The Lesson of Societe Generale

(page 2 of 2)

French trader Jerome Kerviel Fred Tanneau/AFP/Getty Images

Story Tools

• post a comment
• e-mail this story
• print this story
• order a reprint
• digg this
• save to del.icio.us

Then again, even less sophisticated measures might have prevented Kerviel's alleged fraud. Société Générale might have simply programmed its computer trading systems to set restrictions on the types, size, and volume of trades that specific employees are supposed to be engaging in, says Rob Hegarty, managing director of the Securities & Investments practice at TowerGroup. "Creating fictitious trades is pretty common," says Hegarty. "There's no technology that can prevent people from stuffing the drawer." But technology can impose simple controls, he says.

While basic risk management technology is already a staple at many financial institutions, the market's financial crises are prompting firms to consider how they can use more sophisticated analytical tools. The idea is to continually comb a company's data, breaking down silos between departments to assess risk across an entire organization more effectively. "Most of the big systemic events that roil the market and that were considered extraordinary are becoming more common," says Sean Culbert, who leads IBM's (IBM) risk and compliance practice. "If your system doesn't allow you to model these events, you have a problem."

Playing Catch-up

Still, technology on its own isn't a cure-all. Late on Jan. 29, the French publications Le Monde and MediaPart released portions of a transcript from an interview that police conducted with Kerviel. The 31-year-old reportedly admits that he falsified documents and hacked into the bank's computer system to quiet suspicions by internal control units, external counterparties, and authorities about his fake trades. But he contends the bank's managers must have known what he was doing, because the volume of his trades and his profits were higher than a trader in his department typically made. "As long as we were making money and it wasn't too obvious and was working, no one said anything," Kerviel told the police.

If he's telling the truth, then even the best security software might have failed. Similarly, good technology can be no match for human shortcomings: Kerviel's actions did raise some red flags, but bank officials apparently put more faith in their employee than the warnings.

It's also worth noting that, just as antivirus software is better at defending against known threats than new hack attacks, today's risk management software may not be prepared to detect new modes of fraud or the next big market frenzy after the subprime mortgage fiasco. And as history shows, there will always be more.

Green is an associate editor for BusinessWeek .