescence than pointedly asking "will you break the law for me?" And if they do ask openly, you can be sure they've got some leverage: they'll either bribe or blackmail you. So, in this case, the moral really is: don't take bribes.
This is only sometimes true. If you tortured people for the CIA under orders, the Obama administration says it won't prosecute you. Although that's not exactly the same, because their argument is that it's okay because the CIA lawyers said it was.
but is it a bribe, or a bonus?
I mean, if I worked at a financial org, and they asked me to write some wierd code that created dummy trade records, I may think 'eh?' and ask whether it was correct or not, but they'd then tell me its all legal, above board and just another one of those stupid regulatory rules that seem to make no sense to mere programmers... and I'd shrug, say "well, ok then" and do it. then they give me a huge bonus and I think "great, working for financial services is wonderful - they always pay large bonuses"
I mean, imagine if you worked on a popular OS and my boss told me to put a back-door in, saying the NSA required it of us. what would you do? :)
Success in our culture is often measured by money. Unfortunately, money and morals don't usually go together. So we generally have to make a choice - do I want to be rich, or would I rather be able to teach my kids the difference between right and wrong? Personally, I think you made the right choice.
Big Tobacco health data. Big Pharma test data. Big Oil environmental data. Enron accounting or trading data. Retails sales zappers.
There is no way all this data "tweaking" can be done without involving IT people: DBA's, programmers, techies.
Right now, at this very moment, some of these Digital Era Henchmen are reading Slashdot on iPhones or 32 inch monitors purchased with blood money. And chances are that some of these people are making snide comments about Microsoft or Darl McBride's ethics. Tsk tsk.
lucm, indeed.
Also, the courts are granting one of the masterminds leniency in exchange for prosecuting their underlings? Isn't that the opposite of how it works? Reducing the sentence of a drug kingpin in exchange for testimony against 2 of his street dealers, really?
Justice Department policy is that the first one to come forward and turn in the others gets leniency. Those guys could have turned in Madoff, even after Madoff's arrest, until Madoff confessed. But the one "that is second in the door -- even if by only a matter of days or hours, as has been the case on a number of occasions -- will not be eligible for leniency." If your company is crooked, it's very important to know this.
Madoff himself, of course, is Prisoner #61727-054, at Butner Federal Correctional Institution (medium security).
Salary on Wall Street is warped. They offer $150k or $200k (or more). But a large chuck of that is your "annual bonus". Leave or get fired early, and there's no bonus. So you're actually living off $60k-$90k. If they like you, and want to keep you, you get the bonus. Otherwise you get the door.
This is why it's so important for financial firms to pay out their bonuses each year. If they don't, that's like giving your worker-level employees a 40%-60% pay cut. Anyone who can leave will. What's left over won't be pretty!
Had these Maddoff programmer guys gotten excessively large bonuses, they would have quit and retired. When you're a millionaire, why keep grinding away with that long commute...
If we are to believe the indictment quoted in the opening post, those people were guilty of the following:
Unless people want to argue that they were somehow entitled to do this simply because they were salaried employees who would have been fired if they hadn't done as they were told, they deliberately helped commit fraud and hide the traces.
As far as I understand, the law simply asks if you (or any ordinary person in your place) could reasonably have known that you were helping with fraud. If you were, you're guilty. Whether you're on the janitorial staff or a director. That doesn't strike me as particularly unreasonable. Creating fraudulent trade records for an audit isn't something you can do without knowing.
Of course we all know that they were probably enticed or pressured into cooperating. And yes, it's very probable that they would have been fired (without a reference) had they refused to assist in covering up this fraud. And they might have been blackmailed (or even threatened with violence) if they had so much as hinted at disclosure. But even then they could have gone to the police to report the whole thing; if necessary anonymously. However they didn't, and since they actively helped commit fraud they are culpable no matter their position in the firm.
Is it just me or does it seem like the most important details are always left out of these articles? The report clearly raises the question about how much these guys were paid and how willingly they aided their superiors. It also seems an inexplicable role reversal of the big fish cooperating to catch the little fish. Why is this type of info always left out of articles? I gather it's possible that some info was unavailable, but I feel like the journalists who write these articles don't even bother following up to see. As long as we have a bit of controversy it's good to go. At the very least there should be a line such as "we contacted the US Attorney regarding the case but they had no comment about the apparent role reversal or how much money the programmers were alleged to have been paid for the crime."
meep
...every gun-maker is also breaking the law as the gun mostly is used for illegal things anyway...
[Citation Needed]
It's about time some simple programmers got held accountable for their deeds.
I can live with programmers and bad testing, bad code, bad QA, but I can NOT accept EVIL code.
Just following orders does not cut it. These people knew what they were doing, there is no hiding it.
Want to be called a "software engineer"? Live by the engineers code of ethics, be judged by the engineers standards, and accept the same punishment. Otherwise, it's just being a simple programmer.
I mean, if I worked at a financial org, and they asked me to write some wierd code that created dummy trade records, I may think 'eh?' and ask whether it was correct or not
"Hey, Jim, we need you to write setup code for some test cases."
Ezekiel 23:20
but is it a bribe, or a bonus?
The 'please don't tell the SEC about this'-condition might have given them a hint about that.
I mean, imagine if you worked on a popular OS and my boss told me to put a back-door in, saying the NSA required it of us. what would you do? :)
Check with the NSA? Ask which law authorizes the NSA to do that?
I would think that after 19 or 20 years, respectively, that the statute of limitations for mere fraud would have kicked in.
"OK, what are we testing?"
"How about testing the imaginary scenario of us making billions of off fake trades? We'll have a little fun with it, haha."
"Hah, you're such a kidder, Bernie."
meep
If a boss tells me to program an option, and that option could be used for illegal things then it's actually my fault?
I think this does become your responsibility if that option can only be used for illegal purposes. I'm not knowledgeable enough about the financial industry to say whether or not what these guys programmed was obviously illegal and had no legal area of use, but if it only had use for illegal acts then they knowingly aided in Madoff's scheme and should be prosecuted for it.
"Educate the mind but never at the expense of the soul."~Blessed Basil Moreau
While working on a contact for company A, which was servicing company B, I was asked to commit fraud to the tune of maybe 300k by falsifying data in the deliverable to Company B. I refused. It is scary to think about the absolute lack of ethics I have seen...before I walked off site in this instance I had a manager yelling at me to just do it. They found someone else to do it, eventually got caught and it was a pretty ugly fiasco, but my company was not involved. Company B was huge and could have owned us all.
Here are the payoff details, from the SEC press release. They were paid off, but not very well.
The SEC alleges that O'Hara and Perez had a crisis of conscience in 2006 and tried to cover their tracks by attempting to delete approximately 218 of the 225 special programs from the House 17 computer. But they did not delete the monthly backup tapes. O'Hara and Perez then cashed out hundreds of thousands of dollars each from their personal BMIS accounts before confronting Madoff and refusing to generate any more fabricated books and records.
According to O'Hara's handwritten notes from the encounter, one of them told Madoff, "I won't lie any longer. Next time, I say 'ask Frank,'" meaning that Madoff should rely on DiPascali alone to create the false data and reports.
The SEC's complaint alleges that Madoff responded by telling DiPascali to offer O'Hara and Perez as much money as necessary to keep quiet and not expose the misrepresentations. O'Hara and Perez considered the offer and demanded a salary increase of nearly 25 percent along with one-time bonuses in late 2006 of more than $60,000 each. They stated to DiPascali at the time that they did not ask for more because a greater amount might appear too suspicious. DiPascali then managed to convince O'Hara and Perez to modify computer programs so that he and other 17th floor employees could create the necessary reports themselves.
I mean, imagine if you worked on a popular OS and my boss told me to put a back-door in, saying the NSA required it of us. what would you do? :)
I would contact the RCMP and CSIS immediately!
Those codes would be some kind of accounting term, right? So long as it isn't computer software, as that would be CODE (singular, not plural), slashdotters can rest easy. These 'codes' are something accountants have. It's an accounting term. Since computer source code is ALWAYS, singular, then I know for sure when they say codes, that its an accounting term. Only a moron, someone with the IQ of a fruit fly would make a dumb-ass mistake of calling computer software 'codes'. Since the article comes from a reputable firm, a firm that would never talk about someone getting a hairs cut, or going on a roads trip, they wouldn't make a dumb-ass mistake like making something plural where it REALLY REALLY should appear singular.
So long as it's some kind of accounting term though...
as the gun mostly is used for illegal things anyway/quote> Uh, you're being facetious, right?
I prefer rogues to imbeciles because they sometimes take a rest.
"if your boss asks you to break the law, tell them that you won't do it, and if they persist, explain that you are going to contact authorities immediately."
IMO, That is the worst advice I have ever heard, why on earth would you tell someone you were going to turn them in? What a great way to put yourself and your family in danger. Wouldn't it be better to just resign and report it anonymously? _Telling_ your boss (or anyone) that your going to turn them in serves no purpose and is just pure stupidity.
I mean, imagine if you worked on a popular OS and my boss told me to put a back-door in, saying the NSA required it of us. what would you do? :)
Put a back-door in the back-door. What else is there to do?
Being the suspicious type, I'd probably ask this question in email, and bcc the thread to an account elsewhere -- preferably somewhere that if push came to shove, could demonstrate to a court's satisfaction that those emails were at least sent when I said they were sent rather than made up after the fact.
I know it doesn't put food on the table but you did good. Sometimes the satisfaction you get from doing the right thing is all you get for your efforts.
Let's hope there really is Karma.
If your boss asks you to break the law, the argument "I was just following orders!" doesn't hold up...
Unless its water boarding, or tapping phones without a warrant.
The Grey Goo disaster happened 3 billion years ago. This rock is covered in self replicating machines!
"As engineers and software developers, we generally feel obliged to do what we are told."
Shut your mouth! You are going to ruin it for the rest of us!
"...where all the choices are made for you"
Including sexual orientation?
That's exactly why big financial institutions make their programmers spend 1hr+/week going through on-line training courses with dull topics like chinese walls, information leakage, money-laundering, ethics, non-public information, etc. The topic hardly matters, the point that is trying to be explained is "if it seems wrong, don't do it. Escalate to your management or the compliance department." A good firm takes this stuff seriously: I've seen several examples of a junior associate reporting pressure to do something questionable, three levels of managers and lawyers zoom in, 24 hours later, it is announced that a senior person has left the firm.
If that's the way it should work, what about all those guys at Goldman Sachs, JPMorgan Chase, and Morgan Stanley. Hell, Citigroup is full of 'em....
"Yo dawg!, I heard you liked back-doors so I put a back-door in the back-door. What else is there to do?"
There, FTFY
Get it in writing, so if the shit hits the fan you can cover your ass.
Most human behaviour can be explained in terms of identity.
Basically, if your American, the Nuremberg laws don't apply to you...
Put a logger on the backdoor. See everything that's done when the backdoor is activated.
Well I have read at least two different versions of this "story". Bother version are quite different than this version as to accuracy.
Version 1. The computer was an IBM AS400 (NOT a server)
Version 2. The computer was an IBM mainframe (again NOT a server)
Whatever version that you believe the programmers were guilty as charged PERIOD.
I cannot believe these guys could ever of thought they were doing something legit. It was clearly illegal to anyone that had a half a brain. Programmers (for the most part) are intelligent(I know but I did say for the most part).
I would hope that these programmers were sent to a medium security environment. ALthough they were guilty (no question) they did make it possible for MADOFF to delay being caught (which is a major part of the story as to where the SEC was in this mess).
Except, when you escalate it to your (crooked) superiors, and their (crooked) lawyers, and they tell you that it's all A-OK and perhaps even required for XYZ compliance, how would you know they were wrong? You can still refuse to do it, but it's quite possible they'd convince you, depending on how obfuscated the crookedness was.
Yea right, doing good and being unemployed feels so good when the big crooks get obscene amounts of money blow up their asses.
The world is rotten. Don't be a hero. Try to get away with as much immoral/illegal stuff as you possibly can. That's the lesson we get taught by "successful" people.
It's you for yourself and your family against the rest of the world.
Back door. That's two words those programmers really don't want to hear right now.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
>> tell them that you won't do it, and if they persist, explain that you are going to contact authorities immediately.
No moron. You innocently stall, and then quit because "my sister in Ohio is sick." Leave town. DO NOT CONTACT THE POLICE EVER! They hate snitches as much as any other criminal gang, and will throw you under the bus just like that asshole Pisscarelli.
Either that or you run the scam, and, as soon as possible, ice your boss. "I never trusted that piece of shit." If you don't have the balls for the second procedure, follow the first one.
I love your line, "explain that you are going to contact authorities..."
"What happened to that guy, Fred, the new programmer?" "I haven't seen him around lately."
"Yeah, he had an accident."
"Oh."
Social Credit would solve everything...
sounds like someone's getting a sniper rilfe for Christmas!...
They had a "crisis of conscience" which was quieted by a money payoff: proof of criminal intent.
They're going down, and should.
That's what the compliance department is for. If in doubt, escalate to them, and they're not in the same command chain as your boss at all, and their only job is to see that nothing fishy is going on, and they have the clout to do something about it. Big financial firms (I work in one) take this stuff really really seriously.