Feeds

How to lose $7.2bn with just a few Basic skills

SocGen: it could've happened anywhere - and still might

Providing a secure and efficient Helpdesk

Special report As I swept through Kent and Calais on a Eurostar last week, the financial markets again threw some entertainment my way in the shape of the SocGen debacle.

My last Reg piece explained that the credit crunch was partly fuelled by VBA and that is what appears to have happened again.

However, Eurostar trains don't have Wi-Fi, and my only access to the world was a BlackBerry. So getting Kerviel's number took hours, by which time he had gone to ground. He has my mobile number if he wants a chat...

Nevertheless, in various Paris bars over the weekend, fragments of the story grew in the telling. There were a few common threads, but the consensus was not surprise that this had happened - just that it happened to SocGen, which has an enviable reputation throughout the market as a "smart" bank.

Absolutely no trader or quant has said to me "couldn't happen at my bank". A couple of sharp risk managers correctly speculated that the numbers involved would grow, and that because he had compromised the systems no honest final number would be available soon. Since it appears that it was an external source who complained about the problem, not SG risk management, this seems highly credible.

SG say it is going to sue Kerviel, but according to the lawyer I was travelling with, this could be a six year case if he makes a fight of it. His low rank meant that none of the traders seemed to know him personally, implying that the great bank had been bitten hard by a junior henchman, and he had dug himself in a hole in an attempt to claw himself up from a 75K entry level package.

Most of the media have yet to pick up on the fact that he was supposed to be an arbitrageur, someone who makes riskless profits by spotting things that have been given the wrong price. Instead he bet on prices going up and down. One idea that caused much merriment late Saturday on the Ile Saint-Louis is that his work was deemed to be so low-risk that no one looked all that hard at it.

Oh how we laughed.

Another reassuringly expensive lawyer held the underyling cause to be the "tick box" mentality, whereby every bank produces a thick "compliance manual" which no one ever reads; part of a process where people do what they are told rather than think.

Market Impact

More than one person pointed out that SocGen were likely to lose money just to get out of this mess, as banks spend good money on "market impact models"; confections of hard maths that try to avoid your bidding up prices against yourself. Also, they would be forced to offload regardless of market conditions, so this may end up more expensive than the original foulup.

Qui est cet homme?

No less a figure than the President of the Bank of France called M. Kerviel a "computer genius", which is frankly just about as silly as M. Noyer's apparently blind acceptance of the lines fed to him by SocGen. One can only speculate on what else he has swallowed in this matter. SG's CEO Daniel Bouton referred to Kerviel as a "mutating virus", to bolster the notion of a hi-tech attack by the love child of Lex Luthor and Bill Gates.

But I headhunt people for the high end of banking, and Kerviel's CV is not that of a BOFH. We have quite literally hundreds of PhDs on our books from quantum physics through exotic mathematics, incomprehensible dealings in game theory, and bleeding edge programming in F#, to cruel and unusual C++. A few have made serious money out of poker. Some are fighter pilots. In this field a bit of VBA does not impress.

But I can infer he was a superior tactical programmer because he was promoted out of the wilderness, which implies he can work hard, and so commands some respect. He might have downloaded some scareware, but the idea that he did any hardcore hacking seems like a fanciful attempt to make SG look less negligent. No one would blame a bank that was raided by heavily-armed special forces, but SG was in effect taken by the man who mends their guns.

Secure remote control for conventional and virtual desktops

Next page: Je pense que...

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.