2. AGENDA
Fraud defined
Insider Threat
Causes/Factors Impacting Level of Fraud
Case Study – Asset and Revenue Misstatement
3. WHAT IS FRAUD
As defined by Associate of Certified Fraud Examiners
In the broadest sense, fraud can encompass any crime for gain that uses
deception as its principal modus operandus. More specifically, fraud is
defined by Black’s Law Dictionary as
“A knowing misrepresentation of the truth or concealment of a material fact
to induce another to act to his or her detriment.1 “.
Consequently, fraud includes any intentional or deliberate act to deprive
another of property or money by guile, deception, or other unfair means.
4. THE INSIDER THREAT
In internal fraud scenarios :
Employees exploit their familiarity with internal policies, procedures,
and technologies
Inappropriate access to systems within the organization
Even collaborate with external attackers. e.g.:
Customer services fraud – Manipulation of internal systems to benefit friends, relatives and/or
external fraudsters
Procurement fraud - An employee works with an outside vendor to defraud an employer
Sensitive information abuse/leakage - Illegal extraction of the company’s sensitive information
(customer information, strategic future plans, etc.)
Technical (IT/Network) fraud - Abuse of an insider’s system privileges to commit fraud
6. $7.2 billion trading loss, the largest in
history, was committed by a 31-year
old junior trader in the firm’s Paris
headquarters who had joined
SocGen in 2000. He was not a senior
trader (annual salary is reportedly
€100,000) as in some of the other
frauds. He moved to the trading floor
from the risk control group in 2006
His role was to hedge exposures
using futures on European stock-
market indexes, including Euro Stoxx
50 ($50 billion daily volume),
Germany’s DAX Index and France’s
CAC-40
By the end of December, the
positions were significantly in the
money, but became unprofitable
after the market turmoil occurred at
the beginning of 2008
Risk control specialists first discovered
the suspicious trades when
investigating an outside trading
partner of the bank, whose account
showed unusually high finance
levels. The client, when asked by the
bank about the account’s finances,
denied knowing of it. The full extent
of the fraud was known within a day
or two
The trader does not appear to have
profited from the fraudulent trades
and his motivations are unclear
It has been reported that such
trading raised supervisory/risk
management suspicions in the past,
but that the trader had successfully
addressed any questions/suspicions
Source PwC
SOCGEN—A ROGUE TRADING INCIDENT
7. SocGen missed 75 alerts between June 2006 and January
2007 on the activities of rogue trader Jerome Kerviel (JK)
Risk control procedures were followed correctly, but
compliance officers rarely went beyond routine checks
and did not inform managers of anomalies, even when
large sums were concerned. “No initiative was taken to
check JK’s assertions and corrections he suggested, even
when they lacked plausibility. . . When the hierarchy was
alerted, they did not respond”
The panel supported JK’s claim that he acted alone and
that he did not profit personally from the trades.
The investigation found that JK started building up non-
authorized trading positions in 2005 and 2006 for small
amounts but the positions he took grew in size from March
2007 onwards
By Christmas he was in profit by €1.4 billion but his
activities were discovered on January 8, fully identified
by January 18 and SocGen was forced to secretly
unwind the positions between January 21 and 23 in
falling markets, taking it to a €4.9 billion loss
The red flags that should have alerted bosses to the
rogue trades included:
A trade with a maturity date that fell on a Saturday
Bets without identified counterparties
Trades with counterparties within SocGen itself
Trades that exceeded the limits of counterparties
Missing broker names and large increases in broker fees
There were also differences of up to €1.1 billion during
reconciliations of JK's trading books with SocGen's
online derivatives broker. The panel found seven false
emails sent by JK that attempted to explain his trading
and counterparties
According to the London Times, an independent report to SocGen’s Board includes the
following information:
Source PwC
SOCGEN—A ROGUE TRADING INCIDENT
8. Some of the conclusions derived from public sources include:
Large speculative positions were concealed by equal and opposite fictitious trades, thus concealing
the MTM effect and market risk exposure.
Unauthorized trades were possibly booked across a large number of either dormant or "dummy"
accounts thus were not necessarily monitored on a regular basis.
The trader possibly entered into transactions with multiple large counterparties thus staying within limits
and possibly benefiting from cross-product netting for margin.
Massive open positions would have been rolled-forward to avoid settlements.
The trader may have used cancels and/or amendments on the fictitious trades to maintain the real
trades within limits.
In anticipation of periodic reviews by Risk Control, the trader may have used book-entry transfers to
move the massive real positions between accounts.
The trader most likely had access to both front and back systems through potential ID/password theft
and/or sharing or continued access from his previous role in Risk Control that should have been
terminated. Such access could have enabled manipulation of credit, market risk and trade-size
controls.
Trader most likely did not take any vacation during this period and frequently worked late into the night
or on weekends.
It remains possible, despite SocGen’s management’s declaration otherwise, that collusion with either
external or internal parties were involved. At a minimum, friendships established during years in risk
management were maintained and used to obtain information.
Source PwC
SOCGEN—A ROGUE TRADING INCIDENT
9. CAUSES/FACTORS IMPACTING LEVEL
OF FRAUD
The absence of policies and procedures aimed at preventing and deterring
employees/vendors from committing fraud
High growth rate in the information technology, coupled with an even higher attrition rate
There is an absence of dedicated efforts/specialized skill sets to prevent/ detect fraud under
pressure situations. Inadequate infrastructure/processes for performing employee
background checks
Misuse of the trust and responsibility obtained in an organization is another key cause for
committing frauds
Pressure of expectations has been a determining factor for some of the employees in their
attitude towards fraud