Forensic Compliance

Better surveillance and back-office systems could keep your company from going the way of Barings. Jay Biancamano, head of derivatives compliance at Chemical Securities, explains all.

You arrive at your desk in the structured securities group at 7:15. Still half asleep from a late night, you fumble for the switch on your Gateway. The usual jumble blurs in front of you on the Reuters screen. Suddenly, a headline flashes across: National Velvet Files Suit Over Unauthorized Derivatives Trading. It seems some derivatives trader at Velvet was doing a series of wild trades with several derivatives shops.

You are now wide awake. Velvet was your counterparty on a series of OTC equity swaps and options. As manager of the derivatives group, you signed off on those trades. Sweat starts trickling down the back of your neck. Suddenly you remember bits of a conversation you had with your director of compliance a few months earlier about Velvet. Think, dammit, think. compliance noticed that some of the Libor quotes on Velvet's term sheets were 50 basis points off the historical quotes from his Reuters screen. You told him you didn't have time for the conversation and blew him off. Wait, wasn't there a memo? After a mad scramble through your papers, you uncover the letter. After compliance's investigation, the credit department lowered Velvet's limit and the trading stopped. Compliance saved your ass. This time.

A gin-induced hangover fantasy? Hardly. Managers at a number of top tier Wall Street firms have become increasingly familiar with this frightening scenario. While derivatives trading has exploded over the past few years, many houses have failed to allocate enough money-or manpower-to adequately police this growing business. These days, less than one percent of a compliance department's efforts involves flagging traditional regulatory violations. Compliance's new role is protecting the firm's franchise from litigation, regulation and the adverse publicity that usually follows.

That's a particularly difficult assignment, given that firms often have operations in far-flung markets like Asia and Latin America-markets that tend to defy close inspection. While the merits of creating a derivatives compliance department are pretty obvious, actually setting a program up can be a daunting task. Thankfully, there are some simple steps to follow.

Eye in the Sky

The cornerstone of any good compliance program starts with surveillance. To some, surveillance may smack of Big Brother and CIA operatives gone bad, but the fact is, investment banks have been using surveillance techniques to monitor equity, fixed income, and employee trading for decades. Without surveillance, it's difficult to know exactly what's being traded. Without knowing what's being traded, it's impossible to monitor exposure. And monitoring exposure is what derivatives compliance is all about.

A company can choose a before or after approach to surveillance. The former, known in the business as procedural surveillance, is done to stave off problems before they start. It is intended to monitor a business on a timely basis. Ad hoc surveillance, usually done in response to a debacle, regulatory request or customer litigation, comes after the fact. By then, it may be too late.

Procedural surveillance can be as simple as running a confirmation listing of all the trades executed by a particular business unit, or a review of trade tickets for all units at the end of the day. By reviewing each transaction, a company's managers may discover all sorts of shenanigans, from the minor to the more serious. A ticket review, for example, might uncover a salesman who does a lot of basis trades with a particular account but neglects to write the account number on the ticket. Under questioning, the salesman says he's dealing with a money manager in Tokyo who is going to fax the account numbers in the morning. Cue the red flags.

Simple confirm and ticket reviews and other procedural surveillance techniques can be a cumbersome and primitive way to police a diverse and complex market. Although reviews may require compliance officers to inspect 200 or 300 tickets a day, they uncover problems at the source. They also force a company's managers into the middle of the action, where they can see who is doing what, with whom and how much.

Where's the Ticket?

In some cases, however, tickets in the traditional sense don't even exist. In typical OTC broker-to-broker trades in the FX market, traders enter the size and broker counterparty into their blotter, but not any other important information like the time or the ultimate identity of the broker's customer. In complicated swaps, a compliance officer may see a term sheet but be unaware of all the associated pieces of the transaction. An index swap linked to the return of CAC 40, for example, may be closely linked to transactions involving a yen payment or an FRA, but a compliance officer may be unaware of them unless he gets on the phone and asks the right questions.

Compliance officers often use other surveillance tools to track specific trades. Trade reports designed specifically for compliance typically focus on specific problem areas. A "cancel and correct" report, for example, will list all trades that have been altered after the trade date. Although these specialized runs are often the most expensive parts of a surveillance program and can require months of costly programming, they are usually the most useful and effective in rooting out discrepancies.

When investigating a potential counterparty, a compliance officer carefully checks that company's positions. If the firm is doing swaps in everything from metals to corn, he looks at their positions. Do they have exposure in these markets? He may investigate their past margin calls, and see how they were met. He may look at other companies' positions to see if they are similar to those taken by the potential partner. If he's good, he'll make sure he has all his ducks in a row before approaching the firm's trader and salesperson so he doesn't waste their time with half-baked suppositions.

After the Fact

Ad hoc surveillance requires a different approach. In fact, going back in time to figure out what happened presents the biggest challenge a compliance officer can face. Take the case of the Orange County pension scandal. A compliance officer's first job would have involved getting every account in the company's database with the words "Orange County." That would have pulled up all counties in the U.S. with that name. After a careful check of the paper output, he would have ordered a run for "Orange County, California." Subsequent searches would screen for product type, individual account, date and for specific instruments like swaps. Only then would a company be sure of knowing exactly what high-leverage swaps it had done with Orange County's treasurer.

Good systems are particularly important for ad hoc surveillance because they enable managers to access vital information at a moment's notice. If the SEC calls, or the attorney general's office, a company needs to have the right numbers. Looking incompetent does not strengthen anyone's case.

The best source of information for compliance officers is the firm's back office systems. In efficiently run firms, this information is usually available from other departments in one form or another. After all, accountants, controllers and risk managers need to see the same information a compliance officer is looking for-albeit for different reasons.

In most cases, it's simply a matter of taking the time to sift through and organize the information that's available. Risk managers, for example, may have a run showing exposure by product. Controllers might have a run that lists calls and deficits. Accounting probably has a daily run showing profit and loss. Although existing data may not provide all the answers, it can dramatically reduce start-up costs for a fledgling compliance department.

Although this access to back office trade data is invaluable, auditors also need phone records, e-mail, faxes, and letters that may provide other clues to potential problems. This information should be readily accessible-and a good auditor should have no trouble tracking it down. If he does, this may be a sign that something is not quite right.

Compliance's Greatest Hits

While many companies have not yet gotten serious about forensic compliance for derivatives, others have spent considerable sums on surveillance systems to track trades. Here are some of the more popular runs:

Position Variance: Tracks daily positions in customer and firm accounts and highlights significant changes over a specific time using a bar graph.

Basis Trade Report: Usually monitors non-financial trades such as energies and metals. Shows either exchange-for-physical transactions or options-on-physicals.

Cancel and Correct: Detects trades with improper valuations, allocation problems and other unusual activity.

Position Aggregation Report: Monitors open positions in customer accounts and aggregates total net exposure by product.

Options Exposure Report: Calculates daily exercise exposure reports on all options.

Swap Netting Report: Lists outstanding swaps, including net payments.

Suitable Report: Flags trades in issues not suitable or appropriate for a particular counterparty.