May 4, 2016 | Written by: Andrew Waxman
There was a time when Rogue Trading was the key risk that banks had to protect themselves and their clients from. Remember Nick Leeson who brought down the House of Baring Capital? Then came everything else. Analysts pushing zombie stocks to clients. Traders shorting assets being sold to clients. Extreme leverage. Anti-Money Laundering. Interest rate and FX collusion. Pump and Dump schemes. Ghost in the machine trades. Algorithms gone wild. Ponzi schemes. External intruders. The list of internal and external threats is seemingly never ending. Banks have been paying billions out in penalties for past failures. Do bank critics really think banks want to be doing that? Let’s get serious. They don’t. It is not simply the payment of billions but the loss of client and investor confidence that is the true cost of these poor outcomes. But how to use trade surveillance to defeat all these attacks coming from all fronts?
One important strategy has been to ramp up internal surveillance programs to identify bad actors through analysis of their trades and communications internally and externally. It is no exaggeration to say that proper and appropriate surveillance could have helped to avert or reduce the impact of many of the events that banks have been paying for in the past few years: the LIBOR and the FX scams are the most obvious examples. Yet reviewing the current state of play in the banking world, there are a number of issues with the current environment.
Issue 1 – Separate Surveillance Functions
There are a number of different surveillance functions operated by investment banks, including trade and communications surveillance. Banks monitor traders in a number of ways, including, trading limits and a number of supervisory controls from annual leave to system access, ethical wall breaches etc. In addition, profit and loss reviews, trade book analysis, middle office reconciliation activities help prevent abusive or illegal conduct. Currently, however, these surveillance and supervisory functions and findings are rarely aggregated so that surveillance is conducted desk by desk, business by business. Data is not shared across teams and functions even though such information sharing enhances investigatory capabilities.
Issue 2 – Data Not Aggregated
Data is collected and investigated by functions separately. HR data by HR. Trading breaches by Market Risk. Ethical Wall breaches by Control Room/Ethical Wall compliance. Money Laundering activity by Anti-Money Laundering Compliance. This is also true of different Lines of Business. Equities has its data sets and tools, different from Fixed Income and FX. Communications surveillance data is separate from trade surveillance data. Tools are designed to meet the requirements of each different function and data is maintained to support the analysis of each one. This adds to the cost of managing and maintaining the data required by each function.
Issue 3 – Studying the Past Vs Predicting the Future
Surveillance tends to be a reactive and passive process. Focus is on past patterns of activity to identify is a breach has occurred. This is of course required but it is not sufficient for surveillance to have maximum impact and unlock the value of the investment. A greater investment in predictive and future looking capabilities would generate more significant returns by preventing and minimizing adverse events and also by demonstrating a serious intent to creating a more reliable business platform for clients and other key stakeholders.
Putting in place a system that can leverage data aggregated from these different places to create a unified surveillance platform is surely the way forward. One place where risk and compliance managers can go to enable queries and analysis to be run against an aggregated data set would be a big improvement over the current state. In addition, the total cost of investing in a unified surveillance solution would likely cost less than investing in disconnected group by group efforts and the results are better.
However, putting in place an effective surveillance system that will enable banks to identify bad actors before they act or quickly afterwards, is far from simple. Let’s break down some of the challenges in doing so.
First, the threats posed by bad actors inside a major investment bank are increasingly global and this creates a number of issues for compliance and surveillance programs. For a start, there’s the language issue. Traders hail from different parts of the world, could be China, India, or Malaysia. Traders on the floor in New York may speak Arabic, Chinese or Hindi and they may conduct business in those languages too. Trades are executed in different countries and funds transferred to branches in yet other parts of the world. And one additional thing – data privacy and bank secrecy laws may restrict the flow of information across the borders of sovereign countries and so restricting the ability of a global bank to keep track.
Second, the data comes in different forms. Banks need to be able to monitor trading activity and the communications between employees and with customers that may be taking place around that activity. Trade information and transaction related data is generally “structured” data and that makes it relatively simple to query and analyze. Communication data, on the other hand, comes in a variety of unstructured formats – voice, email, instant messages, video files – and is harder to unpack for relevance. Capturing that data may be relatively straightforward but capturing it in a way that makes its analysis simple and efficient is much more difficult. One example. Traders assume different names/handles on different systems, say Bloomberg vs Email and so it is crucial to be able to marry together these to build a profile for one individual. Sounds simple, right? Not so much.
Third, the actors on the other side, the traders and their accomplices out to beat the system have new techniques and complex methods that are harder to detect. Furthermore, just when you think you know, understand and can counter them, these techniques change in response to the market environment and the techniques you are now deploying. Take the FX market manipulators as an example. That was barely on the radar as a risk to watch out for just a few years ago. Rapid trading systems that can make rapid fire offers to the market and then cancel after driving up prices is another recent example of “manipulation innovation”.
Innovation by manipulators on a global scale can only be effectively met by banks through innovation on a global scale also. This means building a central governance and management structure that can review the various data points and alerts across business units, data types and functional groupings. It also means creating a flexible and open architecture for surveillance that can enable a dynamic and changing set of analytical tools and scenarios to be plugged into a static but growing data set comprising communications data and transaction related information. Having a marvelous new smart tool is not so useful if it cannot be easily plugged into the data set so building an archive that is open and easily connected to is very important. This enables the data to be leveraged potentially for multiple purposes, not just for risk and threat identification, but also for other uses, such as E-Discovery, risk assessment and market analysis. Creating this scalable and open platform will be critical in reducing the cost and increasing the benefit of surveillance tools, as well as enabling banks to focus once again on innovation in fields that will lead to customer benefiting products and revenue growth.
Interested in more trade surveillance advice?
Andrew Waxman is an associate partner in IBM Global Business Services’ financial markets risk and compliance practice and can be reached at firstname.lastname@example.org or on Twitter @abwaxman. The views expressed here are his own. Copyright Andrew Waxman 2016.