A New York Times profile of Ina Drew, the former head of the JP Morgan Chief Investment Office, almost certainly produced high fives in the bank’s corporate communications office. This piece is the best sort of PR you can get: it treats the trading losses as yesterday’s news, of interest only as point of entre into the downfall of a heretofore unknown but once hugely successful and personally appealing trading manager.
This feminized Horatio-Alger-gone-sour tale conveniently diverts attention away from more important, and still insufficiently recognized management failures at JP Morgan. The title, “The Woman Who Took the Fall for JPMorgan Chase,” tells readers that Drew was a victim, and lets one hope that it will deliver some answers as to who should be held accountable. But instead, this report is a heavy-on-personalities, light-on-technicalities account in the Sunday Magazine section, which means it will be more widely read than a typical business section story. And while author Susan Dominus paints a sympathetic picture of Drew, she also airbrushes the nature and severity of the events that ended her career. One encouraging sign is that a quick skim of comments shows that the majority don’t buy what Dominus is selling. They have little patience with fact that no one has been prosecuted, that Drew still is rich even after losing the bank billions, and that Jamie Dimon has gotten off scot free.
Felix Salmon tries to parse what sort of point of view the article is presenting about Drew’s fall, whether it’s that she was a good old fashioned interest rates trader who was out of her depth as trading strategies became more derivatives-driven, or whether she botched the set-up of the London unit, that the combination of distance and the aggressiveness of some of the people she hired made it difficult to control. He argues a third point of view:
Bank clients, borrowers: they had position limits. But Ina Drew never did: she would happily accept all the money Dimon funneled her way. In a weird way, she wasn’t just Dimon’s employee, she was also his counterparty: she was the person with whom he would entrust JP Morgan’s balance sheet when he had nothing better to do with it.
Um, that’s what a bank Treasury does. He’s close to, but doesn’t nail the point. Big banks, and most large corporations, operate their treasury departments as profit centers. They are the other side of all the customer and counterparty flows and exposures. And that puts them in the position of managing risk.
And on top of that, the article casts doubt on who really was in charge. Contra Felix, what emerges is that Drew clearly had no control over the London operation where the large derivative bets were placed. Achilles Macris, the head of the London unit, insisted he reported to Dimon (note that while the bank confirmed that Drew was Macris’ boss, it’s plausible that he discussed his positions with Dimon and felt he had de facto approval from him). This part may simply be imprecise drafting, or unintentionally revealing:
Back in 2007, the bank [Dimon? or Drew?] asked the London office to execute a credit derivative hedge that would protect the bank in the event of a major crisis.
So the problem with Drew and the CIO wasn’t its role as Dimon’s/JPM’s de facto counterparty, it was two other issues. First, the CIO was set up to take more risks than similar units in other banks, and second, it had glaring deficiencies in its controls.
On the first issue, JP Morgan’s risk-seeking, a Bloomberg story reported that JP Morgan held markedly less in Treasuries and made much greater use of high risk derivatives than other bank CIOs. And that’s because the Morgan bank was exploiting the special accounting treatment of the liquidity buffers held in these units. As we wrote earlier:
Because this book is supposedly a liquidity buffer, and not a profit-making vehicle, banks get to treat these investments as “available for sale,” which means they can trade in and out of them (like a trading book) but account for them on a “hold to maturity basis” which means they don’t have to recognize gains or losses until they actually sell them. This is the perfect place to house an income smoothing operation, provided you can generate hidden gains that you then take when needed by selling the positions. It appears that the CIO had enough in the way of gains to allow for it to cover the CIO’s losses now, and Dimon decided to raid this piggy bank to allow him to close out that position and try to put the CIO mess behind him.
In addition, this article, like most press accounts, faithfully reports the JP Morgan claim that a recently-installed version of VaR was a culprit, in that it understated the risk the unit was taking. Former trading floor risk management personnel have suggested that this understatement of risk was likely a feature, not a bug,. The new VaR model no doubt was intended to show lower risk levels and convince regulators that JP Morgan was operating prudently when it was in fact piling on more risk. The problem is the traders didn’t yet understand how to operate this new souped up car and promptly smashed it into a wall.
Second, and more important, the CIO’s risk controls were grossly deficient. The article reports, as if it was perfectly normal, that Ina Drew hired her own risk manager, who also happened to be the brother-in-law of the chief risk officer for the bank. Many commentators have focused on the personal relationship (did Drew hire a relative so as to get better treatment from the corporate CRO?) and completely missed the far more basic operational failures. Risk management is a control function; having risk officers hired by and reporting to line managers makes it explicit that it is even more of a joke than it is at most banks. And this practice is consistent with other, stunning shortcomings
As former bank compliance officer and Occupy the SEC member Michael Crimmins wrote:
JPM was forced to disclose that it relied on its traders to provide honest and accurate valuations for its financial statement disclosures. That’s like putting the foxes in charge of not just the henhouse, but the entire farm. Much to its chagrin that was a costly choice….
That Stone Age policy has been extinct for a generation at every financial institution that signs a SOX internal controls certification. Oops, I’m wrong there. AIG relied on their trader marks too, but their external auditors finally had had enough and forced them to disclose ‘material weaknesses’ in internal controls. The stock dropped like a stone with that revelation.
Every firm that I’ve worked at has an independent valuation unit that resides outside the business unit. In JP Morgan’s case it seems that unit reported to the business, which is a serious deviation from good practice. (There is a remarkable new story up at Bloomberg which has former JP Morgan executives acting as if there was nothing amiss about having traders mark their own positions or having the valuation unit for the CIO sit within the CIO. This is in fact a troubling sign about the acceptance at senior level in JP Morgan of deficient controls as “normal”). History has shown that staffers preparing the valuation will be subject to pressure from the unit leaders, particularly if the business has losses that the producers hope can be reversed. Additionally, most major trading operations have a valuation committee that includes the corporate CFO to challenge (and memorialize the analysis of) the valuations and the valuation process. The activity of this committee is generally reviewed by (and in many cases attended by) the external auditors, especially since the beginning of the crisis.
It appears that JPM is attempting to make the case that rogue traders, with criminal intent, mismarked the books. That may be so and relevant criminal charges against those traders should be persued. But that strategy does not protect management. If there was mismarking, especially to the extent that occurred here, it is the responsibility of management to know or have procedures in place to alert them to the potential for fraud. Step one in that control process: Don’t let your traders mark their own books. If you do you have no excuse. Your controls are worthless and as CEO, you are responsible for ignoring that fundamental control gap. Full stop.
And the article makes clear that some executives had an inkling of the control deficiencies, but their alerts were ignored:
A former executive said he warned Dimon for years that the quality of risk control in the chief investment office was not transparent enough, compared with that in the investment bank; Drew brushed him off, and Dimon told him, he says, essentially, to “mind my own business.” “Honestly, I don’t care what second-guessers say in life,” Dimon told me when asked about the warnings. “If anyone in the company knew, they should have said something. No one came to us beforehand and said we have a problem we should be looking at.”
The story of Drew’s downfall is actually pretty simple. She developed a serious case of Lyme disease and was absent for nearly a year. It is almost impossible in a short-term focused business like trading for someone to resume their old position, even at a junior level, after such a long time away. In addition, Lyme often causes cognitive impairment, slow or muddied thinking. It usually takes a long time to recover, and it’s likely that Drew was not fully recovered when she came back to work.
But the frustrating part is the way the article, at the top, blows off the CIO losses as a non-event:
The $6 billion blunder has turned out to be no more than a minor ding on JPMorgan Chase’s mighty balance sheet. The company’s stock has rebounded strongly, and the financial world has moved on to other obsessions.
The remarkable part of this story is what Dimon has gotten away with. Again from Crimmins in a July post:
The first stunner, that JP Morgan was restating the first quarter financials, should have caused a deafening ringing of alarm bells. For a company of JP Morgan’s stature to be compelled to restate prior period financials is a very clear signal of bigger problems with their overall financial reporting…
Which leads to the second underreported stunner.
It is a very big deal when a firm is compelled to disclose a material weakness in internal controls. That’s the worst level of internal control failure a going conern can report. In JP Morgan’s case its more damning since Dimon, as recently as May 10, 2012, certified that all was well with internal controls as of the end of 1Q2012.
That assessment means that it is impossible for the firm’s external auditor to sign off on the financial statements until and unless the control breakdowns are remediated sufficiently for the auditor to provide assurance. The description of the control weaknesses at JP Morgan appear to be design flaws, so it’s likely the weaknesses existed in periods earlier than the first quarter of 2012, when it was ‘discovered’. The fact that the unit with the weaknesses by all accounts was under the direct control of the CEO throws doubt on the validity of his prior certifications about the quality of the internal controls. The external auditors will be under extreme pressure to either support or refute the earlier certifications. Falsifying the certification is the worst Sarbanes Oxley violation there is, so Dimon is going to have to come up with an airtight rebuttal.
JP Morgan has apparently reassured the market that it will take the appropriate steps to mediate the control gaps, but they do not speak for the external auditors. They may not be as sanguine as the market that JP Morgan’s proposed remediations will be sufficient, and the fixes won’t resolve pre-existing conditions. The very real possibility that JP Morgan will not be able to produce adequately certified financial statements in the future should focus JP Morgan’s Board on the adequacy of the remediations and Jamie Dimon’s continuing role as CEO.
But a fawning press and liberal spending on lobbying seems to have insulated Dimon from the sort of consequences that other seemingly all powerful CEOs like Hank Greenberg eventually faced. The tenor of comments at the New York Times is that the American public would like to see that happen sooner rather than later.