The Financial Services Authority (FSA) has reported that many UK investment banks have reviewed their trading controls,...
including IT systems, following the activities of a rogue trader at French bank SocGen.
SocGen reported £3.6bn losses after trader Jerome Kerviel engaged in unauthorised trading activity. Investigations carried out by the bank and French finance minister Christine Lagarde later revealed that lax security of IT systems played a role.
In an ad hoc report, Market Watch 25, the FSA said it has engaged with UK banks to understand what they are doing as a result of the SocGen incident and has outlined some IT security advice.
"We recognise that, in view of the criminal investigation in France, and of the ways in which the 'rogue trader' appears to have disguised his activities, there is likely to be more to learn in the future," said the report.
During informal conversations with about 50 UK investment banks the FSA said that most had considered the risks to their own businesses and already attempted to close gaps following their own reviews.
The FSA has advised the banks to "consider whether IT security and access controls are properly implemented to ensure that users may only access those functions that their duties require".
It also said that banks should consider reviewing access rights periodically to ensure there are no risks when people move from the middle or back office to working in the front office or visa versa.
Kerviel's knowledge of passwords and the back office gave him knowledge of controls and access to unauthorised system.