Feeds

How to lose $7.2bn with just a few Basic skills

SocGen: it could've happened anywhere - and still might

Secure remote control for conventional and virtual desktops

Special report As I swept through Kent and Calais on a Eurostar last week, the financial markets again threw some entertainment my way in the shape of the SocGen debacle.

My last Reg piece explained that the credit crunch was partly fuelled by VBA and that is what appears to have happened again.

However, Eurostar trains don't have Wi-Fi, and my only access to the world was a BlackBerry. So getting Kerviel's number took hours, by which time he had gone to ground. He has my mobile number if he wants a chat...

Nevertheless, in various Paris bars over the weekend, fragments of the story grew in the telling. There were a few common threads, but the consensus was not surprise that this had happened - just that it happened to SocGen, which has an enviable reputation throughout the market as a "smart" bank.

Absolutely no trader or quant has said to me "couldn't happen at my bank". A couple of sharp risk managers correctly speculated that the numbers involved would grow, and that because he had compromised the systems no honest final number would be available soon. Since it appears that it was an external source who complained about the problem, not SG risk management, this seems highly credible.

SG say it is going to sue Kerviel, but according to the lawyer I was travelling with, this could be a six year case if he makes a fight of it. His low rank meant that none of the traders seemed to know him personally, implying that the great bank had been bitten hard by a junior henchman, and he had dug himself in a hole in an attempt to claw himself up from a 75K entry level package.

Most of the media have yet to pick up on the fact that he was supposed to be an arbitrageur, someone who makes riskless profits by spotting things that have been given the wrong price. Instead he bet on prices going up and down. One idea that caused much merriment late Saturday on the Ile Saint-Louis is that his work was deemed to be so low-risk that no one looked all that hard at it.

Oh how we laughed.

Another reassuringly expensive lawyer held the underyling cause to be the "tick box" mentality, whereby every bank produces a thick "compliance manual" which no one ever reads; part of a process where people do what they are told rather than think.

Market Impact

More than one person pointed out that SocGen were likely to lose money just to get out of this mess, as banks spend good money on "market impact models"; confections of hard maths that try to avoid your bidding up prices against yourself. Also, they would be forced to offload regardless of market conditions, so this may end up more expensive than the original foulup.

Qui est cet homme?

No less a figure than the President of the Bank of France called M. Kerviel a "computer genius", which is frankly just about as silly as M. Noyer's apparently blind acceptance of the lines fed to him by SocGen. One can only speculate on what else he has swallowed in this matter. SG's CEO Daniel Bouton referred to Kerviel as a "mutating virus", to bolster the notion of a hi-tech attack by the love child of Lex Luthor and Bill Gates.

But I headhunt people for the high end of banking, and Kerviel's CV is not that of a BOFH. We have quite literally hundreds of PhDs on our books from quantum physics through exotic mathematics, incomprehensible dealings in game theory, and bleeding edge programming in F#, to cruel and unusual C++. A few have made serious money out of poker. Some are fighter pilots. In this field a bit of VBA does not impress.

But I can infer he was a superior tactical programmer because he was promoted out of the wilderness, which implies he can work hard, and so commands some respect. He might have downloaded some scareware, but the idea that he did any hardcore hacking seems like a fanciful attempt to make SG look less negligent. No one would blame a bank that was raided by heavily-armed special forces, but SG was in effect taken by the man who mends their guns.

Secure remote control for conventional and virtual desktops

Next page: Je pense que...

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
No, thank you. I will not code for the Caliphate
Some assignments, even the Bongster decline must
Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
Founder (and internet passport fan) now says privacy is precious
TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit
Chocolate Factory hits back at firm for suing customers
Mozilla's 'Tiles' ads debut in new Firefox nightlies
You can try turning them off and on again
Facebook, Google and Instagram 'worse than drugs' says Miley Cyrus
Italian boffins agree with popette's theory that haters are the real wrecking balls
Sit tight, fanbois. Apple's '$400' wearable release slips into early 2015
Sources: time to put in plenty of clock-watching for' iWatch
Facebook to let stalkers unearth buried posts with mobe search
Prepare to HAUNT your pal's back catalogue
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.