Capco: Why rogue traders should be afraid of big ‘bad’ data
Posted: 6 January 2016 | Author: Dimitrios Geromichalos | Source: Capco
Rogue traders continue to cause catastrophic damages to banks. It’s no great surprise then that the incentive for banks to detect – and prevent – such illegal activities is extremely high. Inevitably this task is complicated by the complexity of the trading ecosystem and inventiveness of fraudulent individuals. However, recent methodologies and technologies – big data, data analytics and data science in general – provide exactly the tools needed to track, predict and prevent anomalous behavior, successfully.
Two major aspects of these technologies now enable institutions to tackle these problems:
- The capability to store and process large amounts of data. Increasing hardware capabilities and new software developments such as the open-source framework Hadoop enable banks to deal efficiently with hundreds of terabytes of data (as of 2015), including the complete monitoring of emails, voicemails and social media entries.
Effective analysis methodologies. Dozens of ‘machine learning’ algorithms based on sophisticated concepts (provided for example by SAS, Lavastorm or the open-source program RapidMiner) enable banks to detect irregularities in all types of data (e.g. text). There are two distinct classes:
- Supervised methods: The algorithms (e.g. naïve Bayes or support vector machines) enable computers to ‘learn’ to distinguish between classes based on training data sets. Teach the machine the lessons behind previous rogue trading cases and it will provide warnings with given probabilities.
- Unsupervised methods: The algorithms detect clusters and outliers without being ‘trained’. Here, computers can provide warning flags for unprecedented anomalies.
How rogue trading works and how it can be combated
How likely are individuals to commit fraud?
Designated risk/compliance employees must have a clear understanding of the types of personality that are at risk and therefore pose a threat to their colleagues, the bank, and its shareholders. They must be able to recognise people who are under pressure, unreliable or prone to taking risks. The data necessary for the identification of fraudulent personalities may come from inside and outside the organisation, and should provide a complete profile including:
- System files: Work / access patterns
- HR files: Holidays / absences, past problems
- Emails / phone transcripts / social media / forums
- Contacts and communications with other departments/companies, boastful language
Responsible employees can analyse the data using the methods described above to detect risky or unusual patterns. In this way it becomes possible to classify individuals as a risk even before they plan a fraudulent act. It might sound like ‘Minority report’ science fiction, but the tools are available now for banks who want to minimise the risk of illegal behavior long before it becomes a serious.
Improving the control framework
Typically, rogue traders exploit control weaknesses or act outside the control framework. Though a rogue trader may always find opportunities to commit fraud, controls should be kept as tight as possible to minimise the risk. The key data sources will therefore be internal and external reports, and databases of operational risk events. Analysis of big data can help detect patterns in past risk events and improve the existing control framework by closing control gaps.
Ongoing fraud traces
Ironically, the most easily analysed data comes from fraudulent activities that are already underway. Prevention is no longer possible but the data will keep damage to a minimum. In these cases – besides legal and audit data –trading, risk and market data are most relevant:
- Trade data: Positions (volume, value, VaR, P&L), risk factors, counter-parties, regions, products
- Trade handling: Settlement dates / periods, cancel / amend, confirm / control issues
Institutions can analyse the data using the methods described above to detect outliers, clusters or inexplicable patterns. Potentially suspicious signals include high volumes/risks, new trading patterns or high concentrations of trades.
How can these methodologies be applied?
Firstly, responsibility for the rogue trading prevention must originate directly from the bank’s management who need to define a rogue trading risk strategy with clear policies, guidelines and responsibilities. The strategy must also determine the degree of the security level and privacy protection the bank is obliged or willing to take.
The risk/compliance employees responsible for the strategy development must acquire a thorough understanding of how rogue traders work and what data sources and risk indicators can help detect such activities. They must design ‘modi operandi’ of possible fraud approaches (e.g. control bypass, loss hiding or kickback schemes) and use them to ‘train’ supervised algorithms. Their fraud detection models must also validate unexpected patterns provided by unsupervised algorithms.
To use these models in a production environment, project teams must define relevant data sources as well as suitable validation, supply and model-update processes. They need to develop an early warnings system that provides a trader-based view of possible risks. The results must be appropriately reported to the management.
Conclusion: A better way to protect shareholders and employees
Rogue trading is one of the major risks banks are facing today. Recently developed technologies enable early detection of fraudulent activities and prevention before they occur. Despite disadvantages like significant implementation efforts required and privacy protection issues, banks have begun implementing fraud prevention systems and procedures in order to safeguard bank employees, protect shareholders from severe losses, and minimise reputational risks. Earlier this year JP Morgan, for example, introduced trader surveillance based on algorithms initially developed for anti-terrorism purposes, hiring 2,500 compliance employees and investing $730 million in the project. Given that several high profile rogue trading cases recently resulted in billions worth of damage and reputation ‘injuries’, such an investment is not unjustified.