Monday 23 July 2012

Nightmare on Threadneedle Street

A prediction. Since the LIBOR scandal merged into the money-laundering scandals merged into various mis-selling scandals it becomes increasingly clear that the compliance function in many a bank has become deeply, hopelessly compromised. 

(We know how this happens: bullying bastards like Fred or Bob or Jim or big-swinging Dick make it quite clear they don’t wish to hear from risk-managers or financial controllers or auditors or compliance officers because They Are All Nay-Sayers, bent on disrupting the pure flow of commercial genius and the rich personal rewards it deserves. Said controllers generally know what is going on; but they are only human, and fairly well paid to find creative ways of turning the blind eye – indeed, sometimes even joining in with the great game of fleecing everyone in reach.)

Now: here’s the prediction. In the absence of an effective compliance framework, quotidian rule-bending for financial gain must inevitably sometimes have merged seamlessly into serious, purposeful, creative crime. I predict that some really substantial outright thefts and frauds by bankers will be revealed in the coming months. 

I don’t mean big losses racked up by ‘rogue traders’, or lazy haircuts inflicted on pension-funds, or laundering the shady revenues of Mr Unscrupulopoulos – all of which are bad and costly enough. No, I mean naked billion-dollar thefts. By bankers. Like what Andy Fastow did in Enron – but magnified in proportion to the vastly greater means a bent banker has at his disposal when Compliance has become accustomed to looking the other way. 

The shocking thing is that in the UK, for the last 5 years (another Balls-Brownite innovation) the ill-informed and under-resourced Inspector Knacker has officially stepped back from involvement in cases of fraud by banking staff, whose employers are generally able to avoid criminal investigations provided they compensate customers in full.   Not good enough.

Watch, and shoot. Watch, and shoot. 

ND

15 comments:

Barnacle Bill said...

Our American cousins will be going full throttle to prove it all started in Scotland!

BackOfficeGirl said...

I work in a back of middle office team, and my experience of our risk and compliance function is that many of them are unable to identify obvious risks that are staring them in the face.  Your post above is giving them far too much credit.  

They have little training compared to other support functions like HR, IT or Legal.  I worked on a secondment in our risk team and only met one who had the technical knowledge to fully understand what we do.  He is retiring soon.  It is also very difficult to prove if they're doing a good job or not, until something serious happens.  They are lucky rather than efficient.

Our risk guys rely on us to explain what is going on and ask us to tell them what risks we have identified, which they then log, and monitor how we are applying the controls which we think are appropriate.

When we do point out risks to them, we have a hard time getting them to rate these risks appropriately.  A lot of time is spent trying to prevent high impact events with extremely low probabilities, because they are quite obvious.  I imagine that many of the problem events which we see today were never even identified by a risk department in the first place. E.g risks of corporate espionage are usually monitored mostly by forcing everyone to wear an ID badge.  Not a bad thing in itself, but impersonation is not the likeliest way for espionage to occur.  But it creates a flurry of visible activity and lots of paperwork the FSA are happy to tick those things off as effective controls.  When things go wrong, they retroactively decide these types of controls were inadequate, but no bank would ever publicly challenge the FSA on this.  They have nothing to gain and everything to lose.  

Since 2008, the philosophy across my organisation has been to force everyone to look at Risk irrespective of their roles. Risk is "something that everybody does". I find that this just means no one is doing the job of identification and control properly and leaves the R&C function able to distance themselves from issues when they go wrong.

Sean said...

Re @bill, I am coming to the conclusion they might have a bit more than a point.

Anonymous said...

As I'm not involved in banking is there any chance you can explain to me why US politicians have jurisdiction over a British bank doing deals in Mexico?

And assuming that they have such jurisdiction, can you then explain to me why it was considered wiser to make a big hoo-haa over the actions of that bank, rather than simply ask the bank to freeze the assets of the alleged Mexican criminals?

Anonymous said...

If the regulators are ineffective - possibly deliberately so, then it would be a foolish risk manager who raised his/her head above the parapet. The message from the very top seems to have been "make the economy go as fast as you can". In such an environment no-one can be surprised at the result.

Anonymous said...

Horse, stable, bolted.

dearieme said...

Why don't we just shoot the lot of them? God will know his own.

andrew said...

i look forward to a new layer of regs being added

we are looking at the downside of the globalisation of london
if you were going to spend your life in the city you would be less likely to do something that would mean you had a problem getting another job there.
as things are, go to $foreigncountryfaraway, or go back there
if your corporate home is not in the uk, the same applies on a different level - at home you point at the bad people in $foreigncountryfaraway and explain that they are bad but we are good and do not need more regs giving a competetive advantage

our only defense is more regs as a shared culture is not there anymore but more regs drives business away.

Anonymous said...

You're on a hiding to nothing in Compliance, unless you have the hide of a rhinoceros or are very, very cynical.

Do your job well, and the BSDs will do their best to make your life hell, because you - YOU ! - are obstructing them at every turn, and stopping them doing their jobs - the jobs, you'll be reminded, that the living of everyone at the company depends on!

And if things get really nasty, who's the CEO going to side with - the people making the profits, or the people obstructing them?

Look the other way - you can't look yourself in the eye, and you'll STILL be first out the window when the solids strike the ventilator and everyone asks what the hell Compliance were doing.

Anonymous said...

ND It all depends who is doing the fiddling in the bank, the small fry are stamped on very hard the higher up they go the less is said and the more that is brushed under the carpet. As for checking for crims. and dodgy accounts and moving loads of dodgy money around the world when it comes to the little people just to open an extra account when you already have one, you have to prove who you are.

Graeme said...

as someone who was repeatedly stamped on by senior managers for "nay-saying" in the run-up to the dot-com scandals, I agree with every sentence of this post.

Anonymous said...

How many Compliance and Risk wallahs were sure enough of their judgement to go short?

Nick Drew said...

BB, Sean - yes, the envious Americans are after us every bit as much as the envious French + Germans: hence this post

BackOfficeGirl, I know what you are saying: still, I have frequently encountered risk officers who know the score perfectly well but are in no way supported from the top

Anon@10:56 - the Americans find ways of claiming jurisdiction wherever they fancy

Roger, Dearieme, Graeme, Andrew - yes, extreme measures needed, and it needs to come from Osborne, now (see link above)

hovis said...

Anon 9.17: Few, because as the old adage goes the market can remain irrational longer than you can stay solvent ...

hovis said...

or in the theme of the article should that be the market can remain corrupt lnger than your short(?)