Four rogue traders
Peter Brown reviews the lecture “The Role of Auditors in Identifying Rogue Trading” given by John Hitchins, Partner at Pricewaterhouse Coopers (PwC), for ACCA UK’s Financial Services Network.
John Hitchins has been a specialist in bank auditing and accounting throughout his career and currently leads PwC’s UK Banking and Capital Markets Audit and Business Advisory Practice. His past clients include Barclays and Nomura and he currently has the Bank of England, JP Morgan Chase and the Bank of Ireland Group in his client portfolio. He is therefore well qualified to speak about how auditors conduct their work to try, in the course of it, to uncover rogue trader situations.
The lecture focused on four rogue traders: Yasuo Hamanaka, Joseph Jett, John Rusnak and Nick Leeson. It began with a summary of each trader’s activities, together with the circumstances that appeared to have driven each of them into the rogue trader role. In each case, Mr Hitchins looked at four possible motivations: arrogance, status, fear and greed. He stressed he had no inside knowledge of any of the cases, his analysis was based on public information.
The audience was reminded that it is the directors’ responsibility to take reasonable steps to prevent and detect fraud and error and not that of the auditor. Auditors should perform their procedures and evaluate the results, recognising that fraud and error may materially affect financial statements and that audit planning should recognise this risk. Audit procedures should be designed to give a reasonable chance of detection.
Focusing on lessons to be learned from the Leeson case, Mr Hitchens quoted Leeson himself who said that at the London end of Barings: “nobody dared ask a stupid question in case they looked silly in front of everyone else.”
What should auditors do?
Auditors should address issues including:
- clarity of reporting lines
- whether management understand the products traded
- whether the products are consistent with the business strategy
- if there is a superstar trader cult.
They must also consider whether there is over-reliance on net limits, to the exclusion of other types of limits suitable for achieving worthwhile monitoring such as:
- stress testing/scenario analysis
- volume statistics/gross position limits
- funding requirements.
Other types of audit checks that can and should be routinely deployed focus around the confirmation process, records of failed trades/late settlements and the nostro reconciliations. Undue volumes in any of these controls should immediately give cause for further investigation, especially if exceptions become routine. Rogue traders often depend on exceptions being signed off as a matter of course rather than questioned. Similarly, with monitoring systems, are the valuations used independent and, perhaps more importantly, is the data used complete? Was the software being relied upon in such processes subject to rigorous testing before it was put into use?
The one key lesson for auditors is the need to understand the business. Even when an audit programme has been tried and tested, the staff using it must be sufficiently familiar with the business product in question to be able to identify the unusual case that warrants further investigation. There is one key piece of good practice: “Ask the stupid question!”.
Following the lecture, one attendee brought up the fact that a Barings internal auditor had discovered what Leeson was up to. Mr Hitchens replied that the fact that the internal auditor is ever present whilst the external auditor is not must be balanced by the greater potential for the internal auditor to be subject to undue influence. However, external auditors can and do rely on work done by internal auditors whilst retaining certain aspects of their work that they cannot delegate.
Since the lecture Justice Evans Lomb in the High Court ruled that Deloitte Singapore was liable in its audit work for Barings Futures for the years 1992 and 1993. Deloitte have commented that the findings were on technical issues and officers from Barings were responsible.
Peter Brown – Senior Executive, MHA Consulting