Managing Bank Operations Danger

So we have had one more huge loss at a major bank. The unfolding Société Générale loss may very well be the most significant (so far), however it Bank Risk Management is neither the very first not the final. Jerome Kerviel appears set to join a notorious band of rogue traders for example Nick Leeson and Toshihide Iguchi.

And also the funny issue is the fact that regardless of all the hand wringing and accusations leveled at its newly exposed rogue trader, the management of Société Générale fails to view Risk Management Software exactly where the actual blame truly lies. Place simply - on it really is own doorstep.

As the proof of this massive loss and its underlying circumstances starts to emerge one particular factor is eminently clear. The entire debacle might be blamed squarely on the failure of Société Générale's Board and its Senior Management to take its operations threat management obligations seriously.

Already, within days from the loss becoming found an abundance of anecdotal evidence has begun to emerge. Let's appear at several of these;

o "The ... bank mentioned that it tried on quite a few occasions to make Mr. Kerviel take a number of weeks off, but that it eventually went together with his excuses for staying at work" (breakingviews.com)

o "The prosecutor also mentioned that Mr. Kerviel admits to disregarding Société Générale's trading guidelines but says other individuals also flouted limits made to contain risks to the bank". (Wall Street Journal - January 29, 2008).

o "... was the IT drawbridge effectively raised when he produced his move out on the back-office and onto the trading desk in 2005? Clear segregation of back-office and front-office activities was among the list of clearest lessons to emerge from the rogue-trading scandal at Barings Bank in 1995; at SocGen, these lines seem to have blurred." (Economist.com).

o "Eurex, the futures exchange of Deutsche Börse, questioned the trading position of Mr. Kerviel final November." (Wall Street Journal - January 29, 2008).

o "Veterans with the futures markets are baffled about how Mr Kerviel got away with building up such a massive position unnoticed." (Economist.com).

And yet initially Société Générale painted themselves as the hapless victim of a canny and malicious fraudster who ruthlessly overrode all controls, so carefully developed to trap his ilk.

And all this points squarely at a massive management failure inside the operational danger arena.

Basel II, which the European banking industry has spent the last half decade preparing for and which officially came into impact inside the EU on 1st January 2008, is definitely the present typical of very best practice for management of operational threat.

The Basel II definition of operational danger is "... the danger of loss resulting from inadequate or failed internal processes, men and women and systems or from external events. This definition contains legal risk, but excludes strategic and reputational threat."

Aside from the specific particulars of how capital is usually to be allocated against operational danger Basel II requires that apart from the "Basic Indicator Approach" (whose users are anyhow needed to comply with "Sound Practices for the Management and Supervision of Operational Risk" standard of your BIS), these much more sophisticated banks applying either the "Standardized Approach" or the "Advanced Measurement Approaches" should satisfy its local banking supervisor that, as a minimum;

o Its board of directors and senior management, as proper, are actively involved within the oversight in the operational risk management framework,

o It has an operational danger management technique that is definitely conceptually sound and is implemented with integrity, and

o It has enough sources inside the use of your strategy within the major enterprise lines also because the manage and audit regions.

If we appear more closely at "Sound Practices for the Management and Supervision of Operational Risk" we've an outline prepared by the Danger Management Group of the Basel Committee on Banking Supervision, which sets out a series of principles that offer a framework for the successful management and supervision of operational threat, for use by banks and supervisory authorities when evaluating operational threat management policies and practices. The very first 3 of these principles relates towards the role and responsibilities with the directors and senior management of the bank with regards to an appropriate operational danger management environment. Principles 4 to 6 handle the identification, assessment, monitoring, as well as the mitigation/control of operation risk whilst Principle 7 bargains with the need to have for proper and productive Business enterprise Continuity.

Clearly on the basis in the emerging evidence, the parties who need to shoulder the blame in the Société Générale debacle look to be eminently clear.