Investment firms are changing their internal risk management controls and overall strategy to catch employee fraud in the wake of the trading scandal at French banking giant Societe Generale, according to a recent survey.
In response to the breach, in which a rogue trader allegedly carried out $7.6 billion in fraud, 85% of respondents said they plan to change their internal risk management controls. Seventy-five percent said they are changing their strategy to address potential employee fraud.
The survey, released Monday by Actimize, a supplier of anti-fraud and compliance software for financial institutions, queried 25 executives from 20 trading firms. Nearly half of the respondents represent firms with $100 billion or more in assets and 75% are in North America. A majority work in compliance.
Sixty percent said they have created a task force to address the risk associated with securities trading fraud and 48% said they expect to spend more to deal with the problem. Seventy percent expect additional regulations around securities employee fraud in the next year.
Survey respondents also identified disjointed silo systems as the top reason why Jerome Kerviel, the alleged rogue trader at Societe Generale, was not caught sooner. "The problem is to some extent created by the fact there are these highly siloed systems looking at [fraud] from different points of view," said Paul Henninger, Actimize director of fraud solutions.
In the case of Societe Generale, which made headlines in January, the suspect triggered a few red flags related to human resources and operational analysis, Henninger said. But because the incidents were disconnected, he was able to talk his way through them or manipulate the system to resolve the individual issues.
Trading firms have some of the technical pieces to address the problem, but "knitting them together is something they've only started to look at," Henninger said.
According to the survey, investment firms fully expect another huge loss to hit the industry due to fraudulent trading. Fifty-six percent said they think a loss of more than $100 million is likely while 22% said it's very likely. The survey also indicated that some firms are experiencing smaller breaches that don't make the news; 24% said they had a case of trader fraud within their organization in the past year.
"It's a continuing problem, not just an isolated thing that happens when someone gets out of control," Henninger said.
The survey findings reflect trends noted by Khalid Kark, principal analyst at Forrester Research. In an interview last month, Kark said some financial-services firms have increased their security spending due to the Societe Generale breach.
The additional spending, he said, tends to be on firming up processes that might introduce an element of risk, with a focus on tying security into a broader risk management strategy.