Case Study: Nick Leeson and The Barings Debacle
Executive Summary
Nick Leeson and the Barings debacle are memorized as the biggest financial scandal in the 20th century. This rogue trader crashed one of the oldest merchant banks, Barings Bank, by losing £827 million (US$1.4 billion) in the derivative market trading. After a failed bailout attempt, Barings was declared insolvent on February 26, 1995. The focus of this case study is the security and control issues which led to this scandal. The case documents the process of how Nick Leeson bypasses the risk management and auditing, and the lack of Barings security control. Moreover, the case explains why the security is not only technology issues, but also business issues.
Background
Barings was Britain's oldest merchant bank. It had financed the Napoleonic wars, the Louisiana Purchase, and the Erie Canal. Barings was the Queen's bank. During the Second World War, the British Government used Barings to liquidate assets in the United States and elsewhere to help finance the war effort. After the war Barings was overtaken in size and influenced by other banking houses, but remained an important player in the market.
Leeson was born in Watford, north-west of London. He attended Parmiter's School. After leaving school in the early 1980s, he landed a job as a clerk with the exclusive private bank, Coutts, followed by a string of jobs with other banks, ending up with Barings in the early 1990s.
At Barings, he worked in operations, but shortly after joining Barings, he applied for and received a transfer to the Far East. His first task when he arrived was working through a back-office mess in Jakarta. The bank was sitting on £100 million in stock certificates and bearer bonds that were not in deliverable form. Many of the stocks had been purchased on behalf of clients. Because the stock market had subsequently declined, the clients trying to avoid taking delivery—they complained that certificates were in the wrong denomination, not properly documented or in physically unacceptable condition. Over a period of 10 months, Leeson worked his way through the certificates, addressing the problems and making delivery.
Leeson’s accomplishments in Jakarta attracted the attention of Barings management. In 1992, he applied for a position within Barings Securities(Singapore) Limited, they not only accepted him, but they made him general manager with authority to hire traders and back office staffs.
The Trading Tale
Barings Securities(Singapore) Limited was held a seat in the Singapore International Monetary Exchange (SIMEX) earlier but never be activated until Nick Leeson came on board.
Nick Leeson starts to hire the local staffs to form his small team. Though he is appointed as backend general manager, he is able to get the authority from Barings Management to do trading for clients as well as trading for arbitraging the price differences for Nikkei futures between SIMEX and Japan’s Osaka Exchange.
He and his team had made speculative trades. He opened an error account named 88888 to correct the mistakes made during trading. And the account starts with negative losses of £20,000, which is made a fault trading by his trading girl. At first, he was managed to make large profits for his employer, £10 million which accounted for 10% of Barings' annual income. This also covers his losses in the 88888 account.
But later, his luck was gone. He has to use back the error account to cover his losses in the futures’ market. But a series of wrong bets made the losses grown very fast. Since he is also the head of back office, he falsified accounts and making various misrepresentations, which hided the losses from Barings Management. So he was able to secure funding from various companies within the Barings organization and from client accounts. His misrepresentations were flimsy at best. For example, he claimed that he needed funds to make margin payments on behalf of Barings Securities (Singapore) Limited’s clients, and he gave a technical argument related to how the SIMEX collected margin as justification. This claim was false. It was actually against SIMEX rules for a broker to post its own money as margin for a client. Even if the claim were true, the funds would have been needed only temporarily—until the client could make payment. Instead, Leeson continued to ask for ever more funding.
His double roles secured all his misrepresentations from being disclosed. As a result, the error account has grown up to £2 million at the end of 1992, mushroomed to £23 million at the end of 1993, reached to £208 million at the end of 1994.
Only in November of the year 1993, Barings started to form the risk management department. But due to a series of reorganization of the whole Barings, the risk management department and auditing department only took the actions to check Nick’s in January 1995. Nick was publicly recording profits in three arbitrage trading accounts, numbers 92000, 98007 and 98008, while he was secretly accumulating losses in account 88888. This was accomplished through cross-trades with account 88888. By performing futures transactions at off-market prices, Leeson was able to achieve profits in the arbitrage accounts while placing offsetting losses in the 88888 account. During 1994, Leeson booked £28.5 million in false profits. This was a staggering profit to earn from futures arbitrage, but it ensured that Barings employees earned bonuses that year. Needless to say, there was little incentive for employees to question the unusually high arbitrage profits. If anything, Leeson was viewed as a star trader who was not to be interfered with.
Nick kept making mistakes and the losses in the error account increased rapidly. Moreover, the Kobe’s earthquake, which was in the morning of January 17 in 1995, knocked down the market even further. All these had pushed Nick to do more big trades to cover his losses. In mid of February of 1995, he had accumulated an enormous position—half the open interest in the Nikkei future and 85% of the open interest in the JGB future. The market was aware of this and probably traded against him. All his effort of trying to save the market only turned to dig a deeper hole.
On February 23 in 1995, Nick fled from Singapore to Kuala Lumpur leaving the error account with £827 million. Barings Management kept unaware for the huge loss until the big margin call was made by SIMEX. But it was too late. They were unable to offset the losses and forced to bankrupt on February 26 in 1995.
Nick fled to Malaysia, Thailand, and finally was arrested in Frankfurt on his way to London. He was sooner extradited to Singapore to stand trial. Convinced of fraud, he was sentenced to jail for six and half years in Changi Prison in Singapore. Because the diagnostics of cancer, he was released in the summer of 1999. And he survived and fully recovered from cancer. In the year 2006, he was appointed CEO of Galway United FC. He continues to be one of the most in-demand conference and after dinner speaker.
On the other hand, Barings was sold to ING bank, a Dutch bank, at a nominal amount of £1 in 1995. ING formed a subsidiary ING Barings, which took over all the liabilities of former Barings. In 2001, ING sold the U.S. based operations to ABN Amro for $275 million, and folded the rest of ING Barings into its European banking division. This left only the Baring Asset Management. In March 2005, Baring Asset Management was split and sold to MassMutual and Northern Trust. Barings bank therefore no longer has a separate corporate existence, although the Barings name still lives on as the MassMutual subsidiary, Baring Asset Management.
What went wrong for Barings and Nick Leeson
In the early 90s, Barings had used some technologies to ensure the security of their information. But Nick Leeson still made use of the lack of company controls to sink down the whole company. This case best illustrated what we have discussed in Section 2 – “Technology is not the key issue in information systems security and control.”
Based on the Framework for Security and Control we discussed in section 3, we analyze the case in the following aspects.
Security Policy
The authorization policies in Barings Securities (Singapore) Limited is not well organized. The company did not clearly define where and when a user is permitted to access which parts of a system.
Traders sometimes speculate without authorization. But it is pretty hard for them to hide the unauthorized trading because they need to pay for the initial margin which will surely go through the backend office. The backend office is in charge of the control and accounting. Thus the unauthorized transaction will be exposed and all the fraud can be discovered within one day, which prevents the further losses. But Nick played double roles in Barings Securities (Singapore) Limited. He was acting as the chief trader as well as the backend manager. This has given him great convenience to falsify the accounts and documents. As a chief trader, he was supposed to report to back office that handling the operations and accounts. Unfortunately, the back office was held by him as well. This short circuited the normal auditing and safe-guard processes. That is why the losses in the error account had the chance to grow dramatically for more than 3 years.
Also, the reorganization inside Barings organizations helped Nick to avoid Barings Management from discovering his losses. Barings had acquired stock brokerage Henderson Crosthwaite in 1984, which became Barings Securities Limited. Originally, Barings Securities Limited was run as an entirely separate company from the banking business, which was called Baring Brothers and Company. Barings Securities (Singapore) Limited was under the Barings Securities Limited. In November, 1993, Barings management decided to merge the Barings Securities Limited into Brothers and Company. But the merger is not easy, the two firms had totally different culture and a lot of office politics needed to be taken care of. Such a distraction made the management lost control over Nick. The supervision over Nick was very messy. Nick was supposed to report to either Ron Baker, who managed derivatives, or Mike Killian, head of Global Futures and Options Sales. Locally, Leeson could have reported to James Bax, who was head of the Singapore office, or to Simon Jones, who was Regional Operations Manager for South East Asia. As a result, Nick was effectively operating the Barings Securities (Singapore) Limited from both front end and backend without any clear supervision.
Security Auditing
Barings Securities (Singapore) Limited did not conduct comprehensive and systematic audits. That allowed Nick to falsify records, fabricated letters and made up elaborate stories to deflect questions from management, auditors and even representatives of SIMEX. Nick actively played on people's insecurities. He notes in his book Rogue Trader that:
People at the London end of Barings were all so know-all that nobody dared ask a stupid question in case they looked silly in front of everyone else.
What we learnt
Nick’s tale has made a great shock over the financial market. After that, the internal auditing and security control becomes one of the top priority tasks for investment banks. And the security issue has been raised from technical level to business level.
Organization structure must be well defined. It has to be a perfect tree where every branch ought to be supervised by a clear head. There should not have any branches left out from the tree. There should not have any branches that sourced from two roots, either. This structure clearly defines the supervision for everybody up to the headquarter management, which removes the confusion caused by overlapping supervision as well as missing the supervision.
To maintain the clear structure, every staff shall be associated with a clear role. Nobody shall entitled to act as two roles, especially not for two roles that are crossed the border of front office and back office. The internal auditing shall be reviewed frequently to ensure there will not be any short circuit inside the auditing and safeguard system. This department shall stand out to act as individual department which will report to top management only.
Nick Leeson’s case gave us a good lesson. It shows how serious the consequence could be if we do not handle security and control well. This topic is always important to all the organizations. In the first place, it is a technical issue, because the security system must be able to update their system to prevent abuses via the new found security bugs. But, no matter how advanced the security system is, the human being who operate the system will be the weakest point of the system. Therefore the security is no longer a technology issue but also a business issue. Companies should enforce the guidelines defined in the company’s security policy to ensure the information assets of the organization. The framework of the security and control is necessary to help organizations to protect themselves and achieve the business values of the information assets. At any time, security issues should not be only relayed to both technical departments, but also to the business departments as well.
Reference:
1. Nick Leeson’s website http://www.nickleeson.com/
2. Wikipedia.com
a. http://en.wikipedia.org/wiki/Barings_Bank
b. http://en.wikipedia.org/wiki/Nick_Leeson
3. http://www.riskglossary.com/link/barings_debacle.htm
4. Rogue Trader (1998) Movie by
5. Rogue Trader: How I Brought Down Barings Bank and Shook the Financial World By Nick Leeson, Edward Whitley