How Did UBS Lose $2 Billion?

Investment Trader Arrested, Linked to Unauthorized Trades
How Did UBS Lose $2 Billion?
While details are scarce surrounding the $2 billion loss Swiss bank UBS announced related to unauthorized trading, some news reports speculate the loss is likely connected to internal fraud.

"The matter is still being investigated, but UBS's current estimate of the loss on the trades is in the range of USD 2 billion," UBS says in a statement. "It is possible that this could lead UBS to report a loss for the third quarter of 2011. No client positions were affected."

BBC News reports London City Police have arrested a 31-year-old on charges related to fraud by abuse of position. UBS has not confirmed any connection between that arrest and Kweku Adoboli, a 31-year-old UBS director who oversees electronic funds transfers and Delta One trading for the investment bank. A UBS spokesperson did tell CNBC, "I can confirm that an employee of the bank was arrested in London in connection with the statement."

Jennifer Bayuk, ex-CISO at former U.S. investment bank Bear Stearns & Co., says we can only speculate at this point, but it seems UBS' unauthorized deals were not accidental. "You can't have someone arrested for violating your policies," says Bayuk, now a professor at Stevens Institute of Technology. "The question is, 'What did he do, and was there a policy that would have prevented the activity? Was that policy enforced?' At this point, we don't know what activity contributed to the loss and if that activity was actually part of his job function or not."

Shades of Societe Generale

The UBS incident appears hauntingly familiar. In January 2008, French investment bank Societe Generale took a $7.2 billion hit in fraudulent trades after a trader went rogue. In the Societe Generale case, the fraudulent trades were linked to an insider, Jerome Kerviel, who, coincidentally, also was 31 when arrested.

In the Societe Generale case, the gaps in security were obvious. The bank had risk management policies and controls to detect bad trades, but those policies and controls were not enforced, and security practices were lax.

"SocGen was responsible for loose security controls, which really enabled the fraud in that case," Bayuk says. "He [Kerviel] was using passwords from an old job function which had not been changed since he last used them."

Since the Societe Generale scandal, most institutions have implemented new controls to detect and correct what Bayuk calls "toxic combinations" - access authorizations that allow traders to bypass controls for segregation of duties controls. "It is reasonable to expect that UBS had some such program in place," Bayuk says.

Further details are likely to emerge on what already is being called one of the largest unauthorized trading losses in banking history.

About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by, ABC News, and MSN Money.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.