The news broke on January 24, 2008 that a rogue trader at Societe Generale was allegedly responsible for nearly US $7 billion (4.9 billion euros) in fraudulent transactions. Hours later, Bank of France governor, Christian Noyer, tried to allay fears. Refuting any connection between sub-prime exposure and the situation at hand, Reuters reports Noyer as saying that "nobody could have foreseen the loss" but acknowledged that risk controls should have been a barrier. "Today we have seen there was a glitch in the system that was exploited by someone who I think got around five successive risk control systems." See "Bank of France head reassures after SocGen fraud" (January 24, 2008).
When contacted for comments by www.pensionriskmatters.com, Mr. Tony Turner, principal with Financial Tracking, LLC asks – "Who was watching the store and who was watching the watchers? This highlights the need for automated and consistent monitoring and alerting."
What’s interesting (at least based on preliminary public information) is that the identified bad player was supposedly an expert in operations and able to use that knowledge to his advantage. Many questions arise.
- How should back office, middle office and front office controls change to avoid a repeat occurrence?
- What role do humans play with respect to monitoring computer systems thought to be otherwise safe from attack?
- Who should ultimately bear responsibility for le rogue trader?
- Is this type of fraud a "black swan" event or can we expect more trouble?
- What can pension fund decision-makers do to better vet their banks’ risk controls?
This will not be the last time we read about fraud and its potentially devastasting impact on related parties.