Trolling ‘Big Data’ to Find Rogue Traders

The line-up of rogue traders continues to grow. Big data may help curb that.

The latest convicted of unauthorized activity: UBS trader Kweku Adoboli, sentenced last week to seven years in prison for his role in the biggest fraud in British history. The Ghanian-born Adoboli, a senior trader on the Swiss investment banks’s ETF desk, was found guilty in a jury trial involving $2.3 billion in losses for his employer.

UBS did not escape penalty, either. Britain’s Financial Services Authority fined UBS $47.5 million on Monday

Which is where smart use of big data, in preventing unauthorized activity comes in.

Cataphora of Menlo Park, Calif., is in the in the business of determining insider threat risks such as fraudulent trading, for instance. It uses big data to model employee behavior. and shows a contextual relationship between data — email, spreadsheets, instant messages, phone calls, voice mail, tweets, Facebook status updates, expense reports and the like. It builds a digital character for each employee that is mapped against a model of the organization’s normal behavior. The result: deviations from normality are detected.

Had UBS or Societe Generale been using this software, it might have red-flagged the deviant trading patterns well before they morphed into mega looses, chief executive Elizabeth Charnock argues.

The Cataphora model develops a baseline of organizational behavior and then measures any deviations from the established norm. Here are some red flags that Cataphora claims could be used effectively to curtail fraudulent activities.

1. Consistency of routine. This is a methodology in threat profiling that indicates some sort of stress, distraction or disgruntlement. “It might be something as relatively innocuous as someone e-mailing a colleague to borrow a few quid,” says Charnock.” Or, if a particular individual, who is generally very calm, suddenly shows signs of emotional instability by ranting on Facebook, this may be a sign of trouble.

2. Consistency of channel. This is generally indicative of a desire to avoid leaving a written record. If, for example, a series of emails or IMs that indicate that communications were frequently taken offline, possibly in an attempt to avoid creating an electronic data trail, it might be a red flag if you’re using a data-driven model where this is recognized as anomalous behavior, but overlooked as unimportant in a rules-based approach. In some instances, rouge traders.

3. Centrality. This relates to the employees overall sense of engagement, or lack thereof, in the organization. In the case of Dawai Bank, its rogue trader based in New York operated almost completely on his own. Using a trading system he had created and operating largely unsupervised, he made 30,000 fraudulent bond trades. “We really believed in him,” Akira Fujita, Daiwa’s president, said at a news conference at the bank’s headquarters in Osaka. “He created a system where he was in charge of everything.”

4. Consistency of hierarchy. In the Nick Leeson case in 1996, management at Barings Bank allowed him to remain Chief Trader in Singapore while also being responsible for settling his trades, jobs usually done by two different people. This made it much simpler for him to hide his losses from his superiors.

5. Consistency of how time is spent. This is violation or deviation of established pattern In both electronic communication and real-world activities.

Typically, any of these deviations that seem risks to security are reported to either risk management or human resources, Charnock says. They subsequently decide whether or not to take further action.

In the UBS case, for instance, Adoboli admitted to trading far in excess of authorized risk limits and making false book entries to hide his true positions. His risk exposure peaked at $12 billion on August 8, 2011. The desk’s authorized limit at the time was $100 million intra-day and $50 million over night.

In an earlier case, Jerome Kerviel, a rogue trader at the French bank Société Générale, caused $6.7 billion of losses in 2008.

In 1996, Leeson, perhaps the most famous of the rogue traders (a movie was made based on his experiences), racked up over a billion dollars in losses, while operating afar, causing the 233-year-old Barings bank to collapse. Leeson was sentenced to six-and-a-half years in prison for destroying Britain’s oldest investment bank, which included the Queen among his clients.

These traders and others such as Toshihide Iguchi, who lost $1.1 billion through unauthorized bond trading for Japan’s Daiwa bank, have much in common. All were in their early 30s at the height of their fraudulent activities. All had started in the unglamorous back offices so they knew IT and compliance and office procedures and how to circumvent them as they repeatedly doubled down to try to make up their losses. “And all of them were outsiders,” notes Charnock.

Kerviel, as example, was a relatively unsophisticated provincial serving in an elitist Paris bank. At Barings, long the domain of, bowler-hated Oxford graduates, Leeson had never attended university and favored baseball caps.

“These were not malicious people, but as outsiders they desperately wanted to prove themselves,” says Charnock. “They didn’t necessarily think of what they were doing as stealing.”

“To me it was only a violation of internal rules,” Iguchi said from prison. “I didn’t set out to rob a bank.”