Knight Capital Fined $12M For a Software Bug That Cost $460M

Mark Gibbs writes "Knight Capital monumentally fouled up a software update. According to the SEC, 'Knight did not have supervisory procedures to guide its relevant personnel when significant issues developed.' In other words, not only was Knight's code management inadequate but their human management processes were just as bad. The fine for what could have been a biblical financial disaster? A measly $12 million."

The Fine was $12 M, but,

The cost to them was $472 M. I *think* that will discourage them.

Re:The Fine was $12 M, but,

The IRS has issued $13.6 billion in bogus EIC checks last year, and over $132 billion in bogus checks over the last decade.

The money comes out of our pockets, you know, the governments 'customers.'

You know, People. All those citizens who handed over cash under threat of force and said here take it don't hurt me. They get boned.

http://www.washingtontimes.com/news/2013/oct/22/irs-paid-132B-bogus-tax-credits-over-last-decade/

Re:The Fine was $12 M, but,

[Lumpy]

Exactly, the $12M should have been a direct fine to the CEO or the board members. You have to punch in the face the people responsible.

Re:The Fine was $12 M, but,

[Chrisq]

The cost to them was $472 M. I *think* that will discourage them.

Law enforcement love to rub salt in the wound. A friend of mine had an accident that wrote-off a car. He had no MOT and the insurance investigators found that the car was unroadworthy. This meant that his insurance defaulted to "road traffic act only", which is the legal minimum and only covers third party injury claims. He had lost a car, and had to pay £2,000 for repairs to another vehicle.

On top of that the police then sent him a court summons, where he was fined £30 and had three points on his license for driving an unroadworthy vehicle on a public highway. Like this - I think the $12M fine is just to rub salt into the wound and to show that the law enforcement agencies are doing their job - as you say there is enough deterrent without this.

Re:The Fine was $12 M, but,

[Dunbal]

I think you need to go over what a corporation actually is again. If board members and directors are found "personally liable" then why bother incorporating in the first place?

Re:The Fine was $12 M, but,

[hawguy]

That 472 million didn't come out of their pocket..

It came out of their CUSTOMERS...

You know.. People. All those investors who handed over cash and said make it grow... They got boned.

Oh, so you mean the same pockets that the $12M fine comes out of?

Re:The Fine was $12 M, but,

[edjs]

The purpose of a corporation is to shield the shareholders from liability beyond the value of their shares. Directors can be held liable if they are particularly negligent or criminal.

Re:The Fine was $12 M, but,

[Kingkaid]

Actually it won't come from customers either. This is why companies have insurance for such things.

Re:The Fine was $12 M, but,

[ranton]

Are you telling me that all I have to do to get away with murder is form "Murder Inc." -- sorry, I meant "Loving Hands, Inc."? And then as chairman I can just hire a hit man and shield myself from liability? Shweet!!

Executives and board members can still be charged with actual crimes they personally committed or are an accessory to. But being bad at your job is not a crime. If they can show that executives or board members intentionally defrauded someone, then they can go to prison like anyone else. But if it was just their negligence, arrogance, lack of caring, gaming the system, etc. that caused the problem, they didn't commit any crimes.

Re:The Fine was $12 M, but,

[mlw4428]

It's not over threat of force. It's under the concept that you believe in the Constitution and your duty as a citizen to abide by the Constitutionally granted power of taxation to the United States Congress. If you're in such duress you can surrender your citizenship and leave the country. Generally the people that complain about taxes being theft or extortion are those who don't really pay all that much into it. I'm sure there's some 3rd world nation out there that doesn't tax their citizens and you're more than welcome to move there. Good luck, please make sure you don't take the US taxpayer food drops when you start starving.

Re:The Fine was $12 M, but,

[ShanghaiBill]

However, IMHO there should be a class of criminal liability equivalent to criminal negligence, only for property crimes.

Although this sounds like a good idea, it is not. The problem with holding executives and board member's personally responsible, is that it discourages competent people from taking these jobs, raises the cost of hiring people for these positions, and basically just spreads out the cost from the firms that are incompetently run to all firms, thus reducing the incentive for investors to perform due diligence. All of these factors will make the problem worse. Incompetence is not a crime, and should not be.

Maybe I am stupid, please explain.

They were FINED 12M, and they LOST 460M discovering the bug. This cost them a total of 476M.

I am not understanding the outrage. Why should the SEC care if Knight Capital wanted to lose a big pile of money.

Re:Maybe I am stupid, please explain.

Why should the SEC care if Knight Capital wanted to lose a big pile of money.

Because SEC has the political mission to portray the stock market as a rational, efficient, professional and socially useful apparatus - not the cesspool of mother-fucking sharks that it is. Hence all the trading rules which are selectively enforced so as to maintain the illusion without scarring the sharks away to, say, London.

Re:Maybe I am stupid, please explain.

[Sarten-X]

Clearly, M = $991,596.63865.

Re:Maybe I am stupid, please explain.

[nedlohs]

Because they broke the rules while losing that money. Do you think the SEC should only fine institutions that make money when they break the rules?

Re:Maybe I am stupid, please explain.

[AlecC]

As it happens, they lost an amount of money they could just about afford. But they could have lost more money than they had - leaving other people with losses in what is supposed to be a safe market place. It is like fining people for speeding - they have not caused an accident, but they are driving in a way likely to cause an accident. As it was, it nearly wiped out Knight: if it had gone further, it would have wiped out other, innocent, parties and done serious damage to the market, which the SEC is tasked to protect.

compensation

[MickyTheIdiot]

Can someone tell me why these financial institutions are never forced to compensate the *individuals* that suffer from these events?

For instance in the mortgage fraud scandal they were allowed to settle fraudulent foreclosures for pennies on the dollar. Why are these companies never required to make the people they hurt whole again? Individuals that paid thousands of dollars simply got a small payment while banks just had to deal with "the cost of doing business."

I think I know the answer (lobbying/congresscritters in their pockets) but I think it's one of the most scandalous aspects of the financial mess of 2008.

Re:compensation

[L4t3r4lu5]

How about suing? Did those who were hurt sue? I bet they didn't sue.

I'm saying that you don't have to wait for other people to do the right thing. In fact, I wouldn't wait at all. Go grab the appropriate paperwork and file a Small Claims case. At the 2,000 received court summons or so they'll just start settling as a default action.

Re:compensation

[Capt.Albatross]

How about suing? Did those who were hurt sue?

The customers have probably signed an agreement to settle disputes exclusively through binding arbitration - I believe this is an almost universal practice in the financial industry, as a condition for doing business, and no, you can't take your business elsewhere. That arbitration is widely regarded (at least outside of the industry) as being biased towards the financial industry.

Re:compensation

[Capt.Albatross]

For instance in the mortgage fraud scandal they were allowed to settle fraudulent foreclosures for pennies on the dollar. Why are these companies never required to make the people they hurt whole again?

I don't intend to defend Knight Capital, but there is a big difference between its incompetence and negligence in this case, and the deliberate and fraudulent actions that characterized the mortgage mess. No individual in the financial industry has been held accountable for these actions, even while some of the people they exploited have been prosecuted: http://www.nytimes.com/2011/03/26/business/26nocera.html?_r=1&pagewanted=all [In Prison for Taking a 'Liar Loan' - Joe Nocera - NY Times; may require registration, or try reaching it through a search engine.] This, I believe, is the "most scandalous aspects of the financial mess of 2008."

Re:compensation

[TheRaven64]

Most people don't, but most companies do. The FDIC limits are pretty low and it's quite easy for a month's payroll for a medium-sized company to be over it. How many people would have suffered if their employers had suddenly not had enough liquid capital to cover their salary? How many businesses would have closed if they'd been unable to purchase anything for a few months?

The fine wasn't all of the punishment

[Jay+Maynard]

That $460 million came out of Knight Capital's pockets too...and is far more effective than any fine the SEC could levy. Why should the SEC pile on, aside from the populist outrage that goes along with people handling billions of dollars?

Re:The fine wasn't all of the punishment

[Software]

If Knight had put the $460 million in a pile and burned it, there would be no fine. The problem was that their algorithm was wildly buying and selling shares in the open market, and thus distorting that market. See the graph at http://www.businessweek.com/articles/2013-06-06/the-knightmare for an example of a stock that was affected. What if you were an investor in that stock who had set a stop-loss at $10? Knight's wild selling would have triggered the stop-loss, and you'd lose money because of Knight's actions. This gross market distortion is what the fine was meant to punish.

Re:The fine wasn't all of the punishment

[JesseMcDonald]

What if you were an investor in that stock who had set a stop-loss at $10? Knight's wild selling would have triggered the stop-loss, and you'd lose money because of Knight's actions.

No, you'd lose money because you sold at the wrong time based on an automated trading rule rather than your own informed judgement. That is the risk you take when you enter a stop-loss order: if the drop in price is temporary, you're going to lose money. It makes no difference why the price moved. Knight's inadvertent trades are not to blame here. No one who payed attention to the fundamentals lost anything. Only those who panicked took a loss, and deservedly so.

They lost their own money

As a proprietary trading firm, they were working entirely with their own money. They had no external investors or whatnot (like hedge funds do). So, they made a mistake and they paid for it dearly. It's not clear to me that they should have paid any fine.

The article's whole argument seems to be made by comparing the size of the trading loss to the size of the fine, but no logical reasoning is given for why the one should have any relation to the other.

TFA sucks.

Not joking with this...

[EmperorOfCanada]

I'm not joking when I say that procure number one when money is flying out of your servers is to Shut Them Down instantly. I would have pulled the cables out so fast the CPU might have been yanked out with the network cable. Or a good old shutdown -h now !!!!! (The exclamation marks speed up the shutdown)

And I wouldn't have done this one server at a time it would have been all the servers at the same time. I suspect they would lose money by not having the servers up but not at the firehose rate that they were losing money as they were.

The worst part is that the admins were probably following some procedure in their book and were refusing to just pull the plug in some vain attempt for 99.9 percent up time or other admin related metric instead of the clear "Don't Lose $48 Million a minute!!!!" metric. So probably another clear case of IT's priorities getting way out of sync with the company's actual priorities.

Re:Not joking with this...

[locofungus]

The problem with this is that they didn't know they were losing money.

The trading had gone haywire and they didn't understand why it was doing what it was doing but at the time it was happening they couldn't say if they were making or losing money.

They built up positions of billions of dollars and only once it was all unwound and settled were the losses finally known.

I can feel for the programmers and sysadmins. Maybe this was right - maybe pulling the plug out would prevent the unwinding of positions that would then make money for the firm.

I wouldn't be surprised if there weren't previous problems where programmers and admins had been criticized by management for "doing the wrong thing with hindsight" when they didn't understand what was going on. If you have that sort of management culture then the natural inclination becomes to do nothing and push the responsibility up the chain.

Similar disasters have happened in the past - one that springs to mind was Piper Alpha where the other nearby rigs continued to pump gas to it even when they could see it was on fire - because if you stop pumping it takes days and costs a fortune to get things back up and running and it might just have been an easily controllable fire.

There's a very fine line to be drawn between reacting to the unknown too soon and reacting too late. There's also a fine line between making a reasonable best guess with the facts available and just making a random guess.

http://en.wikipedia.org/wiki/Piper_Alpha

The fire would have burnt out were it not being fed with oil from both Tartan and the Claymore platforms, the resulting back pressure forcing fresh fuel out of ruptured pipework on Piper, directly into the heart of the fire. The Claymore platform continued pumping until the second explosion because the manager had no permission from the Occidental control centre to shut down. Also, the connecting pipeline to Tartan continued to pump, as its manager had been directed by his superior. The reason for this procedure was the huge cost of such a shut down. It would have taken several days to restart production after a stop, with substantial financial consequences.

Bad code wasn't the problem

[onyxruby]

This had absolutely jack to do with bad code, that wasn't the problem. The problem was a failure to adhere to best practices that would have prevented the bad code from ever seeing production to begin with. The lack of a process for the distribution of code to production made a failure for bad code inevitable.

This was sheer incompetence of the highest magnitude and should have been readily caught in the lab. This is what happens when cowboys run the show and ITIL is considered a four letter word. Take your younger staff, the wannabe cowboys and make them read this report. Let them learn at others incompetence. As for getting your management to read this, that's an entirely different story.

Re:Bad code wasn't the problem

[Princeofcups]

This had absolutely jack to do with bad code, that wasn't the problem. The problem was a failure to adhere to best practices that would have prevented the bad code from ever seeing production to begin with. The lack of a process for the distribution of code to production made a failure for bad code inevitable.

This was sheer incompetence of the highest magnitude and should have been readily caught in the lab. This is what happens when cowboys run the show and ITIL is considered a four letter word. Take your younger staff, the wannabe cowboys and make them read this report. Let them learn at others incompetence. As for getting your management to read this, that's an entirely different story.

After working in the early days of computer trading, I can tell you that every minute that the new code is not in place they are "losing money, and IT is to blame." If there's a glitch like this one, then they "lost money, and IT is to blame." Do you see a pattern. The managers and traders are never to blame.

Failures in Large Software Systems Seem the Norm?

[BoRegardless]

I am a bit numbed by the number of failures of software systems at big companies (& governments) who should know better.

If you are designing critical systems, there has to be an incredibly detailed master system describing fallbacks, trip points and fail safe conditions, let alone a gross shutdown (seen multiple times recently.) What do these failures in both checking and security and logic mean for trusting large institutions and government?

The question: What overview system of principles of software design are going to be needed to properly organize a major software program from day one to prevent, at least, the obvious failure modes? There is something inherently wrong by design when hundreds to thousands of security breaches occur in the US on public websites and databases each year.

Wall St systems in general are bad

[Andover+Chick]

Most all Wall St firm's systems are bloody awful. There are many reasons for this. First, the true business is sales/brokerage so the engineering side, though it is a strategic asset, is often neglected. This includes putting clueless business side people in charge of IT system. Second, the boom and bust cycles of tech investment are a bad way of building tech systems. It's like not watering your garden all summer except for one day when you use a high-pressure fire hose on it. Third, as part of the boom/bust cost cutting they have no employee longevity in tech so no one understands how the mind-bogglingly complex and obscure layers of technology work. Fourth, and more recently for cost cutting, they've dispersed their dev teams around the globe so communication and teamwork are seriously compromised. Fifth, when there is a boom they try to build their systems so quickly that they take all sorts of dangerous engineering short cuts. All this adds up to engineering disaster.

Re:It's their money

[gnupun]

That's like saying mugging is not a crime. Your money is just being redistributed to the needy.

Re:I don't see the point of a $12M fine.

[Solandri]

Just make sure they suffer all the pain caused by the $450 Million loss

They did. It was their own money they lost. The summary and TFA gloss over that fact in some circuitous attempt to grind a non-relevant axe. Fining them makes about as much sense as charging someone who fails at committing suicide with attempted murder.

Re:It's their money

[ShanghaiBill]

That's like saying mugging is not a crime.

No it isn't. It is like saying that going up to people in a dark alley and stuffing money into their pockets is not a crime.