The £1.4bn losses caused by a rogue trader at Swiss bank UBS could have been avoided had a computer used to detect unauthorised trading been more effective, according to the Financial Services Authority (FSA).
The FSA has fined UBS £29.7m for failings related to losses of £1.4bn caused by the unauthorised trading of Kweku Adoboli.
“The computerised system operated by UBS to assist in risk management was not effective in controlling the risk of unauthorised trading,” said the FSA report.
Adoboli was arrested following UBS's announcement that a rogue trader had caused massive losses. He was convicted of two counts of fraud and sentenced to seven years in prison.
Soon after the loss was announced, UBS interim CEO Sergio Ermotti admitted systems in the banks IT infrastructure did detect the unauthorised trading activities of the rogue trader who cost UBS over $2bn. In an internal memo, Ermotti also revealed nothing had been done about the warning signals.
Reports claim the service used to detect suspicious trading is run from an offshore location in India. A source in India told Computer Weekly that the problem occurred in a USB captive in Hyderabad.
The source said captives are less stringent about processes than suppliers. He told me that the reason the rogue trading was missed was because data had been deleted as part of a system upgrade. "If there had been a process, like that of any supplier, this would not have happened."
He said when data was being migrated to a new system it started to slow things down. The person doing the migration deleted data to speed things up, which meant the trading went unnoticed.
He said this would never happen with a supplier because of the strict processes and the risk of contract penalties.
The failure to monitor fraudulent activity highlights the need for banks to constantly monitor and upgrade their fraud systems.
In 2008, a rogue trader who cost French bank Société Générale £3.6bn was accused of using computer hacking techniques.