Tuesday, June 03, 2008

Rogue trading - not an isolated incident

With rogue trading, data leakage and malicious attacks adding to banks' litany of reputational woes, it is no surprise to learn that banks are taking a peek 'under the bonnet' to see how well their risk management and detection systems are actually performing in today's more heightened regulatory environment.

When the SocGen rogue trading incident blew up earlier this year, other banks may have breathed a collective sigh of relief that it wasn't them receiving the unwelcome publicity, but at the same time they probably secretly acknowledged that rogue trading was not isolated to a single institution.

In fact it is probably fair to say that the bonus culture within most investment banks means they are unlikely to design and implement risk management systems that wholly curtail the creative urges of their traders.

Having said that,it is interesting to hear that an increasing number of firms (85%) plan on modifying internal controls in light of recent rogue trading incidents and that 60% have created special task forces in response to high-profile rogue trading incidents, according to Actimize's Rogue Trading Peer Review.

In order to keep the regulators at bay, banks need to be seen to be doing something to address what is at best an endemic problem. According to Actimize's review findings, more than 75% of respondents anticipate another large rogue trading fraud loss, worth more than $100 million to be uncovered at a large financial institution within the next 12 months.

An additional 50% indicated that rogue trading activities ranging from thousands to millions of dollars go unreported every year at their firms. One has to ask why these incidents are going unreported? Is it because risk management systems are not detecting them? Or is it a culture of silence fuelled by the bonus culture within investment firms that is preventing these incidents from being reported?

According to Actimize's review, 24% of respondents said they had experienced a case of trading fraud at their firms in the last 12 months, and 44% confirmed a case of employee fraud had occurred in the same period.

This confirms the increasing view that the greatest threat financial firms face is not external but internal, be it either unintentional (accidental data leakage from laptops, P2P technologies, USB sticks) or malicious (disgruntled employees, rogue traders).

When it comes to securing trading systems, Frédéric Ponzo, managing director of NET2S consultancy, says historically it has been a case of trying to make conventional security technologies (firewalls, anti-virus, anti-spyware, anti-keyloggers etc) work in a trading environment.

One of the biggest problems, he says is providing a secure infrastructure around "black box" trading terminals, some of which have email systems that do not necessarily fall within the usual security guidelines and policies of a company. These email systems remain vulnerable to attack or data leakage.

French IT security firm, SkyRecon Systems believes it has the answer in the form of its TradeShield solution, which aims to replace point-to-point security solutions in the trading environment with a "single agent, single management console" for managing system and user risk.

Designed specifically for the trading environment, TradeShield provides integrated protection including device control, data encryption, intrusion detection, firewall, network access control and centralised security policy enforcement.

Instead of having to enforce security policies and procedures for normal desktop computer use and trading applications, SkyRecon says that when a trading application is launched, for example, the computer cannot be used for anything else (for example, sending emails, personal instant messaging, peer-to-peer downloads).

The challenge for any solution in this space has to be providing the right level of control while enabling traders to have access to the tools they need (files, emails, IM) in order to trade effectively. Instead of completely "locking down" applications, SkyRecon says TradeShield allows applications to run but with the appropriate level of protection.

No comments: