Monday August 6, 2012
Sarbanes Oxley Section 404 requires an evaluation of internal control risk. Internal controls are systems which should be in place to ensure that all functions are operating which would preclude unintentional acts form occurring. While this includes barriers to fraud, it also suggests that this is done to ensure that out of control risk takers are not emboldened to rig the system.
To wit
- identifying significant financial reporting elements (accounts or disclosures)
- identifying material financial statement risks within these accounts or disclosures
- determining which entity-level controls would address these risks with sufficient precision
- determining which transaction-level controls would address these risks in the absence of precise entity-level controls
- determining the nature, extent, and timing of evidence gathered to complete the assessment of in-scope controls
Now read SEC Nixed Knight's KGC Plea for a Do Over on the front page of today's WSJ.
A software glitch unleashed a wave of erratic trades on Wednesday leaving Knight holding at least $4.5 of securities it had not planned to buy. The SEC nixed cancelling the trades and once the securities were unloaded, Knight had lost $440 M real cash money.
The rules have evolved since firms were allowed post flash crash May 2010 to say, King's Ex, didn't mean that, and got out of the trades, to the chagrin of the counter-parties who thought they had a trade.
All this of course speaks to the integrity of the markets and whether one can believe or rely on them. And so the SEC said no. Clearly the intent has been to force firms to take Step 4 above, seriously. Clearly KGC put a new system in place without proper testing.
Now a bit of history to show how far we have come.
A commission investigating the 1929 stock market crash concluded that trades should not be accepted by telephone order. People could trade too quickly and emotionally. Rather they should come to the brokerage office in person. Back then telephone trading and Edison's stock ticker had created a brave new world of what would eventually become electronic trading. Note the human voice and the the stock prices had been electronically translated over wires to the exchange.
By the 1970s. even with ten million share days, the Exchange was overwhelmed. Trading hours as I recall on Tuesday and Thursday were shortened to decrease the volume so to ease the back office crunch. At the end of any trading day, brokers are required to report DKs, which stand for Don't Know teh other side of the trade. There were a lot of those. This is why Ross Perot's EDS firm was hired at F I duPont and how Perot was called on to head the firm.
Perot lasted about 18 months, eventually taking Walston and Company down with it. The offices were finally sold piecemeal and accounts transferred to the buyers. I had moved to Paine Weber shortly before the collaspe. But, and this is the important part, I was unable to get my accounts transferred to my new firm. Gridlock ensued.
The same genius cabal that DKes trades in 1972 participated in 'program trading and portfolio insurance. This was cited as a cause of the 1987 crash. Are we seeing a pattern here?
Now just to validate a bit of my qualifications to comment I have held licenses as both an NASD Securities Principal and Registered Options Principal. These are required to head a securities office or as it was known an Office of Supervisory Jurisdiction. Back in the paper trading days when I took the exam, the Principal in the office was supposed to examine and sign off on all the tickets traded in the office each day. The idea was to insure that a third party was assuring that these trades reflected the risk tolerance of the client.
Now, do you supposed Knight's Thomas Joyce was able to sit at his desk and examine $4.5 B of trades apparently made in a matter of minutes as his HAL computer spits out trades, with no human interaction whatsoever? Of course not.
Interestingly science fiction movies saw this coming.
In 1983's War Games the WOPR War Operation Plan Response computers take the human factor out of the equation, the war equation that is, with near disastrous results.
In 1968's - 2001 A Space Odyssey the HAL computer locks astronauts out of their ship when it lip reads their intention to shut HAL down.
Well, this is all rather ridiculous and we have had several real and science fiction versions as a preview of what is finally liable to happen. Come to think of it, in one of the last Tom Clancy Jack Ryan novels, the firm that distributes dividends, is hacked and the result is to reverse the trade.
Will the rest of the street learn from Kinght's misfortune? KGC was too small to be saved or small enough to fail. After Lehman, Bear, and Merrill Knight still did not get it. As I mentioned in a post this weekend, is your money safe?
The only thing that kept this from being a full blow crisis is that mood shifted to positive and the markets, as I mentioned are overlooking the lack of oversight and internal control. Where was the 404 IC report by KGC outside auditor? Will that auditor be taken to task? Okay, the last audit did not cover this new system but IC controls should have required extensive system testing.
Ah well, the Panic of 1837, 1907, 1929, 1973-4 (slow motion panic), 1987, 2002, 2008, flash panic of 2010,
And dating back at least 3,000 years
Ecclesiastes 1:9
New International Version (NIV)
9 What has been will be again,
what has been done will be done again;
there is nothing new under the sun.