Thursday, March 4, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

Reducing the Risk of Rogue Trading

by Jim DeLoach
October 28, 2014
in Risk
Reducing the Risk of Rogue Trading

Rogue traders don’t surface often, but when they do they can cause major losses and embarrass senior management. Because a rogue trader calamity is neither new nor limited to the financial services industry, Boards and senior executives may want to consider the questions they should ask about their organization’s use of financial instruments that can have explosive consequences if not used properly or as authorized.

Tone at the top is vital to managing the use of financial derivatives, as dysfunctional behavior can undermine established policies and controls, creating organizational “blind spots” that can lead to inappropriate risk taking and violation of established policies.  For example, lack of transparency, conflicts of interest, a flawed “star system” or a warrior “eat what you kill” or “shoot the messenger” culture may encourage undesirable behavior.

However, the top-down emphasis on ethical and responsible business behavior in any organization is only as strong as its weakest link. Therefore, the organization’s tone at the top must be translated into an effective tone in the middle before it can reach the rest of the organization. This “tone of the organization” influences its risk culture, which is the manner in which the organization’s personnel perceive and manage risk.  It must be clear to everyone that executive management and the Board of Directors value risk management as an important discipline in conjunction with managing the business and pursuing value-creation opportunities.  Unit management and middle managers must share that view, as well; managing risk is an organizational imperative and everyone’s job.  This is the first line of defense against rogue trading.

Effective internal control design, including segregation of authorization, execution and settlement activities, is the second line of defense against unauthorized trading or speculation.  Written risk limits, automated exception reporting, pre-approved products, clearly defined counterparty criteria and close supervision, among other things, are critical to ensuring that established risk-control policies are followed.

Effective ongoing monitoring of key controls by middle- and back-office personnel, as well as oversight by an independent Chief Risk Officer and risk-management function provide the third line of defense.  Periodic separate evaluations by qualified internal auditors provide the fourth line of defense.  An effective escalation process for calling out rogue behavior is the final line of defense.

Beyond the impact of the organization’s culture and the effectiveness of its internal controls and various checks and balances, the following are important questions for Boards and senior executives to reflect on:1

  1. Are we using derivatives to speculate on markets? If so, who is doing it and why? On what are these bets being placed and how often?  Trading derivatives for profit is a very different end game compared to using them to manage risk.  Clarity of purpose is important if internal controls are to be effective in identifying off-strategy behavior.
  2. Do our systems tell us what we need to know regarding our current positions? Financial markets can change significantly in a very short time, so periodic reports on positions may have limited usefulness.
  3. Do we know the sources of our risks and how they affect our operations? – An enterprise-wide view of risk and how the activities of the enterprise (including within individual operating units) affect risk are essential.  Relevant views of risk might include a unit, product, counterparty or market view.
  4. How are we valuing our positions? Marking derivatives to market in accordance with a frequency driven by the complexity and significance of the company’s positions is a vital procedure.  If proxy values are used for illiquid derivatives whose valuation is derived from underlying assets, interest rates, exchange rates, indices or other interests, risk to extreme market shifts increases if the positions are substantial and the complexity of the instruments confound the efforts of the Board and senior management to understand them.  The value of these “exotics” may be derived from mathematical models that are not tied to market price quotes on equivalent transactions.  Some of the assumptions about yield curves, volatilities and other inputs fed into these models may be rendered invalid quickly over time from unexpected market shifts.  Liquidity risk, or the exposure to loss resulting from the inability to convert assets to an equivalent cash value, can have significant adverse consequences on the viability of the business if the positions are material to the company’s financial position.
  5. If we are using derivatives to hedge risk, what and how are we hedging and for how long? No matter what the hedging objectives are (e.g., hedge interest rate risk, currency risk, volatility risk, etc.), there is almost always some basis risk.  In many environments, basis risk often refers to the residual financial risk that remains after a financial hedge has been put in place.  For example, in the case of interest rate swaps, the basis is the difference between two floating rate indexes.  If a corporation converts floating rate debt to fixed, basis risk exists if the swap pays LIBOR while the firm’s funding strategy is based on U.S. commercial paper rates.
  6. Does our compensation structure encourage unacceptable risk taking? For operating units with significant risks, it helps to identify and understand the processes most likely to drive risk-taking behavior.  An example of such processes is trading activities that contribute to potential market, counterparty, concentration and commodity price risks.  Compensating traders without adjusting for the risks their activities create, or for how long the company will be at risk before profit is actually realized, may encourage undue risk-taking to attain higher bonus compensation over the short term.  Traders should have a skin in the longer term as well.  Clawbacks, deferred payments and other tools may help align payments with risk outcomes and actual firm performance.
  7. Who is overseeing the use of derivatives in our company? Depending on the nature and extent of derivatives activity, accountability for their appropriate use and control may rest with the CEO, the CFO, a designated unit or another arrangement.  Likewise, the Board of Directors should assess its appropriate oversight approach, e.g., through a separate committee or special subcommittee.

Rogue trading often occurs because of deficiencies or flaws in an organization’s risk governance, processes, supporting technologies and culture.  Based on the extent and nature of use of financial derivatives in the organization, executive management and the Board of Directors may want to consider the above questions when evaluating the enterprise’s capabilities for preventing and detecting rogue trading.

1 The questions in this list are adapted from an outstanding op-ed by Richard C. Breeden, “Directors: Control Your Derivatives,” The Wall Street Journal, March 7, 1994 that remains current today.


Previous Post

Right to Retire Or Termination: Remediation of Leadership To Foster Compliance

Next Post

Encryption: What Is It Good For? (Risk & Compliance)

Jim DeLoach

Jim DeLoach has over 35 years of experience and is a member of Protiviti’s Solutions Leadership Team. With a focus on helping organizations respond to government mandates, shareholder demands and a changing business environment in a cost-effective and sustainable manner, Jim assists companies in integrating risk and risk management with strategy setting and performance management. Jim has been appointed to the NACD Directorship 100 list from 2012 to 2017.

Related Posts

blue road sign with arrow on black asphalt background

Dynamic Risk Governance: Linking Strategy and Risk Management

February 15, 2021
three red dice on green felt tabletop

The COVID Trio: 3 Top Risks from a Year of Upset

February 4, 2021
Deloitte: Global Risk Management Survey, 12th Edition

Deloitte: Global Risk Management Survey, 12th Edition

February 2, 2021
illustration of businessman holding giant shield to protect him from falling arrows

Is Your Risk Culture Aligned With the Realities of the Digital Age?

February 2, 2021
Next Post
Encryption: What Is It Good For? (Risk & Compliance)

Encryption: What Is It Good For? (Risk & Compliance)

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Addressing systemic racism in the workplace SAI Global
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights