Newsletter Old site

Newsletter Jan 2004

News update 2004-01: January 2004

A monthly newsletter on risk management in financial services,
operational risk and user-developed software from Louise Pryor

Comments and feedback to Please tell me if
you don’t want to be quoted.

Subscribe by sending an email to
Unsubscribe by sending an email to
Newsletter archived at

In this issue:
1. NABbed?
2. Random problems in Excel 2003
3. FSA update
4. Worms and more
5. Newsletter information

1. NABbed?

Those rogue traders have been at it again. The National Bank of
Australia has discovered that four of them had managed to conceal
unauthorised trades over a period of three months. The latest
estimate of the losses is A$360m. The rogue traders had been using
currency options to bet that Australian and NZ dollars would fall
against US dollars. When this failed to happen, they apparently
tried (and for some time succeeded) to slip extra trades past
management in order to cover their losses.

The problem was discovered by a whistle blowing colleague, rather
than by the bank’s systems. The general manager of group corporate
affairs said “The systems were in place to detect trades that had
gone wrong on all the trades that were properly reported. But in
this instance, the trades were unauthorised and not properly
recorded and that’s why they weren’t picked up in the first
instance by the systems.”

Meanwhile, one of the traders concerned has claimed that in fact
the bank had authorised a breach of risk limits.

Some obvious points and a few questions:

– Fraudsters, as well as the merely incompetent, will always report
their trades (or other transactions) correctly. Yeah, right. A
system that only detects problems with properly reported trades
is not going to catch all the problems.

– It’s not necessarily a failure that the problem was detected by a
whistle blower. At least it *was* detected, rather than running
for a longer period.

– Is the reward structure wrong? It’s all very well paying for
profits, but most traders are going to get it wrong sometimes.
The carrot and stick have to be in balance and allow for the
realities of life.

– We don’t actually hear of that many rogue traders. Is this
because they are few and far between, or because they are seldom

– It should be impossible for there to be any doubt about whether
the trades were in fact authorised.

– The more complex the operation, the higher the operational
risk. Some derivatives (the problem trades were currency options)
are very complex and are correspondingly more difficult to

The complexity issue is important. Take Parmalat; admittedly the
owners and management committed the fraud, rather than having it
committed against them, but the principle remains. Where are the
complex areas in your business? Reinsurance, perhaps, or project
financing. Would it be possible for a determined person to pull the
wool over your eyes in those areas?
FT coverage at
(I like the FT site but their URLs are just ridiculous!)

2. Random problems in Excel 2003

Last month I mentioned that the RAND function doesn’t work in Excel
2003. It’s meant to return a random number between 0 and 1, but in
fact it sometimes returns negative numbers.

Microsoft have now released a hotfix (their term, not mine) that
they claim fixes the problem. They also claim that it fixes several
other problems, a number of which they had not previously
mentioned. Some of these problems cause Excel to quit unexpectedly;
at least it’s obvious to the user when this happens (although you
may lose your work). Others are more subtle.

– Sometimes the cells in a range are not actually updated when the
range is recalculated.

– When you use a VBA macro to calculate your worksheet, a custom
function from a different worksheet may appear to run.

– When you create multilevel subtotals for your data in an Excel
2003 worksheet, the totals may appear staggered incorrectly, and
may exclude grand totals for some functions.

There is no indication these cases that anything is awry. If you
use Excel 2003, your spreadsheets may not show the correct

The hotfix is not downloadable. You have to contact Microsoft and
convince them that you need it. Also, the installation process
includes editing the registry by hand.

We are expecting the first proper patch to Office 2003 in late June
2003. Meanwhile, Excel 2003 has bugs and is still being touted as
having an improved random number generator.;en-us;833618

3. FSA update

There’s been a change in the numbering system for consultation
papers and policy statements. The numbers now include the year, and
policy statements get their own numbers (so the feedback to CP193
is PS04/2, rather than PS193).

The FSA have released the Financial Risk Outlook 2004 at It provides a
good indication of what the FSA think their priorities will be over
the next year (though obviously things might change during the
year; “Events, dear boy, events” as Macmillan so eloquently put
it). The short to medium term risks that are singled out are:

– Financial decisions are being taken by consumers on the basis of
inadequate understanding

– Corporate sector credit risks for firms have moderated, but UK
household sector credit quality could deteriorate

– The life insurance industry faces continued challenges

– Firms will have to deal with a wave of legal, accounting and
regulatory reforms

– The terrorist threat remains high

– The impact of financial crime may still be under-estimated

In the longer term, the FSA mentions the following issues:

– Consumers are having to take ever greater responsibility for
planning their financial affairs

– Consumers have responded to low interest rates by borrowing more

– Demographic change is likely to add to the pressures on both
public and private finances

– The influence of the European Union on the financial sector is
steadily growing

New consultation and discussion papers out this month:

CP208 Consultation on funding the Financial Ombudsman Service
CP209 Financial Services Compensation Scheme management expenses
levy limit and other funding issues
CP04/1 Miscellaneous amendments to the Handbook (No. 12)
CP04/2 Fees and fees policy 2004/05

DP25 Development of transaction monitoring systems
DP26 Developing our policy on fraud and dishonesty

Feedback published this month:

CP133 Access to criminal records
CP183 Standardising past performance
CP187 Insurance selling and administration & other miscellaneous
CP191 The prohibition of insurance against financial penalties
imposed by the FSA
CP192 Further consultation on fees for mortgage firms and insurance
CP193 Professional Indemnity Insurance for personal investment

Current consultations, with dates by which responses should be
received by the FSA, are listed at

4. Worms and more

So there’s another worm on the rampage. I know this because (a) all
the techie newsletters I get have told me (b) my virus software has
found half a dozen copies of it in email and (c) I am getting a lot
of bounce messages. Either this worm or another one or just an
ordinary s p a m m e r is spoofing the from addresses so that
emails appear to come from a domain that I own. So sends an automatic message to to say the the message that was
sent to couldn’t be delivered because there
is no such person. In July last year the proportion of total email
that was spam passed the 50% mark and we are now up to about 58%
(see And this is without
counting all the extra mail generated by bounce messages. I’m not
sure it includes worm related traffic, either.

On a more cheerful note (at least *I* think it’s more cheerful),
version 1.10 of XLSior is now available (
Just in case it escaped your notice, XLSior is an Excel add in that
supports best practice in spreadsheet development – and saves you
time. Let me know if you’d like further information or a

5. Newsletter information

This newsletter is issued approximately monthly by Louise Pryor
( Copyright (c) Louise Pryor 2004. All
rights reserved. You may distribute it in whole or in part as long
as this notice is included. To subscribe, email To unsubscribe, email All comments, feedback and other
queries to Archives at