For over a decade Nick Leeson's name has been a painful memory in the minds of the world's financial institutions--a vivid reminder of the importance of checks and balances in a bank's risk control systems. Leeson's loosing bets on the Tokyo stock exchange index and his ability to hide his losses by serving as the back office clerk for his own trades resulted in the $1.4 billion loss that brought down Barings Bank, an institution whose historic investments including financing the Louisiana Purchase.
But Leeson was severely upstaged this week when French bank Societe Generale pinned their $7.1 billion loss on a single junior trader whose knowledge of the bank's risk-control system enabled him to create what SocGen called "an elaborate assembly of fictitious transactions" that concealed the tracks of his losses until the scam blew up and became the financial story of the week.
Is this financial fiasco a problem that SocGen should have anticipated and prevented? Unfortunately, many risk control processes are based on what has occurred in the past. The rapid evolution of technology and the flattened structure of organizations makes catching fraud before a cataclysmic loss increasingly difficult.
But more significantly, the risk avoidance strategy in some organizations is closely linked to the self-preservation strategy of its leaders. Problems that erupt are often dealt with as isolated situations that are quickly "resolved" and diluted into non-issues. A failure or unwillingness to investigate a problem's role within the context of a larger system, the inability to get to the root cause of a problem, and infrequent questioning of the way business is conducted create an illusion of organizational health while something deadly grows beneath the surface.
Banking analyst Axel Pierron's explanation of this disaster is a good reminder that an organization's greater risk may not be the "enemy within" as much as the institutional thinking that often hides his existence.