How to lose $7.2bn with just a few Basic skills

SocGen: it could've happened anywhere - and still might


Special report As I swept through Kent and Calais on a Eurostar last week, the financial markets again threw some entertainment my way in the shape of the SocGen debacle.

My last Reg piece explained that the credit crunch was partly fuelled by VBA and that is what appears to have happened again.

However, Eurostar trains don't have Wi-Fi, and my only access to the world was a BlackBerry. So getting Kerviel's number took hours, by which time he had gone to ground. He has my mobile number if he wants a chat...

Nevertheless, in various Paris bars over the weekend, fragments of the story grew in the telling. There were a few common threads, but the consensus was not surprise that this had happened - just that it happened to SocGen, which has an enviable reputation throughout the market as a "smart" bank.

Absolutely no trader or quant has said to me "couldn't happen at my bank". A couple of sharp risk managers correctly speculated that the numbers involved would grow, and that because he had compromised the systems no honest final number would be available soon. Since it appears that it was an external source who complained about the problem, not SG risk management, this seems highly credible.

SG say it is going to sue Kerviel, but according to the lawyer I was travelling with, this could be a six year case if he makes a fight of it. His low rank meant that none of the traders seemed to know him personally, implying that the great bank had been bitten hard by a junior henchman, and he had dug himself in a hole in an attempt to claw himself up from a 75K entry level package.

Most of the media have yet to pick up on the fact that he was supposed to be an arbitrageur, someone who makes riskless profits by spotting things that have been given the wrong price. Instead he bet on prices going up and down. One idea that caused much merriment late Saturday on the Ile Saint-Louis is that his work was deemed to be so low-risk that no one looked all that hard at it.

Oh how we laughed.

Another reassuringly expensive lawyer held the underyling cause to be the "tick box" mentality, whereby every bank produces a thick "compliance manual" which no one ever reads; part of a process where people do what they are told rather than think.

Market Impact

More than one person pointed out that SocGen were likely to lose money just to get out of this mess, as banks spend good money on "market impact models"; confections of hard maths that try to avoid your bidding up prices against yourself. Also, they would be forced to offload regardless of market conditions, so this may end up more expensive than the original foulup.

Qui est cet homme?

No less a figure than the President of the Bank of France called M. Kerviel a "computer genius", which is frankly just about as silly as M. Noyer's apparently blind acceptance of the lines fed to him by SocGen. One can only speculate on what else he has swallowed in this matter. SG's CEO Daniel Bouton referred to Kerviel as a "mutating virus", to bolster the notion of a hi-tech attack by the love child of Lex Luthor and Bill Gates.

But I headhunt people for the high end of banking, and Kerviel's CV is not that of a BOFH. We have quite literally hundreds of PhDs on our books from quantum physics through exotic mathematics, incomprehensible dealings in game theory, and bleeding edge programming in F#, to cruel and unusual C++. A few have made serious money out of poker. Some are fighter pilots. In this field a bit of VBA does not impress.

But I can infer he was a superior tactical programmer because he was promoted out of the wilderness, which implies he can work hard, and so commands some respect. He might have downloaded some scareware, but the idea that he did any hardcore hacking seems like a fanciful attempt to make SG look less negligent. No one would blame a bank that was raided by heavily-armed special forces, but SG was in effect taken by the man who mends their guns.

Next page: Je pense que...

Other stories you might like

  • Has Intel gone too far with its Ohio fab 'delay' stunt?
    With construction unceremoniously underway, x86 giant may have overplayed its hand

    COMMENT The way Intel has been talking about the status of its $20 billion Ohio fab project, you would be forgiven if you assumed that construction on the Midwest mega-site has been delayed in light of Congress struggling to pass a large subsidies package that would support new American chip factories.

    When Intel delayed a groundbreaking ceremony for the Ohio manufacturing site two weeks ago out of frustration over the subsidies inaction, some headlines may have given you the impression the semiconductor giant was putting off construction entirely.

    However, an Intel spokesperson made it clear to The Register and others at the time that the start date for construction had not changed.

    Continue reading
  • Hive ransomware gang rapidly evolves with complex encryption, Rust code
    RaaS malware devs have been busy bees

    The Hive group, which has become one of the most prolific ransomware-as-a-service (RaaS) operators, has significantly overhauled its malware, including migrating the code to the Rust programming language and using a more complex file encryption process.

    Researchers at the Microsoft Threat Intelligence Center (MSTIC) uncovered the Hive variant while analyzing a change in the group's methods.

    "With its latest variant carrying several major upgrades, Hive also proves it's one of the fastest evolving ransomware families, exemplifying the continuously changing ransomware ecosystem," the researchers said in a write-up this week.

    Continue reading
  • What do you mean your exaflop is better than mine?
    Gaming the system was fine for a while, now it's time to get precise about precision

    Comment A multi-exaflop supercomputer the size of your mini-fridge? Sure, but read the fine print and you may discover those performance figures have been a bit … stretched.

    As more chipmakers bake support for 8-bit floating point (FP8) math into next-gen silicon, we can expect an era of increasingly wild AI performance claims that differ dramatically from the standard way of measuring large system performance, using double-precision 64-bit floating point or FP64.

    When vendors shout about exascale performance, be aware that some will use FP8 and some FP64, and it's important to know which is being used as a metric. A computer system that can achieve (say) 200 peta-FLOPS of FP64 is a much more powerful beast than a system capable of 200 peta-FLOPS at just FP8.

    Continue reading
  • Meta's AI translation breaks 200 language barrier
    Open source model improves translation of rarer spoken languages by 70%

    Meta's quest to translate underserved languages is marking its first victory with the open source release of a language model able to decipher 202 languages.

    Named after Meta's No Language Left Behind initiative and dubbed NLLB-200, the model is the first able to translate so many languages, according to its makers, all with the goal to improve translation for languages overlooked by similar projects. 

    "The vast majority of improvements made in machine translation in the last decades have been for high-resource languages," Meta researchers wrote in a paper [PDF]. "While machine translation continues to grow, the fruits it bears are unevenly distributed," they said. 

    Continue reading
  • Tracking cookies found in more than half of G20 government websites
    Sorry, conspiracy theorists, it's more likely sloppy webdev work rather than spying

    We expect a certain amount of cookie-based tracking on retail websites and social networks, but in some countries up to 90 percent of government sites have implemented trackers – and serve them seemingly without user consent. 

    A study evaluated more than 118,000 URLs of 5,500 government websites – think .gov, .gov.uk. .gov.au, .gc.ca, etc – hosted in the twenty largest global economies – the G20 – and discovered a surprising tracking cookie problem, even among countries party to Europe's GDPR and those who have their own data privacy regulations.

    On average, the study found, more than half of cookies created on G20 government websites were third-party cookies, meaning they were created by outside entities typically to collect information on the user. At least 10 percent, going up to 90 percent, come from known third party cookies or trackers, we're told.

    Continue reading
  • Iceotope attracts funds for liquid cooling from global investors
    Round led by Singapore's ABC Impact, which sees growing market for the technology in Asia

    UK-based liquid cooling company Iceotope has scored £30 million (c $35.7 million) in a funding round led by Singapore's ABC Impact private equity provider, which sees a growing market for the technology in Asia.

    The investment syndicate providing the funding comprises Northern Gritstone, British Patient Capital, Pavilion Capital, and an existing investor, Edinv. Also included is SDCL Energy Efficiency Income Trust, an investment company dedicated to energy-efficiency projects.

    According to Iceotope, the investment syndicate also includes nVent, a specialist in heat-management systems and enclosures. In addition to investing, nVent has formed a trading agreement with Iceotope on modular integrated solutions for datacenters, edge facilities, and high-performance computing (HPC) applications.

    Continue reading

Biting the hand that feeds IT © 1998–2022