What the Jerome Kerviel Case Can Teach Us About Fraud Detection 10 Years Later
Essentially, the banks are making the same mistakes that they always have by inadvertently allowing high risk trading to go undetected until it is far too late.
The Kerviel Case
This month marks a decade since Jérôme Kerviel was taken into custody after being accused of perpetrating the biggest financial fraud case in history. As a trader at Société Générale, Kerviel carried out unauthorised trades to a reported value of €49.9bn. Just five days after the bank released details of Kerviel’s illicit activity, the market had experienced losses of around €5 billion.
Kerviel was sentenced to five years in prison and ordered to pay back the €5 billion that he lost. The months that followed saw blame shift around: some thought it was the work of one greedy trader, others maintained that the company, and the industry in general, encouraged the sort of competitive corporate culture that facilitated fraudulent behavior.
The bank responded to its internal crisis of negligence by implementing a new technological solution to join the dots across its control framework and proactively identify high-risk trading activity. Many leading financial institutions implemented similar solutions designed to ensure employees would not be able to do what Kerviel did without detection. The solution solved a specific problem, but inadvertently set a troublesome precedent in the way institutions would deal with similar scandals.
Temporary Solutions Enable More Fraud
Only four years later, in May 2012, it was revealed that JP Morgan trader Bruno Iksil (known as the London Whale) had carried out aggressive trading activities in the credit default swaps (CDS) market, which led to market losses of $7 billion. Just as they did after Kerviel, banks developed specific solutions to protect against this type of high-risk trading.
One month later, in June 2012, London bankers were found to have been habitually altering the interest rates they submitted to the Libor in successful attempts to appear more trustworthy than they really were. Once again, after heavy fining, banks employed more technological solutions and industry-wide regulations to prevent further Libor manipulation but failed to look at the conduct of their employees in depth.
The Current State of Regulation
So, what have we learnt in the last ten years? Well, there has been a positive shift in culture – responsibility for risk management and indeed, prevention, weighs more heavily on the shoulders of the front office. It is no longer a case of ‘let’s make money, whatever the cost’ – protection of reputation and accountability to shareholders and the public is just as important.
However, it appears that when a scandal emerges, banks implement a strategy that prevents that particular issue from happening again, but does not address wider issues of conduct. A bank must assume that no matter what culture they manage to create, they are always at risk of employee fraud. Until this is accepted, banks will remain vulnerable.
Essentially, the banks are making the same mistakes that they always have by inadvertently allowing high risk trading to go undetected until it is far too late. Solution building after each scandal complicates the monitoring space by introducing a range of overly simplistic point solutions that only respond to the immediate high-profile behaviour. Technologies already exist in this area that would allow banks to address immediate priorities, as well as leverage best-of-breed artificial intelligence and big data to protect themselves in the future without their systems quickly becoming out of date.
For any real change in the area to occur, the industry must see the merit in taking a proactive, holistic approach towards employee misconduct. It is not a regulatory box to be ticked, nor a single problem that can be solved in isolation. It is the responsibility of all banks to do everything in their power to prevent another rogue-trading scandal.
Because the question is not “if” something like the Societe Generale debacle will occur again – it’s “when.”