class: center, middle, inverse, title-slide # BIS4630 Corporate Compliance & Fraud Analytics ## Week 16 Corporate Governance (Supplementary Materials) ### Hayson Tse, PhD (HK) ### 21 February 2018 --- name: prologue class: inverse, center, middle # Prologue --- # Help * Pink means `I am a link; please click me.` --- # Contact info * Personal email + [H.Tse](H.Tse@mdx.ac.uk) + [hayson.tse](hayson.tse@teacher.hkuspace.hku.hk) * Course twitter + [bis4630](https://twitter.com/bis4630) --- # Copyright [This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Licence.](http://creativecommons.org/licenses/by-nc-sa/4.0/legalcode) <img src="by-nc-sa.png" height="100pt" /> --- # Table of contents * Course administration * Objectives * Recap * Risk Management: BS ISO 31000:2009 * Risk Management: BS EN 31010: 2010 * Collapses of businesses * Summary --- name: course-admin class: inverse, center, middle # Course administration --- # Classroom Conduct * [HKU SPACE Handbook](http://bit.ly/2ds6czb) + Unauthorised reservation of seats is not permitted. + Eating or drinking is not allowed. + All mobile phones and pagers are to be turned off. + Smoking is prohibited at all HKU SPACE learning centres and the University campus. + No video / audio recording is allowed, except with the permission of the Programme Director / Manager, and is subject to any conditions stipulated when such permission is granted. + Personal belongings should not be left unattended. --- # MSc Electronic Security and Digital Forensics Degree > "This course will focus on IT law, professional and ethical issues, criminal law, theories of crime as well as looking at the legal system more generally. You'll also focus on security regulations, contingency planning and risk management as well as intellectual property law, privacy and data protection law." - [Course homepage](http://bit.ly/2e18OVE) --- # Compulsory modules that you are exempted * BIS 4620 Digital Investigation and Evidence Management (30 Credits) * BIS 4610 Information Security Management (30 Credits) --- # Compulsory modules for you * BIS 4600 Legal and Professional Aspects of Digital Forensics (30 Credits) * BIS4630 Corporate Compliance and Financial Crime Prevention (30 Credits) * BIS 4992 Postgraduate Computing Project (60 Credits) --- # Study hours outside class contact > "The study hours for each credit point is 10 hours. For a 30-credit module this equates to 300 hours. Therefore, if a module has time-tabled activities i.e. lecture/seminar/lab, of 3 hours per week for a 24-week period (total of 72 hours), then the out-of-class study commitment expected of students is 228 hours in total." - Course Handbook. * Practical meaning: 300 hours = **2.5 hours per day** x *5 days* x 24 learning weeks (Note: only 18 learning weeks for Hong Kong) --- # Master's degree in UK > "[A] master's [degree] is hard work and requires a lot of commitment. It has to be something you actively want to do . . . Postgraduate study is *much more independent* than undergraduate study, so, on a practical level, it is important to be aware that you may be *working by yourself for much of the time*." - [Taking the plunge into the master's world (The Guardian, 2009)](http://bit.ly/2fBScEa) --- # Teaching Plan IMPORTANT * The Hong Kong teaching schedule is set out below. It supersedes the UK model explained in the Module Handbook. * The Hong Kong schedule consists of a 18-week schedule decided by HKUSPACE. The UK course consists of a 24-week schedule. * The 2 dates for coursework remain the same: 7 March 2018 and 14 March 2018 (both London time) --- # Week 14 - 16: 7.ii2018 - 21.ii.2018 * Corporate Governance + Impact of culture on mitigating fraud + Impact of corporate governance on mitigating internal fraud risks + UK Corporate governance code Accountability + Company boards / internal communication + Management of clients and third parties + Disclosure and Whistleblowing + Top level commitment --- # Week 17: 28.ii.2018 * Revision, Practise Presentations + 7 March 2018 is the deadline to send Coursework A, B and C to Middlesex via Middlesex Turnitin. There is no lecture on 7 March 2018. + Revision + Practise presentations + Examination preparation and practice --- # Week 18: 14.iii.2018 * Group Presentations & Examination preparation + Summative group presentation + Revision + Examination paper practice * Assessment Formative assessment + Monitor student learning to improve their learning + Provide ongoing feedback to teachers to improve teaching * Summative assessment + Evaluate student learning at the end of an instructional unit by comparing it against some standard or benchmark --- # Important dates * 11 October 2017 - 6 December 2017, both dates inclusive + You are recommended to research for Coursework Section A to C. * 24 January 2018 + You are recommended to complete a first draft copy of Coursework Section A. * 31 January 2018 + You are recommended to complete a second draft of Coursework Section A and continue to review, edit and amend until you have a 'camera-ready' piece of soft copy before 7 March 2018. --- # Important dates * 7 February 2018 + You are recommended to complete a first draft of Coursework Section B. * 14 February 2018 + You are recommended to complete a second draft of Coursework Section B and continue to review, edit and amend until you have a 'camera-ready' piece of soft copy before 7 March 2018. * 21 February 2018 + You are recommended to complete a first draft of Coursework Section C. --- # Important dates * 28 February 2018 + You are recommended to complete a second draft of Coursework Section C and continue to review, edit and amend until you have a 'camera-ready' piece of soft copy before 7 March 2018. --- # Important dates * 7 March 2018 + Deadline for Summative Submission of Coursework Section A, B and C, each with its covering page via the supplied Turnitin link in the Middlesex University UniHub module page to Middlesex. + Any other means of submission, even to me or to HKUSPACE, means no submission. --- # Important dates * 14 March 2018 + Group presentation for Coursework Section C. --- name: obj class: inverse, center, middle # Objectives --- # Objectives * At the end of the presentation, you should understand: + principles in BS ISO 31000:2009 for risk management + principles in BS EN 31010: 2010 for risk management + examples of collapses of businesses --- name: Recap class: inverse, center, middle # Recap --- # Regulatory principle > "Comply or explain"; > "apply or explain" --- # Key elements - Cadbury Report definition > "The shareholders' role in governance is to appoint the directors and the auditors and to satisfy themselves that an appropriate governance structure is in place. The responsibilities of the board include setting the company's strategic aims, providing the leadership to put them into effect, supervising the management of the business and reporting to shareholders on their stewardship. The board's actions are subject to laws, regulations and the shareholders in general meeting." --- # International Influence * Sarbanes-Oxley Act (US) * OECD * G20/OECD Principles of Corporate Governance (2015) (first published in 1999) * OECD Risk Management and Corporate Governance (2014) * OECD Corporate Governance Working Papers No. 20: Corporate Governance of Financial Groups (2016) * Bank for International Settlements (BIS) * (BIS) Basel Committee on Banking Supervision * BIS Guidelines: Corporate Governance Principles for Banks (2015) (13 principles) --- # Domestic Influence * EU Directive 2006/46/EC * UK Corporate Governance Code * FRC Guidance --- # UK History * (Maxwell; Polly Peck) * Cardbury Report 1992 (Code of Best Practice (Corporate Governance)) * Rutteman Report 1994 (Guidance for Directors of Listed Companies) * Greenbury Report 1995 ("fat cats" Directors' remuneration) * Hampel Report 1998 (Review Cardbury and Greenbury) * Combined Code 1998 (Cadbury, Greenbury Hampel) (by London Stock Exchange) * Turnbull Report 1999 (Guidance for directors on Combined Code) (ICAEW) * (Enron) --- # UK History * Higgs Report 2003 (Non-executive directors) * Turnbull Guidance 2005 (Updated guidance for directors on Combined Code) (FRC) * Combined Code 2003, 2006, 2008 * Companies Act 2006 (ss. 171 to 177, 414A and 414C) * Walker Report 2009 (UK banks) * FRC Boards and Risk Report 2011 * Sharman Inquiry 2012 (Going concern and liquidity risks) * UK Corporate Governance Code 2010, 2012, 2014 * FRC Risk Guidance 2014 * UK Corporate Governance Code 2016 --- # Domestic Influence * EU Directive 2006/46/EC (comply or explain; corporate code) * UK Corporate Governance Code * FRC Guidance --- # Risk management * Risk elements (Harm (consequence) x Probabilities (likelihood)) * Risk appeitite or risk tolerance * FRC Risk Guidance 2014 --- name: ISO31000 class: inverse, center, middle # Risk Management: BS ISO 31000:2009 --- # Definitions * Risk > "Effect of uncertainty on objectives" * Risk attitude > "organization's approach to assess and eventually pursue, retain, take or turn away from risk" * Risk management > "In general terms,"risk management" refers to the architecture (principles, framework and process) for managing risks effectively." --- # Definitions * Managing risk > "In general terms, ...,"managing risk" refers to applying that architecture to particular risks." > "overall process of risk identification, risk analysis and risk evaluation" * Risk identification > "process of finding, recognizing and describing risks" * Risk analysis > "Process to comprehend the nature of risk and to determine the level of risk" * Risk evaluation > "process of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable" --- # Definitions * Level of risk > "magnitude of a risk or combination of risks, expressed in terms of the combination of consequences and their likelihood." * Risk criteria > "terms of reference against which the significance of a risk is evaluated" * Likelihood > "chance of something happening" * Consequence > "outcome of an event affecting objectives" --- # Principles and Guidelines * Risk management creates and protects value > "Risk management contributes to the demonstrable achievement of objectives and improvement of performance in, for example, human health and safety, security, legal and regulatory compliance, public acceptance, environmental protection, product quality, project management, efficiency in operations, governance and reputation." * Risk management is an integral part of all organizational processes > "Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. Risk management is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes." --- # Principles and Guidelines * Risk management is part of decision making > "Risk management helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action." * Risk management explicitly addresses uncertainty > "Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed." * Risk management is systematic, structured and timely > "A systematic, timely and structured approach to risk management contributes to efficiency and to consistent, comparable and reliable results." --- # Principles and Guidelines * Risk management is based on the best available information > "The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. However, decision makers should inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts." * Risk management is tailored > "Risk management is aligned with the organization's external and internal context and risk profile." --- # Principles and Guidelines * Risk management takes human and cultural factors into account > "Risk management recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization's objectives." * Risk management is transparent and inclusive > "Appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization, ensures that risk management remains relevant and up-to-date. Involvement also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria." --- # Principles and Guidelines * Risk management is dynamic, iterative and responsive to change. > "Risk management continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear." * Risk management facilitates continual improvement of the organization > "Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization." --- # Principles and Guidelines * Implementing the framework for managing risk > "define the appropriate timing and strategy for implementing the framework" > "apply the risk management policy and process to the organizational processes" > "comply with legal and regulatory requirements" > "ensure that decision making, including the development and setting of objectives, is aligned with the outcomes of risk management processes" > "hold information and training sessions" > "communicate and consult with stakeholders to ensure that its risk management framework remains appropriate" --- # Principles and Guidelines * Implementing the risk management process > "Risk management should be implemented by ensuring that the risk management process outlined in ...is applied through a risk management plan at all relevant levels and functions of the organization as part of its practices and processes" --- # Principles and Guidelines * Defining risk criteria > "the nature and types of causes and consequences that can occur and how they will be measured" > "how likelihood will be defined" > "the timeframe(s) of the likelihood and/or consequence(s)" > "how the level of risk is to be determined" > "the views of stakeholders" > "the level at which risk becomes acceptable or tolerable; and" > "whether combinations of multiple risks should be taken into account and, if so, how and which combinations should be considered." --- # Principles and Guidelines * Risk identification > "The organization should identify sources of risk, areas of impacts, events (including changes in circumstances) and their causes and their potential consequences. The aim of this step is to generate a comprehensive list of risks based on those events that might create, enhance, prevent, degrade, accelerate or delay the achievement of objectives. ...Comprehensive identification is critical, because a risk that is not identified at this stage will not be included in further analysis." --- # Principles and Guidelines > "Identification should include risks whether or not their source is under the control of the organization, even though the risk source or cause may not be evident. Risk identification should include examination of the knock-on effects of particular consequences, including cascade and cumulative effects. It should also consider a wide range of consequences even if the risk source or cause may not be evident. As well as identifying what might happen, it is necessary to consider possible causes and scenarios that show what consequences can occur. All significant causes and consequences should be considered." --- # Principles and Guidelines > "The organization should apply risk identification tools and techniques that are suited to its objectives and capabilities, and to the risks faced. Relevant and up-to-date information is important in identifying risks. This should include appropriate background information where possible. People with appropriate knowledge should be involved in identifying risks." --- # Principles and Guidelines * Risk analysis > "Risk analysis involves consideration of the causes and sources of risk, their positive and negative consequences, and the likelihood that those consequences can occur. Factors that affect consequences and likelihood should be identified. Risk is analyzed by determining consequences and their likelihood, and other attributes of the risk. An event can have multiple consequences and can affect multiple objectives. Existing controls and their effectiveness and efficiency should also be taken into account." --- # Principles and Guidelines > "Risk analysis can be undertaken with varying degrees of detail, depending on the risk, the purpose of the analysis, and the information, data and resources available. Analysis can be qualitative, semi-quantitative or quantitative, or a combination of these, depending on the circumstances." --- # Principles and Guidelines > "Consequences and their likelihood can be determined by modelling the outcomes of an event or set of events, or by extrapolation from experimental studies or from available data. Consequences can be expressed in terms of tangible and intangible impacts. In some cases, more than one numerical value or descriptor is required to specify consequences and their likelihood for different times, places, groups or situations." --- # Principles and Guidelines * Risk evaluation > "Risk evaluation involves comparing the level of risk found during the analysis process with risk criteria established when the context was considered. Based on this comparison, the need for treatment can be considered." > "Decisions should take account of the wider context of the risk and include consideration of the tolerance of the risks borne by parties other than the organization that benefits from the risk. Decisions should be made in accordance with legal, regulatory and other requirements." --- name: bs-31010 class: inverse, center, middle # Risk Management: BS EN 31010: 2010 --- # Risk Management - Risk Assessment Techniques > "This International Standard is a supporting standard for ISO 31000 and provides guidance on selection and application of systematic techniques for risk assessment." * Brainstorming * Structured or semi-structured interviews * Delphi * Check-lists * Primary hazard analysis * Hazard and operability studies (HAZOP) * Hazard Analysis and Critical Control Points (HACCP) --- # Risk Management - Risk Assessment Techniques * Environmental risk assessment * Structure "What if?" (SWIFT) * Scenario analysis * Business impact analysis * Root cause analysis * Failure mode effect analysis * Fault tree analysis * Event tree analysis --- # Risk Management - Risk Assessment Techniques * Cause and consequence analysis * Cause-and-effect analysis * Layer protection analysis (LOPA) * Decision tree * Human reliability analysis * Bow tie analysis * Reliability centered maintenance * Sneak circuit analysis --- # Risk Management - Risk Assessment Techniques * Markov analysis * Monte Cario simulation * Bayesian statistics and Bayes Nets * FN curves * Risk indices * Consequence / probability matrix * Cost / benefit analysis * Multi-criteria decision analysis (MCDA) --- name: collapse class: inverse, center, middle # Collapses of businesses --- # History * 1990 Polly Peck (Asil Nadir) * 1991 Maxwell Pension (UK) * 1995 Barings Bank (UK) * 2000 Equitable Life * 2001 + Marconi (US) + Enron (US) + Arthur Anderson (US) * 2004 WorldCom (US) * 2006 UBS (Tom Hayes) * 2008 Lehman Brothers --- # Polly Peck (Asil Nadir) * [SFO news release](http://bit.ly/2jYuQrr) * [URL for Reasons for sentence of Asil Nadir](http://bit.ly/2kkcItr) > "The origins of the company go back to 1959 when the company was first incorporated as Polly Peck (Holdings) Ltd. In 1980 Asil Nadir, a Cypriot businessman then resident in the UK and with joint British and Turkish nationality, gained a controlling interest. By 1985 the company had limited liability, and was renamed Polly Peck International Plc ("PPI"). ..." --- # Polly Peck (Asil Nadir) > "...It was initially a holding company of a group of businesses involved in the garment trade in the east end of London but under the chairmanship of Asil Nadir it was set on an expansionist course. By 1990 it had developed into an international conglomerate of 200 subsidiary companies involved in food, electronics, leisure, as well as textiles. One of PPI's best known acquisitions was the international canned fruit business, Del Monte." > "You have been convicted of 10 offences of theft. ...In all, during that three year period, you stole from PPI sums totalling ...it is fair to say that the total sum stolen equates to more than 60 million today. ...You committed those thefts by authorising or instructing the transfer of monies out of PPI's bank accounts in London ...to end uses which were nothing to do with PPI's business but were instead for the benefit of you, your family and associates." --- # Polly Peck (Asil Nadir) > "In the late summer and autumn of 1990, the bankers who had previously been glad to lend money to PPI began to seek repayment of short-term loans as they fell due. There was then an urgent need for cash to be remitted from the near east subsidiary companies to PPI head office in London so that the most pressing demands could be met and the confidence of the lending banks restored. But nothing was remitted." > "you fixed it by arranging for one of your assistants to forge a letter which purported to be confirmation from a bank that the necessary funds would be remitted. That was not the only document which was falsified by those who were assisting you in northern Cyprus, and again the evidence makes me sure that your hand was behind the various forgeries and other false accounting records which were used to conceal the thefts of which you have been convicted." --- # Polly Peck (Asil Nadir) > "The evidence I have heard therefore drives me to the conclusion that you, having on ten occasions stolen PPI's money, were determined to frustrate any meaningfulinvestigation of the finances of the near east subsidiaries which would have revealed those thefts. I am sure that for that reason you were responsible for the failure to remit funds." > "You blamed everyone but yourself for the collapse of PPI. I accept that there may well have been many complex factors which collectively brought about that collapse, and I agree with Mr Hackett that it would be wrong to say that you alone were responsible for it." --- # Polly Peck (Asil Nadir) > "Your fellow directors decided, entirely understandably, that there was no realistic option open to them other than to petition for PPI to be placed into administration." > " You blame others for the collapse of PPI, but the evidence makes me sure that your conduct in committing those ten thefts, and in seeking to cover them up, was at least one of the substantial causes of it. With that collapse, of course, came financial loss to all who had invested in PPI: not just large institutional investors, but private investors and persons whose pension funds were partly invested in PPI shares." --- # Polly Peck (Asil Nadir) > "With the commencement of the SFO investigation in August 1990, supported by the Metropolitan Police, the defendant was first interviewed in September that year. He was first charged in December 1990 and the case sent to the Central Criminal Court for trial to open in 1993. He took flight from the jurisdiction ahead of the trial, in contempt of court, in May 1993 and returned to Northern Cyprus. Extradition was not possible so a considerable period of time had elapsed prior to his return to the UK." > "In 2010, the defendant, through a media interview publicly declared his desire to return to the UK to contest the charges. He arrived at Luton Airport on 26 August 2010 ...The trial opened on 23 January 2012. The jury was sent to consider their verdicts on 10 August." > "(On 23 August 2012) Asil Nadir has been sentenced today to ten years' imprisonment." --- # Maxwell Pension * Am Ang Zhang, The Cockroach Catcher, Bauhinia Press, New York, 2008, page 246 > "On the 5th Nov., 1991, the body of the millionaire newspaper publisher, Robert Maxwell, was found in the sea off the coast of Tenerife. After Robert Maxwell's death, it emerged that the Mirror Group's debts vastly outweighed its assets and 440m was missing from the company's pension funds. In 1996, after an eight-month trial, Kevin and Ian Maxwell and another man, Larry Trachtenberg, were cleared of conspiracy to defraud Mirror Group pensioners. In 2001 the Department of Trade and Industry released a report into the Maxwell affair which said"primary responsibility\" for the collapse of the Maxwell business empire lay with its founder. But it added that ..." --- # Maxwell Pension > "..."primary responsibility" for the collapse of the Maxwell business empire lay with its founder. But it added that Kevin Maxwell and some leading City financial institutions also bore a> "a heavy responsibility" for the company's failure. After Robert Maxwell's death, campaigners for the 30,000 Mirror Group pensioners mounted a three-year campaign for compensations. Their funds were largely recovered thanks to a 100m government payout and a 276m out-of-court settlement with City institutions and the remnants of Rober Maxwell's media group." --- # Collapse of the dot.com boom * dotcom bubble: the meteoric rise in the values of equity markets resulting from investment in Internet-based companies * 1994 - 2003 * Christian Wollschield. Rise and Burst of the Dotcom Bubble, Causes, Characteristics, Examples. page 1 > "The Dotcom bubble, also known as the 'Internet Bubble' or the 'Information technology bubble' was a speculative bubble of stock prices of mainly American Internet companies during the time from 1995 until 2000 when many investors believed that a 'new era' was upon them." --- # Collapse of the dot.com boom * Parsons and Oja. Computer Concepts 2014, Comprehensive. Course Technology. page 502 > "The so called 'dot-com bubble' was fueled by a frenzy of online business startups. Enterpreneurs seemed to believe that any Internet-based business was destined for success. Investors believed that dot-coms were the key to quick profits. Stock sold like hotcakes on the technology-specialized NASDAQ stock exchange. Figure 9-21: May 1997 Amazon.com stock initial public offering (IPO) kicks off the dot-com frenzy. ...March 2000 The NASDAQ reaches its all-time high of 5,048; stocks were trading for an average of $55.92 per share. ...September 2002 NASDAQ bottoms out at 1,184, much lower than its 5,048 peak. The average price per share is 4.07." --- # Barings Bank * Bank of England, [Report of the Board of Banking Supervision Inquiry into the Circumstances of the Collapse of Barings](http://bit.ly/2jo3gCZ), 13 July 1995 * Steve Giles, Managing Fraud Risk: A Practical Guide for Directors and Managers, page 40 --- # Barings Bank > "Since the foundation of the business as a partnership in 1762 .... Baring Brothers & Co., Limited ...was found in 1890 to carry on the business of the bank in succession to the original partnership. ...based in London, with branches in Singapore and Hong Kong. ...BSL, itself a subsidiary of BB&Co, which generally operated through subsidiaries as a broker dealer in the Asia Pacific Region, Japan, Latin America, London and New York. ...BFS, a Singaporean registered company, was an indirect subsidiary of BSL. ...From late 1992 to the time of collapse, BFS's General Manager and Head Trader was Leeson. ...In July 1992, account "88888" was opened in BFS's record as a 'client' account ..." --- # Barings Bank > "...account "88888" was opened in BFS's record as a 'client' account ...this account was used to conceal the unauthorised trading activities of BFS through 1993, 1994 and up to 23 February 1995. ...we attributed the responsibility for the trading on and accounting for account "88888" to Leeson, although we recognise that not all of this trading may have been executed by him and that others were involved in the accounting and settlement functions. ...The fact that Leeson was able to conceal the positions and losses recorded in this account caused the collapse of Barings on 26 February 1995. ...Leeson was not properly supervised. ..." --- # Barings Bank > "...Mr Leeson is the notorious"rogue trader" whose unauthorised and concealed trading activities in the early 1990s resulted in losses of over £860 million and brought down his employer, Barings Bank, at the time the oldest bank in the City of London. In his autobiography, Rogue Trader, Mr Leeson makes it clear that his unauthorised deals did not start out as fraud at all. Instead they had their origins in a series of errors and dealing losses incurred by staff in his department. Mr Leeson headed up the front office trading operations of the Barings' subsidiary based in Singapore. On one particular day staff in his department lost £20,000 on a foreign exchange transaction. ..." --- # Barings Bank > "...On one particular day staff in his department lost £20,000 on a foreign exchange transaction. A series of further errors brought total losses from mistakes alone to over £100,000. These losses would certainly be highlighted by variance analysis of results carried out by the accounts team in London. Mr Leeson was convinced, because of his perception of the culture at Barings Bank, that the result would be dramatic - the individuals in his team who made the mistakes would no doubt be fired and he would be stripped of all his responsibilities. According to his version of events in the book, he could not simply stand idly by and watch any of his staff lose their jobs in this way." --- # Barings Bank > "...lose their jobs in this way. Instead he decided to take action. He took it upon himself to conceal the losses from head office by transferring them from the profit and loss account to a balance sheet suspense account - the infamous "88888 account" that he used for this purpose. Mr Leeson then went on to spend much of the next three years effectively trying to trade out of these losses, ultimately with a spectacular lack of success. So, it could be argued that losses that started out at just over £100,000 turned into a black hole of almost 1 billion that brought down Barings Bank. Mr Leeson and his staff in Singapore were obviously involved in fraudulent activities. What is often not realised or commented upon is that, in addition to being corrupt, they were incompetent also." --- # Equitable Life * 15 January 1999: Equitable Life launched court proceedings in order to gain approval for its plan to ask some policyholders to accept a cut in bonuses since it could no longer afford what it had once promised. * 9 September 1999: Equitable won the first stage of the battle when the Court ruled that it acted lawfully in cutting bonuses. * 21 January 2000: Court of Appeal reversed the decision and ruled that the Equitable must honour its original commitments. * 20 July 2000: the [House of Lords upheld the Appeal Court's ruling](http://bit.ly/2kDEseN). --- # Equitable Life * 8 December 2000: Equitable Life closed its doors to new business, having failed to find a buyer. * 31 August 2001: The Government launch a full investigation into the circumstances leading up to the downfall of the assurer. Lord Penrose led the inquiry. * 8 March 2004: Lord Penrose's report was published, accusing the former Equitable management team of "dubious" practices and nurturing a "culture of manipulation and concealment". * 4 June 2010: Former Equitable auditors, Ernst and Young, were fined £500,000, plus costs of £2.4 million and reprimanded for failing to warn policyholders of the society's problems a decade earlier. --- # Equitable Life * Richards Roberts. [Did anyone learn anything from the Equitable Life? Lessons and Learning from Financial Crises](http://bit.ly/2khevRl). Institute of Contemporary British History, King's College London. September 2012 > "When Equitable was established in 1762, the industrial revolution was just beginning. ...The Equitable Life crisis, which began publicly in the late 1990s, was the biggest crisis in the modern history of British insurance and pensions." --- # Equitable Life > "Lord Penrose, an accountant and commercial judge, was appointed by the government in August 2001 to investigate the circumstances leading to Equitable's downfall and reported thirty months later. ...The Equitable disaster created enough blame to go round and Lord Penrose has distributed it liberally to:" * the regulatory system * the accounting standards setters --- # Equitable Life > "Penrose laid the most blame on the Society's senior executives and directors ..." > "the Society was the author of its own misfortunes" > "Roy Ranson, Equitable's 'idiosyncratic and autocratic' actuary and chief executive, a 'domineering figure who brooked no dissent' "' > "Penrose was disparaging as regards Equitable's non-executive directors," > "did not understand the risks to which the Society was exposed" > "had 'a poor understanding of the Society's developing financial position,'' > "being 'ill-equipped to manage a life office by training or experience'" > "incompetent to assess the advice objectively and challenge the actuaries"' --- # Equitable Life * Professor Robert's Summary of the Equitable Life collapse > "Leadership: an autocratic, domineering chief executive" > "Business model: a risky business model ('full distribution' and the resultant low reserves) that delivered rapid growth - for a while" > "Governance: non-executive directors who failed to control an ambitious management or to understand the risks they were running" > "Regulation: a failure of prudential supervision to restrain the hazardous conduct of the firm and protect stakeholders" > "Product: complex and opaque products (traditional with-profits life policies)" > "Crisis management: over-confidence inability to overcome problems" > "Institutional constraints: inability of mutual to raise capital" --- # Marconi * Chambers and Rand, Operational Auditing Handbook, Auditing Business and IT Processes, 2nd edition, Wiley, page 97 > "[In September 2000], Marconi was riding high, an industrial giant with a historic name, a record in engineering respected around the world and a share price which, at £12.50, put a notional value on the company of £35 billion. Yesterday those shares fell to 29p, putting that value at just £807 million." [The Telegraph](http://bit.ly/2f1z2DW) --- # Marconi > "Lord Weinstock dominated GEC (not to be confused with the US GE) for thirty years as its chief executive. By the the he retired from GEC in 1996, he was out of favour with institutional investors who had been chiding him to do something constructive with GEC's legendary cash mountain, or to return it to the shareholders. In truth, Lord Weinstock had presided over a rather sleepy giant conglomerate, underperforming other major companies. Its strengths were its balance sheet and its strong but not leading position in, amongst other things, the manufacture of defence equipment, locomotives, heavy industrial products and electrical equipment. Marconi was just one of their companies." --- # Marconi > "Perhaps it was predictable that Lord Weinstock's successor as chief executive, and the latter's appointee as finance director, shortly to become deputy chief executive, would listen to the institutional shareholders. They took to the board a proposed strategy to transform GEC into a telecoms hardware and software company, renaming the group Marconi. The allure of the doctom sector was irresistible. The board, comprising famous names with excellent business backgrounds, agreed - and the institutional shareholders approved." --- # Marconi > "The group divested itself of the operating companies it now no long wished to retain, moving out of defense and heavy industrial manufacture. They used the proceeds from these divestments, together with their cash mountain and significant loans from financial institutions, to finance near the top of the market an aggressive, expensive acquisition spree of telecoms businesses. Marconi's shareholders benefitted in the process to some extent, both in terms of Marconi's rising share price for a while and their holdings of shares and loan notes in BAE who had acquired GEC's defence companies." --- # Marconi > "When Marconi had succeeded in repositioning itself as a telecoms company, it became apparent that it was vulnerable. Its balance sheet was no much more heavily geared. It was not large enough in telecoms to dominate the market. It had repositioned itself just when mobile phone companies were cutting back their investment budgets, having overextended themselves paying governments for 3G mobile telephony licenses." > "Marconi's executive team proposed to their board that a merger should be sought with another leading telecoms company as a matter of urgency before Marconi's share price collapsed. The board refused. The board had not agreed previously to that as a fallback position should the transformation strategy fail." --- # Marconi > "The rest is history. The banks moved in. The shareholders lost almost everything. The CEO and Deputy CEO were ousted in 2001. The banks did not emerge unscathed. A proud, independent, financially strong but unspectacular company bit the dust." > "There was a number of lessons from this tale. An important one is that strategies that take a long punt on the very future of the company are too risky to prudently adopt. Strategic options should be stress tested for risk before they are adopted. Risk management approaches must be applied carefully at the strategy formulation stage, as well as to managing risks during strategy implementation. ..." --- # Marconi > "...At the strategy formulation stage, possible risky events should be identified and approaches devised to reduce the risk of those events occurring. Should any of those events occur, there should be effective contingency plans developed and agreed in advance by the board at the strategy formulation stage which can be expected to effectively mitigate the consequences." --- # Enron * Steve Giles, Managing Fraud Risk: A Practical Guide for Directors and Managers, page 122 > "Enron Corporation was a US energy, commodities and services company based in Houston, Texas. In just 15 years it grew from a small base to being one of America's largest corporations, employing some 21,000 staff in more than 40 countries. Enron's Chairman and CEO throughout this period was Ken Lay and he was supported by the ex-McKinsey consultant, Jeff Skilling, who joined the Enron payroll in 1990. ..." --- # Enron > "...The company received widespread recognition for its transition from an old-line energy company with pipelines and power plants into a high-technology global enterprise that traded energy contracts like commodities, launched into new industries like broadband communications and oversaw a multi-billion dollar international investment portfolio." > "In August 2000, Enron's stock price hit its highest value of $90 per share. The company was unable to sustain its success thereafter, however. A steady decline in share price during 2001 became a crisis of investor confidence from October of that year and, amid allegations of widespread accounting fraud, Enron filed for bankruptcy protection in December 2001. It has become perhaps the most notorious example of corporate fraud and corruption of recent years." --- # Enron > "The consequences of the scandal were wide-ranging. The bankruptcy brought misery and loss to the company's stakeholders (its employees, creditors and shareholders) and led directly to the passing of the SOX in 2002. The leading individuals in the saga were prosecuted and found guilty. Mr Skilling was found guilty at his trial in 2006 of 19 charges of conspiracy to commit securities and wire fraud and of making false statements to auditors. He was sentenced to just over 24 years in prison and fined$45 million. Mr Lay was found guilty on all counts of securities fraud, wire fraud and making false and misleading statements. He died of ..." --- # Enron > "...He died of a heart attack before the appeals process was exhausted so that his conviction was abated. Andy Fastow, Enron's CFO, cooperated with the prosecution and received a reduced sentence of six years in jail followed by two years on probation. He was required to forfeit $23 million of family assets. Over 20 other Enron executives and accounting officers either pleaded guilty or were found guilty of crimes committed at Enron. Also, JP Morgan Chase and Citigroup paid nearly $300 million to settle allegations from the Securities and Exchange Commission that they helped Enron manipulate its financial statements and mislead investors without admitting any wrongdoing." * See also Steve Giles, Managing Fraud Risk: A Practical Guide for Directors and Managers, pages 122 to 126 --- # Arthur Anderson * Big 5 (4) accounting firms: (Arthur Anderson LLP), PricewaterhouseCooper, Deloitte Touche Tohmatsu, Ernst & Young and KPMG. * Steve Giles, Managing Fraud Risk: A Practical Guide for Directors and Managers, page 104 --- # Arthur Anderson > "Arthur Andersen ("Andersen") founded the eponymous firm in 1913 in Chicago offering accounting, auditing and tax services. The firm quickly became known for an uncompromising adherence to accounting principles. It grew throughout the 20th century and in the year 2000 it was the biggest accountancy firm in the world. However, in 2002 Andersen was convicted of one count of obstruction of justice by a court in Houston, Texas." > "Enron was an important client of Andersen. It was a relationship that embroiled Andersen in controversy when Enron collapsed and filed for bankruptcy protection in 2001. The firm acted as auditors and financial advisers to Enron for many years (it also audited the accounts of other major companies made notorious through fraud, for example WorldCom). Enron notoriously became bankrupt through corporate fraud." --- # Arthur Anderson > "Much has been made subsequently of the alleged conflicts of interest between Enron and Andersen, whereby Andersen was paid $25 million a year as the auditor of Enron and received almost the same amount,$25 million a year, for providing consultancy services to Enron. It has been said that these conflicts made it impossible for Andersen to do a proper audit. It is no doubt true that there were a number of close relationships ..." > "...there were a number of close relationships amongst certain individuals at Enron's headquarters in Houston, Texas and the accountants in Andersen's local Houston office. ...However, the situation of a company's auditors also acting as consultants to the same company was by no means extraordinary at the time. Rather, it was common practice and was indeed considered essential to the business models of the big accounting firms - audit fees alone were incapable of generating the required levels of profitability or revenue growth." --- # Arthur Anderson > "The specific problem that Andersen had, which it was unable to deal with, was that it was accused and then found guilty by a court in Houston, Texas in June 2002 of the criminal offence of obstructing justice by shredding documents relating to Enron. Of course, both the criminal charge and Andersen's by now controversial relationship with Enron were in the public domain and the firm had already lost much of its business by the time of the verdict." > "Andersen appealed against the initial court judgement and the appeal was successful. In 2005 the conviction was overturned by the Supreme Court in a unanimous vote. The Supreme Court found that Anderson had in fact shredded documents in accordance with its own document-shredding policy rather than as part of a scheme to obstruct the authorities. So the firm could claim that it had acted professionally and properly throughout. However, the timing of the appeal hearing was far too late to save Andersen's reputation. The firm's brand was fatally damaged and it simply could not recover. As a result, five global accounting firms were reduced to four, a position that remains the same today." --- # WorldCom * A. C. Fernando, Corporate Governance: Principles, Policies and Practices, Dorling Kindersley, 2006, page 218 > "WorldCom was founded in 1983 ...it was initially called LDDS - Long Distance Discount Service. ...LDDS became a public company in 1989 with its acquisition of Advantage Companies. What followed was a series of more than 60 mergers and acquisitions throughout the late 80s and early 90s....On 25 May 1995, the company officially changed its name to WorldCom ...In 1996, WorldCom purchased MFS Communication Inc." --- # WorldCom > "MFS's Internet subsidiary, UUNET gave WorldCom a substantial international presence. In September 1998, the company made its biggest acquisition, paying a price of approximately $40 billion for the well-known long distance provider MCI. ...By 2002, it became the No.2 residential long-distance carrier in the US..... It had the world's largest Internet backbone, thousands of government contract and 20 million customers worldwide. The company had more than $30 billion in revenues, $104 billion in assets and 60,000 employees by July, 2002." > "With its usual acquisition trial, WorldCom attempted to acquired yet another telecom company, Sprint, in October 1999. However, the Department of Justice objected to this move smelling something fishy in the deal. ...mergers and acquisitions were not a sustainable growth strategy ...the company started to drift." --- # WorldCom > "In June 1999, WorldCom's stock was trading at double digit figures, but by January 2004, it had become worthless, dropping to a measly $0.50. ...In June 2002, WorldCom announced that it had inflated its profits by improperly accounting for more than $3.9 billion." > "WorldCom had made unrealistic financial targets and was not able to match them. In order to meet these targets and present a favourable picture to the public to make it appear that the targets had been achieved, ...used certain accounting treatments that had no basis in the generally accepted accounting principles." > "On questioning, Arthur Anderson, WorldCom's financial auditors that had served as its external auditors since 1989, denied any knowledge of the accounting malpractices resorted to by WorldCom officials. The audit firm maintained that ...had withheld information from them during the audits." --- # UBS (Tom Hayes) * URL for [Reasons for Sentence of Tom Hayes](http://bit.ly/2kvaAB4) * [SFO news (sentence)](http://bit.ly/2kk0DUR) * [SFO news (Confiscation)](http://bit.ly/2kYRgJw) --- # UBS (Tom Hayes) > "Tom Hayes, the first individual to be charged and stand trial in the UK as a result of the SFO's ongoing criminal investigation into the manipulation of LIBOR, has been convicted and sentenced at Southwark Crown Court today. Hayes, aged 35, from Hampshire, a former derivatives trader at UBS and Citigroup, was found guilty by a jury of all 8 counts of conspiracy to defraud. He was sentenced to a total of 14 years in prison." > "Whilst working at UBS and Citigroup, he conspired with numerous other individuals to procure or make submissions of rates into the Yen LIBOR setting process that were false or misleading, thereby intending to prejudice the economic interests of others. Hayes' offences took place between August 2006 and December 2009, when he was an employee of UBS, and December 2009 and September 2010, when he was an employee of Citigroup. The jury heard how Hayes repeatedly asked rival traders and brokers, as well as submitters in his own banks, to move Yen LIBOR submissions up or down to suit his needs, often by offering to reward them for their efforts." --- # UBS (Tom Hayes) > "LIBOR the London Interbank Offered Rate - is the global benchmark interest rate used to set a range of financial deals. It underpins trillions of pounds of investments and contracts both in the UK and around the world. The accuracy of the rate is important to maintaining trust in the financial system." > "Tom Hayes, the first individual to be convicted after trial for the manipulation of LIBOR, has been ordered to pay a confiscation order of £878,806 today at Southwark Crown Court, sitting at the Central Criminal Court and the Rolls Building. ...The total available assets are in the sum of £1,705,167.56." --- # Lehman Brothers * Feng and Fredriksson. A Case Study of the Lehman Brothers Bankruptcy. > "The foundation for Lehman Brothers was laid by the German immigrant Henry Lehman and his brothers in the 1850s. For the first decades the company traded cotton, but in the beginning of the 20th century it started with banking and securities trading, eventually becoming an investment bank." --- # Lehman Brothers > "When the investment bank Lehman Brothers fell on 15 September, 2008, it was the largest bankruptcy ever, and it still is. The bank had assets of $639 billion, which is about as much as the five subsequently largest bankruptcies combined. The size of the bankruptcy could also be described as more than one and a half time the gross domestic product of Sweden in 2009." > "Due to the nature of investment banking there will always be a trade of between risk and potential profit. How prone one is towards risk is essentially a complex strategical decision, where risk contra profit must be carefully balanced to satisfy all the company's stakeholders, both in short and long term" --- # Lehman Brothers > "Before the bankruptcy, Lehman Brothers' risk management department had identified five specific risks inherent in their business. ...In summary, the market, credit, liquidity, operational and reputational risks constituted the total risk in Lehman Brothers business ...if treated with disrespect they could have disastrous consequences and destroying whole companies." --- # Lehman Brothers > " the bubble of cheap loans and skyrocketing real estate prices burst in 2006. When the interest rate started to climb an increasing number obligors started to default which meant a significant loss in revenues and a severe increase in liquidity risk. The investors realized that the securities had more risk than assumed and started to avoid them, while the rating institutes started to downgrade them. This meant that Lehman Brothers was stuck with unsellable assets with constantly falling values." --- # Lehman Brothers > "As many of the investment banks were facing trouble, the credit market uncertainty grew which meant increased loan costs on the whole market, a so called credit crunch. This made their leveraged loans assets difficult to sell. As all of this sums up, Lehman had three business areas, subprime loans, commercial real estate and leveraged loans, with assets they couldn't sell, assets with steadily decreasing market-values." > "In the beginning of 2008 Lehman Brothers made a quarterly loss of over $2.5 billion, mostly concentrated in the mentioned areas .... The fact that Lehman Brothers were losing money combined with their high debts and a balance sheet filled with weak, illiquid assets had disastrous consequences for the banks reputation. Lenders and other interdependent parties successively lost confidence in the bank which lead to increasing capital costs and difficulties in getting short-term funding to maintain liquidity." --- # Lehman Brothers * Wiggins et al. The Lehman Brothers Bankruptcy: Overview. Yale Program on Financial Stability Case Study 2014-3A-V1. October 2014 > "On September 15, 2008, Lehman Brothers Holdings, Inc., the fourth-largest U.S. investment bank, ...initiating the largest bankruptcy proceeding in U.S. history. The demise of the 164-year old firm was a seminal event in the global financial crisis. Under the direction of its long-time Chief Executive Officer Richard Fuld, Lehman had been very successful pursuing a high-leverage, high-risk business model that required it to daily raise billions of dollars to fund its operations. ..." > "...Beginning in 2006, Lehman began to invest aggressively in real estate-related assets and soon had significant exposures to housing and subprime mortgages, just as these markets began to sour. Lehman employed a cadre of accountants and risk professionals to continually monitor its balance sheet, key ratios, and risks. It undertook desperate and some questionable actions to stay alive. Nevertheless, Lehman ultimately failed because of an inability to finance itself." --- # Lehman Brothers * Karikari Amoa-Gyarteng. Pursuing a High Risk Business Model: The Case of Lehman Brothers. Ghana Baptist University College. SSRN: 2717666. > "Lehman Brothers at the height of its operations had 3000 legal entities globally ...This depicts a complex organization that required effective monitoring from a well composed and capable board of directors However, the Lehman Brothers Board of Directors consisted of ten members ...only two out of the entire group had any financial service industry experience. It goes without saying that the board was very ineffective. ..." > "...The Chief Executive Officer is described by former associates as a Wall Street mogul who ruled the firm with an iron fist ...Lehman had very well educated sub managers that were afraid to relate with decision makers ...managers who were skeptical and concerned about the excessive leverage the bank was carrying could not speak out for fear of victimization. ...Lehman Brothers employed several tactics to stay afloat (or to be seen as financially stable) when the firm noticed that its financial situation was going awry. Some were legal, but others, ...were not." --- name: epilogue class: inverse, center, middle # Epilogue --- # Summary * At the end of the presentation, you should understand: + principles in BS ISO 31000:2009 for risk management + principles in BS EN 31010: 2010 for risk management + examples of collapses of businesses