The NAIC’s Capital Markets Bureau monitors developments in the capital markets globally and analyzes their potential impact on the investment portfolios of US insurance companies. A list of archived Capital Markets Bureau Special Reports is available via the index
Insurance Companies’ Highly Controlled Use of Derivatives Has Also Resulted in Protection from the Rogue Trader Problem
Unauthorized trading scandals — commonly referred to as “rogue trading” — have been occurring periodically in financial markets in recent years. While the institutions that have been the victims of these schemes claim to have devoted considerable resources in an attempt to avoid this problem, these schemes continue occurring with a disturbing amount of regularity. The most recent scandal, involving Kweku Adoboli at UBS, cost UBS $2.3 billion in losses that were incurred on unauthorized trades. There is a line of similar scandals that have occurred over the years, at least one of which resulted in the failure of a major financial firm.
The question of why these scandals keep occurring despite the efforts of the firms to avoid them remains an interesting one. Firms have primarily attempted to limit these occurrences by improving compliance controls through the addition of more and better systems and staff. Examples of improvements that can be made are post-trade functions of valuations and collateral management, which can benefit from operational and technological improvements. One of the most important improvements is a robust and transparent valuation process, especially for over-the-counter derivatives that are hard to value and have no published daily exchange price that can be used for valuation purposes. However, the valuation of derivatives is always a challenge, especially for those that are out of the mainstream or have unusual or complex terms. Banking rules recommend that trading and other bank staff take a consecutive two-week mandatory vacation. The idea is that, over that time period, other individuals in the organization will have an opportunity to come across any unauthorized trades in the normal course of business.
However, these improvements might not always be sufficient. For example, UBS had a previous unauthorized trading problem in its London office during 2006 and 2007, for which the United Kingdom’s Financial Services Authority fined UBS its third-largest ever fine for systems and controls failures. UBS attempted to improve its systems and controls after this situation, but a much larger problem occurred only a few years later in the same office.
We believe that there are specific characteristics leading to the emergence of rogue trading situations. In this article, we discuss these characteristics and how they contribute to the occurrence of the problem.
The interesting question also arises regarding the fact that no meaningful rogue trading problem has been reported in the insurance industry. This is despite the fact that the insurance industry is large, manages a significant book of assets and liabilities, and, in some cases, enters into numerous transactions daily. Insurance companies with an active derivatives program typically include it as part of a hedging program, and the derivative transactions are defined by the needs of the hedging program, not the market views of the derivatives trader or other considerations. In this case, a derivatives trader is part of a larger risk-management organization and is not a profit center trying to maximize its reported profits. Consequently, the dynamics of these two different situations are very different.
We believe that the absence of this issue in the insurance industry is not merely a lucky coincidence. The absence of the rogue trading problem with insurers is, instead, the result of specific insurance company characteristics and the state-based insurance regulatory framework. While the continuing future absence of such scandals in the insurance industry is in no way preordained, we believe that rogue trading is unlikely to become a meaningful problem in the insurance industry due to the following factors.
What is a Rogue Trader and Why Do We Care?
Every few years, if not more often, a new story surfaces of a rogue trader who has caused large and unexpected losses for a financial institution or corporation. The media becomes full of stories describing what happened to cause the problem, which trader did it and how the fraud was accomplished. Typically, the trader’s aggrieved employer says that, despite its herculean best efforts and controls, somehow the trader outwitted all of these combined efforts. The trader instead entered into unauthorized trades that eventually incurred a substantial and unauthorized loss for the employer.
Typically, the trader is employed by a bank or securities dealer. As detailed in the following table listing the 10 largest rogue trading losses of all time, only two of these cases did not occur at a financial institution where the rogue trader was in a primarily trading position. In such a trading heavy position, the rogue trader has the opportunity to engage in numerous trades, and, therefore, has a considerable ability to hide improper trades in the midst of many authorized trades. In the two remaining cases, the traders worked for firms heavily involved in physical commodity supplies (copper and jet fuel).
Types of Rogue Trades
Each rogue trading situation is unique, given its circumstances and the proclivities of the perpetrator. Nonetheless, we can still discuss some common themes that can be found in the development and operation of such a scheme.
(1) Hiding trades: Probably the simplest of all approaches, when viable, is to hide trades as long as possible from the victim. To hide a trade, the trader must be able to keep the trade from being recorded in the institution’s financial processing system for a period of time. This can be successfully accomplished only when the institution is not required to make a payment or take some other action shortly after the trade is made. Examples of cases where it might be difficult to hide a trade are when initial collateral must be posted, variation margin payments must be made, and final settlement takes place. One alleged case where this happened was a mortgage trader at Merrill Lynch in 1987 by the name of Howard Rubin. He was reported to have hidden certain trades from the firm and, by the time they were discovered, the firm had lost $250 million, one of the largest trading losses in Wall Street history at that point in time.
(2) Weaknesses in the financial reporting system: Another approach is to identify weaknesses in the company’s financial reporting system than can be manipulated to the trader’s advantage and then take advantage of these issues. An example of this is Joseph Jett, a trader at Kidder, Peabody & Co. during 1994. Jett entered into complex trades that the financial reporting system incorrectly determined were profitable to the firm when they were not. These trades were forward reconstitutions of U.S. Treasury bonds using Treasury STRIPS (separate trading of registered interest and principle securities). While these trades never had the possibility of being profitable due to their complexity and errors in the financial reporting system, it was believed for a considerable time period that these trades were profitable. Kidder, Peabody & Co. said that it lost $75 million on these transactions.
(3) Misappropriation of assets: A third fraudulent activity can be the misappropriation of assets used to facilitate improper trading activities. The situation at MF Global Holdings Ltd., which has received much press in recent weeks, started as a possibly questionable and aggressive trading strategy, but, based on publicly available information, it was appropriately initially authorized. However, over time, as the trades turned “bad” and lost hundreds of millions of dollars, MF Global may have begun to illegally use customer assets to support the losing trade. While the precise details of this situation remain unclear, the firm is now said to be missing at least $1.2 billion in customer-owned assets, which may have been lost in supporting the firm’s trading positions. A similar situation occurred in the Daiwa Bank case, when U.S. Treasury bonds were misappropriated to cover losses occurring on unauthorized trades.
(4) Breakdowns in separation of duties: One of the most important rules in stopping unauthorized trading is a thoughtful separation of duties in the trading and financial reporting process. A cardinal rule is that a trader should not also have financial reporting or clearance responsibilities for his/her own trades. When these overlaps occur, they are an open invitation for fraud. Examples of this were the case with Nick Leeson at Barings Bank and Toshihide Iguchi at Daiwa Bank. The ability to both trade the book and control its reporting enabled both of them to run unauthorized trading schemes for a prolonged period of time.
(5) Bogus trades: Often, rogue traders will say they have entered into nonexistent trades (called “bogus trades”) for a variety of purposes. One reason to have a bogus trade is to make it look as though the trader’s book is better hedged than it really is. A good example of this approach is John Rusnak of Allfirst Financial. He reported the existence of bogus currency option trades that, in actuality, never took place with counterparties. These bogus option positions made it look as though his book was balanced, although, in fact, it was not. Rusnak incurred $691 million in currency trading losses for his employer before the fraud was discovered.
The Use of Derivatives in Rogue Trading
Often, these unauthorized trades and their associated losses are in connection with positions in some form of derivatives contracts. Of the 10 largest rogue trading losses of all time, all but one case was primarily or heavily related to some kind of derivatives trading.
In the sole non-derivatives case (Toshihide Iguchi), the trader eventually confessed his losses to his Daiwa Bank superiors regarding 11 years’ worth of unauthorized trading in U.S. Treasury bonds that resulted in $1.1 billion in losses. However, at that point, bank management asked the trader to remain silent as the bank attempted to conceal the loss. Five months later, Daiwa Bank was forced to plead guilty to 16 counts of federal felony charges, and paid a $340 million fine to the U.S. government, the largest criminal fine in history, and was required to stop doing business in the United States. In this scandal, Iguchi made 30,000 unauthorized trades in U.S. Treasury securities in an effort to offset losses he had incurred. While trading, he simultaneously had back-office responsibilities, making the scandal feasible.
The types of derivatives involved in these transactions included a variety of different derivatives: equities, foreign exchange and jet fuel, and consisted of both futures and options. The specific types of derivatives involved in each case depended primarily on the specific market with which the trader was actively involved.
The most recent rogue trader case is that of Kweku Adoboli, who recently lost $2.3 billion on unauthorized trades. However, he is but one case in a long line of rogue trader stories. Other traders having been accused of similar unauthorized activities in the past, including Jérôme Kerviel at Société Générale, who lost the bank an astonishing $7.1 billion; Nick Leeson at Barings Bank, who caused the failure of the more than a century old institution through unauthorized trading; and Yasuo Hamanaka of Sumitomo Corporation of Japan, who lost $2.6 billion in copper trades. These are but a few names from a long list of traders who evaded their employers’ controls and entered into unauthorized trades, resulting in substantial unauthorized employer trading losses.
Each rogue trading situation is unique, but they do have certain common characteristics. The most recent one, Kweku Adoboli, according to press reports, was supposed to have taken only modest market positions in his position on UBS’ “Delta One” trading desk that facilitated client requested trades. Delta One is an industry term used to describe the trading of a class of financial derivative that have no optionality and, as such, have a delta of (or very close to) one; that is to say that, for a given percentage move in the price of the underlying asset, there will be a near identical move in the price of the derivative. These products include equity swaps, forwards, futures and exchange-traded funds (ETF).
Adoboli was not supposed to take meaningful trading positions. According to the New York Times, Adoboli worked in UBS’ European equities division, and focused on ETFs, or baskets of securities that aim to track a specific stock index or commodities. It is reported that Adoboli’s long and short positions were supposed to be closely balanced, with little expected gain or loss regardless of the direction of market movements. Consequently, a major loss by a trader in a low-profile position such as his was particularly unexpected at UBS. However, Adoboli had extensive back-office experience at UBS, so he had extensive expertise on how he could successfully evade UBS’ trading controls. This is highly valuable expertise for a trader desirous of evading the firm’s trading limits. It is also highly dangerous for the firm, because a trader with this knowledge might be able to skillfully avoid the firm’s back-office procedures and controls, substantially raising the likelihood that the trader might be able to avoid the firm’s trading controls long enough to result in major problems for the employer.
In another instructive example, Nick Leeson began his career at Barings Bank after first having been denied a broker’s license in the U.K. because of fraud on his license application. According to reports, Leeson initially made unauthorized trades on Nikkei 225-related derivatives contracts in Singapore that were highly profitable for Barings, so the firm had reason to suspect the activity.
Barings also allowed Leeson to both trade for his account, and to also simultaneously have responsibility for settling his own trades. But Barings management did nothing, even after an internal memo warned about the risk of him being simultaneously a trader and settlement officer: "We are in danger of setting up a system that will prove disastrous." These dual functions should always be done by two different people as a control measure. Instead, his dual role made it much easier for Leeson to hide losses from his superiors for a sufficiently lengthy period. In the end, Leeson’s trading losses reached $1.4 billion, twice the bank's available trading capital, and resulted in the firm’s failure.
It seems that losses are noticed far more quickly than profits, given their impact on the company’s financial statements; hence, the rogue trader’s desire to keep trading losses off of the company’s reported financials as long as possible, if and when they occur. Consequently, these rogue trading losses often appear, only when they become too large hide.
Why are Insurance Companies Different?
Insurance companies are major financial markets participants. They are also often significant derivatives users, although still small relative to the overall size of the various derivatives markets. The question then naturally arises: Why have insurance companies been conspicuously absent from the list of rogue trading scandal victims?
Given the frequency of these issues at other major financial institutions and market participants, why have insurers not had a problem similar to those found in other financial institutions? What institutional factors that cause rogue trading scandals to occur at other institutions do not exist at insurance companies? While it is not possible to say definitively why something does not occur, we believe that there are indeed logical reasons why insurance companies have been spared this problem to date. Below we discuss seven factors that we believe can help explain the reasons that rogue trading has not been a meaningful issue for the insurance industry.
Regulation: Insurance companies are subject to strict and detailed regulations regarding the permitted use of derivatives. These requirements include the submission and prior approval of a derivatives use plan (DUP) to the company’s domestic state insurance department, which serves as the insurance company’s primary regulator. The regulatory derivatives controls for an insurer can be quite strict. The NAIC Derivative Instruments Model Regulation (#282) sets standards for the prudent use of derivative instruments by insurance companies. It requires insurance companies to establish written guidelines for transacting in derivative instruments. Internal control procedures must be outlined, describing elements such as the monitoring of derivative positions and the credit risk-management process. These guidelines and procedures are typically set forth in a DUP.
For example, at a New York state-domiciled insurer, the insurer's board of directors (or a committee thereof) is charged with the responsibility for supervising such investments. This committee must (a) authorize the transactions; (b) ensure that all individuals conducting, monitoring, controlling and auditing derivative transactions are suitably qualified and have appropriate levels of knowledge and experience; and (c) approve a DUP outlining how these transactions will be conducted. If these determinations are made by a board committee, the minutes of the committee reflecting these determinations must be recorded and a report must be submitted to the board of directors for its review at the next meeting of the board.
In addition, most of the states’ insurance laws have specific requirements related to the use of derivatives. Generally, the use of derivatives is limited to three objectives: (1) hedging; (2) income generation; and (3) replication. Each of these three objectives comes with its own set of associated regulatory and detailed reporting requirements. In some cases, an insurer may also be permitted to use derivatives in its investment “basket.” However, investment baskets are strictly limited in size.
The detailed insurance company reporting requirements are especially important, because the detailed level and public nature of this reporting would greatly complicate the efforts of a rogue trader at an insurance company to keep these activities hidden. The investment transactions of an insurance company are highly transparent, including its derivatives transactions. At an insurance company, all transactions — regardless of term and including intra-period transactions — must be reported in detail, and this transaction reporting becomes information in regular publicly disclosed regulatory filings. This extraordinary level of trading information transparency is nearly unheard of in almost every other form of financial institution. Given these complications, it would seem unlikely that a rogue trader would voluntarily elect to use an insurance company to book unauthorized derivatives trades. However, it remains possible that a non-insurance entity in the same group might be used for this purpose.
Compensation: A common theme in rogue trading scandals is that the trader at the center of the scandal believes that he would be favorably compensated for earning a significant trading profit for his employer. Once the trader believes this is the case, the trader could have a considerable incentive to engage in any form of activity generating meaningful profits for his employer. Obviously, the vast majority of traders working in such an environment know better than to cross the line into unauthorized trading, despite their incentive structure. However, as with most rules, there are always those individuals that take the opportunity to cross the line into inappropriate behavior if it might benefit them. If and when the trader has crossed the line, and if his trades have gone bad, the trader may have considerable incentive to attempt to reverse the loss before it is discovered and appropriate disciplinary action is taken. Insurance reporting and valuation play a significant role here, because every trade is publicly reported. And, while the market values for positions are reported, not all derivatives are marked-to-market for financial statement purposes.
A leading factor protecting insurers from rogue trading is the expectation that trader compensation at insurers is rarely designed to incentivize trading profit maximization. In addition, the compensation of insurance investment professionals is structured much differently than that of a trader at a bank or broker-dealer. Therefore, the insurance company trader has little incentive to engage in unauthorized trading activity in an effort to boost reported profitability. While external investment managers are also used by insurance companies, it is our belief that this is unlikely to add meaningful additional rogue trading derivatives risk to the client insurer. First, external investment managers are predominantly used by medium-size and smaller insurers. Second, the use of derivatives is heavily skewed to the largest companies in the industry. The combination of these two factors would indicate that the potential for a rogue trader should be small in this venue. Third, external managers are rarely compensated for trading profits per se, but are more focused instead on other performance metrics, such as relative investment performance. So, again, we think it would be unlikely for external managers to be the site of a derivatives-based rogue trading problem.
Trading volume: It is much easier to hide a few unauthorized trades in between a large volume of authorized trades, such as those occurring at an active broker-dealer. A handful of unauthorized trades could go unnoticed if they are carefully sprinkled in between dozens of legitimate, authorized trades. Consequently, a trader at a volume shop (such as a broker-dealer or market making desk), might have considerably greater opportunity to disguise trades in a high-volume trading environment than does the insurance company trader in a low-volume environment. In a low-volume environment, such as an insurer, it becomes much harder for one or more unauthorized trades, and especially a large number of them, to go undetected, making it much harder to engage in unauthorized trading without it being rapidly identified as such.
Profitability: Broker-dealers routinely attempt and expect to earn a significant portion of their operating income via trading and realized gains. The reporting of trading gains and losses is expected in the ordinary course of business. Consequently, at a broker-dealer, a rogue trader making a profitable (or unprofitable) trade might not be immediately identified as such. This would permit the activity to continue for an indefinite period, until the problem is identified and stopped, possibly not until a large loss occurs. In contrast, the vast majority of investment activity at most insurers is intended to generate investment income, rather than realized trading gains. Consequently, the realization of significant and regular trading gains (or losses) coming out of a single trader’s activity would likely trigger considerable scrutiny long before a major unauthorized loss occurred. Because most insurance companies’ use of derivatives is for hedging, other activity would be quickly noticed. And, with effective hedging, the financial reporting for both the hedge itself as well as the hedged item is combined, so there should be no profits to be reported benefiting the rogue trader.
Financial reporting: At an insurer’s trading desk, the financial reporting process is relatively simple. Positions are carried on the books and marked-to-market daily. If, somehow, the trader manages to corrupt or entirely evade the employer’s relatively simple unidimensional financial reporting system, the trader might have the opportunity to have the unauthorized trades remain undetected for a considerable time period.
In particular, statutory reporting contains detailed requirements regarding transaction reporting. Rogue trading is more likely to become a problem in a market where transactions may not be cash settled in a short time period, such as for some longer-term derivatives contracts that are not marked-to-market on a regular basis. For derivative transactions, just a few of the trade details that must be reported on the insurer’s Schedule DB include the trade date, description, trade size and counterparty. This information must be regularly submitted by the insurer to its domestic insurance regulator. This includes all trades, including those that are opened and closed during the same quarterly reporting period. The report, along with all of its details, also becomes a public document subject to inspection by the public. The combination of regulatory reporting, as well as the public nature of this reporting process, makes it exceptionally difficult for rogue trading to occur in an insurance company environment. This is particularly true for rogue trading schemes that may evolve and grow slowly over time, becoming a significant problem only with the passage of a considerable amount of time.
Counterparties: A trade at an insurance company, as a “buy side” client, always has an external counterparty on the other side of the trade. In a few cases, insurers may “cross” a trade internally without the involvement of an external party, but this would be a rare occurrence. Even then, trade tickets and the normal accounting process would still be required at the insurer to appropriately keep track of the transaction. However, at a broker-dealer, it is more common for a transaction to be internal to the firm without the involvement of an external third party. Once the transaction involves an external counterparty, the ability of the trader to keep the transactions from being detected and outside of the normal financial reporting process becomes more challenging and unlikely, making rogue trading difficult to accomplish in an insurance environment.
Confirmations: Trade confirmation is a process whereby the two parties to a transaction formally compare the details of an agreed-upon transaction to confirm that the trade is mutually and identically understood by both parties. Through the use of the trade-confirmation process, trade discrepancies or misunderstandings should be quickly identified and, ideally, rapidly resolved. The details of the actual trade confirmation process itself can vary, depending on the specifics of the transaction. In some cases, especially where both sides of the transaction are internal to the same institution, the confirmation process may not function as it normally would, thereby giving the rogue trader an opportunity to “game” the system. Additionally, it has been reported that not all transactions are immediately confirmed with the counterparty, again giving the rogue trader room to take advantage of the system until the trade is to be confirmed. This lack of trade confirmations that permit trades to be hidden for a meaningful time period is what happened in the Kweku Adoboli case, allowing him to run up a large loss position before it was recognized by UBS.
In an ideal trade confirmation environment, the confirmation is a highly automated process, facilitated by an external vendor that can verify a trade’s authenticity and correctness by comparing matching trade information submitted by each party to the trade.
The rogue trader will, by necessity, need to identify methods to manage the employer’s confirmation and compliance system so as to be able to implement the unauthorized trading scheme without being caught. An important part of the effort might be to identify a method for getting an unauthorized trade confirmed with the trade’s alleged counterparty without triggering compliance alarms.
Alternatively, the trader’s objective may instead be to enter fake trades into the system that never really occurred so the system will think these trades actually occurred with a counterparty, thereby offsetting some other risk on the trader’s book. In a case like this, the rogue trader would not want the trade confirmed, because, obviously, there is no counterparty available for confirming the trade. In this case, the trader would want to identify a method to keep the trade from going through the trade-confirmation process. To do this, the trader might try to find a counterparty or product for the trade that does not use the normal confirmation process. That way, the trader can attempt to keep the trade from entering the employer’s normal recordkeeping system for an extended time period.
In both cases, the rogue trader manages the trade-confirmation process to his benefit. Manipulation of trade confirmations is inherently harder to successfully accomplish in an environment such as an insurance company, where almost every trade has an external counterparty and trades are expected to be confirmed with the counterparty as a matter of course. However, according to the Financial Times, a trader such as Kweku Adoboli could take advantage of the fact that, for certain European ETF transactions, trade confirmations are not issued until after trade settlement has taken place. Market practice also permitted UBS to receive payment for a trade before the transaction was confirmed and possibly entered into the trading system books and records. Kweku Adoboli took advantage of this situation to implement a trading scheme that allowed him to evade detection for a considerable time period. U.S. insurance companies are typically not involved with the ETF market. Even more important, when they are involved, their involvement is as a normal ETF holder, not as an ETF sponsor or authorized participant involved in the ETF creation process (the areas with which the problem with Kweku Adoboli occurred).
A Checklist of Control Deficiencies that Can Lead to Undetected Unauthorized Positions
As we have seen, a company having adequate and well implemented controls is a vitally important defense against unauthorized trading activities. It is difficult, if not impossible, to have major problems arise if an institution has well developed and implemented controls. Crowe Horwath LLP has developed the following checklist, which can be used to review the control procedures at insurers. If any of these deficiencies are identified at the insurer, they should be rectified as soon as possible in order to minimize the likelihood of the occurrence of an unexpected trading problem. While any of these issues is, of course, of concern, combinations of more than one can be especially problematic and should be the focus of a meaningful amount of attention to ensure that nothing improper could be occurring at the institution.
While we certainly will not say that insurers are exempt from the risk of unauthorized trading and resulting unexpected trading losses, we do believe that there are sound reasons why this has not been a significant issue to date for the insurance industry.
Questions and comments are always welcome. Please contact the Capital Markets Bureau at CapitalMarkets@naic.org.
The views expressed in this publication do not necessarily represent the views of NAIC, its officers or members. NO WARRANTY IS MADE, EXPRESS OR IMPLIED, AS TO THE ACCURACY, TIMELINESS, COMPLETENESS, MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OF ANY OPINION OR INFORMATION GIVEN OR MADE IN THIS PUBLICATION.
© 1990 – 2016 National Association of Insurance Commissioners. All rights reserved.