Given the rise of high profile incidents related to rogue trading, a major US bank has worked with business and technology consultant Detica to pull together its data to monitor operational risk across a number of controls in order to provide an effective tool to combating these incidents. Through the process, however, other business benefits emerged, said Roger Braybrooks, head of research for global financial markets at Detica.

Rogue trading, such as the recent Casiss d’Epargne equities derivatives issue, or Jerome Kierval at Societe Generale, is generally facilitated by control failures, but no two failures are the same, said Braybrooks. “When you’re not looking at it from a holistic point of view, you won’t catch it.”

He cited a recent statement from the FSA suggesting the need for a series of yellow flags to be applied within areas of concern, which could then be aggregated to produce a red flag on control concerns across those areas. This is essentially the approach Detica has taken with its networked operational risk model.

The first step with its pilot client was to clearly identify the controls that needed to be monitored based on a defined risk model. From there, data was contributed to a shared file by various groups across the organisation, such as credit risk, market risk, compliance, finance, settlements, operations and others. Braybrooks acknowledges that getting the participation across these business units was challenging, which is why sponsorship from the top of the organisation is necessary to drive through this kind of project.

Then through monitoring and a system of alerts, there is visibility into potential areas of operational risk concerns that can be further investigated by the institution. An example cited by Braybrooks was an operational risk alert associated with a trader due to a high number of trade cancellations. When then linked with an alert on that traders’ counterparty to suggest operational risk issues, the combined information can highlight a real area of concern that can be passed on for further investigation.

Beyond the original concept of detecting unauthorised trading, the institution found it was also useful for other functions across the front office, middle office and into operations. For example, having a high operational risk score associated with a particular trader may not be due to unauthorised trading but could be because he’s a ‘messy trader’, an issue that can then be addressed. Or it could enable the desk head to link a trader’s P&L with the trader’s operational risk profile.

Although the pilot project did not (fortunately for the client) unearth any unauthorised trading, it did raise a number of anomalous activities that are now being investigated, said Braybrooks.