This book suggests ways for banks and financial institutions to strengthen their defenses during the good times to better protect themselves during the storms that will inevitably hit from time to time. The acquisition of risk management capabilities linked to what I call the “Cognitive Era” are going to be required.
The Cognitive Era is referenced in the title of this book for two important reasons. First, the field of cognitive psychology pioneered by Daniel Kahne-man and Amos Tversky, is in many ways a gift to modern risk managers. By leveraging some of this thinking (we will study some examples in the latter half of the book) risk management errors of the past can be avoided. Second, the era of “cognitive computing”, that has been recently heralded by IBM and other proponents of Artificial Intelligence, presents new opportunities for risk managers.
Partly due to the availability of ever-increasing computing hardware and network power and also due to the availability of new AI (artificial intelligence) technologies, corporations now have cognitive digital platforms at their disposal to improve their ability to manage a wide range of tasks. These platforms encompass machine learning, reasoning, natural language processing, speech and vision, human-computer interaction, dialog and narrative generation, and more – systems that learn at scale, reason with purpose, and interact with humans naturally. We explore some specific applications in the field of surveillance and regulatory management that can support the ability of banks to prevent and mitigate operational risks more effectively in the future. Some of these techniques are already being explored and implemented in the field.
The first part of this book, Chapters 2 through 14, takes the reader through a “Rogue Gallery of Wall Street” – the characters and events behind the losses and failures at storied investment houses and securities firms in the past several years. We look at some of the factors behind the events, the causes, and some of the things that can be done to prevent their reoccurrence in the future.
The Rogue Trader, naturally enough, is the first character we come across in this Rogue Gallery. Typical of this archetype was the trading incident at UBS that occurred in late 2011 that resulted in a loss of over $2 billion for that bank. This incident was similar in many respects to the Rogue Trader incident at Societe Generale5 only four years earlier that resulted in a loss of around $7 million. We will look at these characters and incidents in more detail in Chapter 2.
Rogue Traders, however, are not the only type of bad actor that investment banks have had to deal with in the past few years. The Genius Trader is the second character we meet, and, of course, is not always bad to know. As the name suggests, this character is very smart, perhaps too smart, and his colleagues and bosses give him more latitude to trade than other traders. The trades he executes and the positions he accumulates are very complex and not necessarily understood by his bosses or by the risk managers whose job it is to protect the bank from taking on too much risk. The losses that can result from these trading decisions and miscalculations can be very, very large, leading in some cases to the fall of a major financial institution.6 We will look at the many lessons for risk management from this and other episodes in Chapter 3.
Insider trading has also been front and center in the past few years. Many of those convicted of insider trading have been traders at hedge funds. One of the consequences of banking regulations has been the multiplying of hedge funds established by traders dissatisfied by the resulting conditions at the large banks. The spate of insider trading charges at hedge funds, some of which may lack sufficiently strong and independent compliance oversight and surveillance functions, has perhaps been the logical consequence of that. The issues here and potential remedies are looked at in Chapter 4.
Banks also need to be aware that there may be price manipulators in their ranks. Traders at several banks were charged in 2012 with the crime of manipulating LIBOR rates, rates that are set by a group of specifically appointed banks. The foreign exchange rate manipulation debacle followed soon after that.7 Wide-ranging investigations following both these scandals resulted in dismissals and even criminal charges levelled at several major banks. One may wonder justifiably why all the compliance and pricing infrastructure and policies and procedures that banks have put in place failed to identify these issues. We will look at these issues in more detail in Chapter 5.
Penalties imposed by regulators following mortgage-related litigation has been a significant drain on banks since the 2008 Financial Crisis. We identify the key risk indicators and lessons learned from these events in Chapter 6.
Meanwhile, threats inside banks and hedge funds posed by Rogue Traders and others are matched by threats posed by those from outside. Wall Street also needs to do a better job of protecting itself and society from these external threats: money launderers (drug gangs, terrorists, etc.), Ponzi schemers, cyberterrorists, social media, rogue technology, spreadsheets, and Acts of God. We will look at each of these risks and episodes in some detail and draw out what can be done going forward in respect of each one in Chapters 7 to 14.
Where the first part of this book catalogs some of the major risk incidents that have taken place in the last few years, the second part of the book, starting with Chapter 16, looks at the overarching tools that financial institutions have to work with to create an environment that can prevent and mitigate catastrophic events in the future.
The tools that banks have at their disposal to address these risks are first and foremost their employees. Whether or not employees are successfully enlisted in the battle is very much dependent on the culture that they collectively create. Chapter 17 describes a risk management culture that emphasizes the role of each employee and imbues in each a sense of mutual responsibility to the bank and to one another. Is there a sense of right andwrong that is asmuch a part of the bank as the financial language they speak? We will discuss the 360-degree risk culture at some length and look at examples and tools for making that happen.
In Chapter 18, will then proceed to discuss the importance of a common understanding and language to discuss and remediate the key types of risks facing banks today. What we are talking about when we talk about risk is something that each employee needs to understand from the top to the bottom. If one employee thinks of risk as one thing and his colleague thinks of it as another, then they will look past one another and fail to come together.
Chapters 19 and 20 discuss the classic paradigm of operational risk management – summed up by the words of the historian, Geoffrey Elton: “The future is dark, the present burdensome; only the past, dead and finished, bears contemplation.”8 Risk management has always placed great emphasis on studying the past. If one can determine the risk events and losses in the past, one can learn how much capital to set aside for future losses. If one can understand how much market losses there were in the prior period, one can identify the scope of potential losses in the future. While this approach may have been adequate in the past and does provide an effective measurement baseline, it is not sufficient for the future and so in later chapters we turn to explore newer, more modern approaches and techniques. It is not just financial loss that is at stake but the loss of reputation with clients and the broader community, as recent scandals have shown. A more ambitious goal set by the most innovative risk managers today is to understand the past, not just to measure it but also to prevent it from recurring