UBS: Our Risk Systems Did Detect $2bn Rogue Trader

A few weeks ago, UBS employee Kweku Adoboli (universally described as a "rogue trader") ran up a $2 billion loss for his employer; many readers wondered how it is the systems which allow trades to happen at all aren't better tuned to catch such massive cash flows without triggering alerts. Now, reader DMandPenfold submits a report from Computerworld UK in which the bank claims that such triggers were in place — they were simply not acted on. From the article: "UBS has insisted its IT systems did detect unusual and unauthorised trading activity, Interim chief executive Sergio Ermotti, who is running the company following Oswald Grubel's resignation last month, sent a memo to employees saying the bank is aware that its systems did detect the rogue activity. In the memo, Ermotti wrote: 'Our internal investigation indicates that risk and operational systems did detect unauthorised or unexplained activity but this was not sufficiently investigated nor was appropriate action taken to ensure existing controls were enforced.'"

You must test

[TheSync]

Whenever you have a monitoring or backup solution, it must be regularly tested to ensure a responsive psychology (as well as proper device operation).

They should have had 1 or 2 fake funny trades per month, and if the people who got the alert messages didn't respond, they should have been punished or fired.

Re:Called it

[ackthpt]

From my comment on the original article :

"Let's face out out on the terrain no-one is holding these guys accountable. IT may set up the system, Risk Management may generate the reports and they'll be either modified to say what management wants to say or just plain ignored because like all gamblers these guys think they have a system which lets them keep on winning even as they are betting their house (or in this case our houses.)"

This "blame IT" crap has gone on long enough. It's time we stood up for ourselves instead of allowing ourselves to be used as a convenient scapegoat all the time.

How often have you seen an IT representative in front of the cameras say, "Well, we see this behaviour, the lights are flashing, the klaxons are going like a cat with its tail in a wringer, but the people who collect 7 figure salaries haven't been taking an interest so far."

Should be criminal charges for management negligence -- and I don't mean just giving the the sack. Those protesters on Wall Street have a point, everyone gets hurt when the bank CEOs screw up, but those most responsible. Thanks to their stalwart defenders in the US Congress no stronger regulation get passed. If that's not sign that government is in the bank's pockets, I can't imagine what could be more clear.

Not a rogue trader

[steamraven]

If they detected it, and didn't do anything about it, doesn't that mean they approved of it?

Re:They didn't have adequate risk systems

[quarterbuck]

Nick Leeson did not work in IT according to his biography or according to Wiki.
He used an error account, which he realized was unaudited, but that is something you pick up from being a trader or an auditor- not necessarily IT. These things are common in investment banks/brokerages which have a lot of accounts and client trades and errors need to be isolated in an account that does not belong to a client. ie. if a client asked to buy 100 pork belly contracts and you bought him lean hogs instead, you need a place to dump the pork bellies you bought. It does not mean a "test account" in the IT sense.

Well there's your problem.

[khasim]

Sorry for repeating a meme, but in this case it is extremely valid.

First level contact was to ask the trader to recheck their transactions, then escalate to supervisors.

IT should NEVER be involved at that level. The alerts should go to the manager (or the manager of managers) who SHOULD have more insight into the situation than IT.

Having IT in the loop means one more failure point (and an additional delay).

Re:Called it

[Wansu]

  Those protesters on Wall Street have a point, everyone gets hurt when the bank CEOs screw up, but those most responsible.

Herman Cain says it's the protester's faults if they don't have job. After all, this is 2011 and what the bankers did was in 2008.

Re:What was the security protocol?

[Anne+Thwacks]

The entire derivativves trading system is a giant Ponzi scheme - the value of fees charged by bankers for trading in derivatives based on on changes in the value of a security exceeds the value of the underlying security over a relatively short time. (it is MINUTES for gold!)

Someone then "looses" a great deal of money. In reality, the "missing" money has already been paid out in commissions to banks for trading - and "bonuses" for traders. (Anyone who understands differential equations can see that vastly more money is paid out to bankers than is actually invested in stocks and bonds, and the banks are sucking the life blood from the world's economic system).

You might ask "Why do people invest in such an obvious Ponzi scheme?" The answer is "Institutional investors do not care about the long term, and are quite happy to feed the system, so long as they get a percentage, and a "plausible deniability" get out clause when it goes wrong. (Why did people give all their money to someone who "Madoff" with it?

Why did the bank not stop him? Because prior to catastophic disaster, he seemed to be "on a roll", and was winning more than he was losing. Banks do not employ people who understand differential equations in a management role, and most bank directors have only a marginal grip on reality. They say "ooh, profit!" like Homer Simpson and doughnuts.

Re:Called it

[Doc+Ruby]

Actually, what Cain said yesterday was "Don't blame Wall Street, don't blame the big banks, if you don't have a job and you're not rich, blame yourself."

While it's arguable that not having a job is a person's own fault (a losing argument with the economy, but arguable), saying it's the fault of everyone not rich that they're not rich isn't just insane. It's the kind of institutional insanity that is driving the country into nothing but the madhouse, with a corporatocracy of Cains at the wheel.

Re:Called it

[Doc+Ruby]

No, the logic of that post is perfectly clear. Someone says bank CEOs screwing up hurts everyone but those CEOs. Like people who have lost jobs, or can't get one, after bank CEO screwups destroyed the economy's growth, and the jobs with it. Herman Cain says it's the jobless person's own fault for not having a job - and even their own fault they're not rich. The contrast is that Cain says it isn't the bank CEO's fault people don't have jobs, it's their own fault.

But that's obvious. Except perhaps to a Republican, er "Libertarian", like you. Who spent the entire Bush era telling us Chewbacca was on Endor whenever people complained that deregulation was killing us.