I’ve been thinking about rogues. Actually I’ve been thinking about auditors, defalcations/ frauds, Societe Generale, systems of internal control, and convenience. Most of the financial news stories of the prior week focused on the bloodbath that hit the world’s stock exchanges as the current Sub-Prime/ Alternative-A loan debacle continues to unwind. The US markets (closed on Monday for the observance of the Martin Luther King holiday) seemed to get a get a temporary pass from a week of otherwise global carnage. Was it the FED’s emergency rate cut of .75% and all the MEGA media hype surrounding proposals for some “major” $600 windfall for each US taxpayer (“maybe” materializing three to four months down the road) that spared only those exchanges in North America’s Eastern Standard Time Zone from the massive bloodletting? I don’t TH*NK so!
You see as a forensic investigative accountant and auditor, I am fascinated by the unfolding drama in Paris, France involving “the alleged” defalcations/ frauds by ONE single employee which caused losses of at least $7.1 BILLION to the second largest bank in France – Societe Generale. One might ask: why even care about the French story because the US markets obviously dodged the bullet last week? The answer rests in that I don’t see the Societe Generale event as some isolated incident! I fear it is but a harbinger of similar potential horror stories to come anywhere on the planet. Remember the maxim: “don’t be too smug because there but for the grace of God go I”
The forthcoming details of how a solitary 31 year old,
lower-level investments’ trader at this huge financial institution
could pull off such a devastating illegal pattern of activities for
almost two years fly in the face of all logic. Somewhere along the
line, one would presume that whistles, sirens and red flags would have
been triggered and the rogue’s activities halted. Any comprehensive and
working system of internal controls, checks and balances, and
safeguards would have precluded this from continuing beyond a few weeks
given the dollars (make that EUROs) involved. Such intervention
apparently did not happen! Was anyone really minding the store? It
doesn’t look like it.
Financial service entities are
traditionally inundated with systems of internal accounting control and
auditors. They are unique in that there are at least three separate and
distinct audit/ auditor forces which should function in related, yet
distinct, oversight capacities. First, there are the internal audit
teams and management committees who monitor and override potentially
damaging overzealous/ excessive individual actions/ activities.
Secondly, there are the external regulatory examiners who periodically
(at least once a year) show up to verify compliance with mandated
statutory guides and limitations. Finally, there are the outside
independent public accountants who test/ verify compliance with systems
and controls as part of their annual audits. Did all three drop the
ball here? Or, is this another case, like ENRON, where nobody was
concerned until losses surfaced?
It would appear that the individual in question somehow managed
to completely circumvent at least five distinct levels of controls and
firewalls. How was this even possible? How would he be privy to the
user IDs and individual passwords/ codes for multiple other
individuals, at multiple workstations, in multiple departments and
locations? Given the amounts and number of transactions, were there no
supervisory approvals and co-authorizations simultaneously required?
Or, verified?
It is just too convenient to saddle one rogue
individual at one institution as some isolated incident in the
unfolding drama of the worldwide breakdown of our financial system
network. I’m just not buying it. Who will be next? For how big a hit?
And… who will be ultimately tapped to “cover” the loss(es)? I’m Fred
Cederholm and I’ve been thinking. You should be thinking, too.
Writings 
Subscribe to this comment's feed
