By Richard Smith and “Clive”
Serial capital raiser Deutsche Bank (which tapped the markets first here in 2008 and then, oopsie, we’re still a little bit short of the readies again here in 2014) is telling anyone who’ll listen that it really doesn’t need any more capital. But who knows? Over to Deutsche’s regional head of Group Audit:
Mr Roesch, the regional head of Group Audit, set out, in an email, his “final” reading of the investigation. He referred to a “multi organ failure” which had contributed elements to the risk situation. The key contributors the conclusion of into TPFs without NPA and appropriate infrastructure report and the resulting failure to margin TPFs at all which were booked as proxies as Resurrecting Faders in circumstances where they were not margined until October 10th/13th. Other contributors were late bookings (although that was almost irrelevant in the light of the failure to margin), incorrect mapping of GES into the DBX system (the Ignored Payments error), the Russell Multiplier error and “the back-and-forth” with regards to PIC, GM and PWM.
There’ll be more on the origin of that jargon-laden passage in a moment. The point is: since Capital is a function of Risk, one needs to know one’s exposure to make the correct determination. That can be tricky when you’re suffering ‘multi organ failure’ in your Operational Risk program.
It’s also worth reminding ourselves of the six phases of banks’ rights-issue-related PR, which go something like this:
“We utterly refute the notion that we’ll ever need to raise capital”
“We don’t need to raise capital because of (insert vaguely plausible reason here)”
“We have no immediate plans to raise capital”
“We might consider strengthening our capital position in favourable market conditions”
“We have today announced our intention to raise capital as we believe this can be done on favourable terms”
“We’ll take capital at any price” (no – one ever says this)
Deutsche Bank appear to have reached phase 2 – saying that earnings, or cost cutting, or better trading conditions next year, or a crock of gold at the end of rainbow, will remedy the problem of shrinking capital buffers.
Another oft-deployed method of rescuing a troubled bank is a merger. Mergers are sometimes a sensible option. The theory goes that by merging, the relative strengths offset the relative weaknesses. Keen eyed readers might conjecture that is it just as likely that the weaknesses could get added together and doubled up. This is often an observed outcome. Overall, the number of sensible bank mergers is much, much smaller than the number of bank mergers.
In particular, Deutsche, already a TBTF entity, is just too damn big to merge with anyone else. That game is over.
But it can still demerge, yet another way of quietly raising capital, and that’s just what it’s trying to do, via a flotation of Postbank, a wonderfully dull German retail bank that has more than 10 million customers. DB took majority control of Postbank in 2010, and bought it out completely as recently as 2012.
It turns out that no-one else wants Postbank much. Demergers have their PR phases, but with Postbank, the press is refreshingly downbeat:
Deutsche Bank faces delays in its plan to part company with Postbank, with only a portion of the retail banking business likely to be sold in a share flotation this year…Deutsche Bank’s management have given up hope of being able to deconsolidate Postbank this year…Deutsche Bank would now prefer to sell Postbank to a competitor because this might fetch a higher price than a sale of shares.
So just maybe that next rights issue is a bit further up the agenda than DB want us to believe, after all.
Now, when it comes to banks, prospective investors concentrate on asset quality. Due diligence (in the case of a merger or disposal) or the prospectus (in the case of a rights issue or other public capital raising) will give all sorts of data about loan performance, provisions, sectors, capital structure and so on. But where do the data come from?
Given the scale and complexity of a Too Big to Fail entity like Deutsche Bank, it is fanciful to think that that the CEO, the CFO or the bank’s auditors can grasp what is really under the hood. In providing data for due diligence or a prospectus, the bank’s systems will be used to extract and consolidate these financials, and document the risks and assumptions which go with them.
This is where it gets a bit sticky for Deutsche Bank. Banks try their upmost to keep a lid on how badly messed up they might be in terms of IT systems, operational processes and effective management of the products and services they provide. But occasionally, we get a chance to lift the lid.
One such opportunity came as a result of litigation in 2013. The plaintiff (known as the “claimant” in the English court system) was Deutsche Bank AG. The defendant was a company-of-convenience called “Sebastian Holdings Inc.” The court described the defendant (we’ll abbreviate them to “SHI”) as “a special purpose vehicle, incorporated in the Turks and Caicos Islands, which has at all material times been owned and controlled by Mr Alexander Vik, who is its sole director and a man of considerable means, (a multi-billionaire) with recognised business acumen and money-making skills.”
One reason that banks hate having to show up in court is that the court may extract, via discovery, full disclosure of just how bad the bank’s IT systems and operational controls really are. This is exactly what came out in Deutsche Bank AG vs. Sebastian Holdings Inc. (“SHI”), presumably at Mr Vik’s instigation. Given the sums at stake, Deutsche evidently decided that the embarrassment was worth it. Although Deutsche can’t have enjoyed it, the result is black comedy for onlookers, and a sharp lesson about managing a global investment bank.
The claimant was listed as “Deutsche Bank AG” ; two entities of Deutsche Bank were involved in the back story, Deutsche Bank Switzerland (DBS) and Deutsche Bank AG (DBAG, great acronym), along with the rather amorphous DB Prime Brokerage business unit, whose foreign exchange trading part is described in section 121 of the court’s judgement as:
a low-profit margin operationally-focused business where revenues are generated by the bank charging transaction fees for trades done with other executing brokers.
That sounds quite dull (all back-to-back trades, collateral under Deutsche’s control, no principal risk), but the way Deutsche Bank did it, it was anything but dull; positively hair-raising, in fact. It all went rather splendidly wrong in 2008, when Vik, who thought he’d been running with a trading limit of US$35 million, suddenly got a margin call for US$500 million+.
It looks as if Deutsche Bank only discovered roughly what they’d been really doing when they got a chunky margin call from another foreign exchange broker. Had Deutsche Bank calculated the margin correctly, months earlier, then Vik might have had a chance to cut his position before it got so enormous. As it was, it just blew up in his face one day. He did make profits in prior years, so the net cost to him from the whole Deutsche Bank adventure was only about US$100 million or so, in the end, plus legal costs.
Deutsche Bank had to ‘fess up (they were giving testimony under oath) that they were completely ill-equipped to handle the needs of a sophisticated investor such as Vik. As the judge said in the judgement:
DBAG now admits a number of failings on its part in the course of handling SHI’s trades. First, in circumstances which I shall describe more fully later, it accepted, when it had a discretion whether to accept or reject them, particular types of trades under the FXPBA,
…Naked Capitalism here: this is the foreign exchange private brokerage arrangement – the service which Deutsche Bank provided to Vik…
Exotic Derivative Transactions (EDTs)and Other Complex Transactions (OCTs) which, by reason of their terms, could not be booked, valued or margined on its GEM (Deutsche Bank’s forex markets Trading website which Vik used to initiate trades) and ARCS VaR (used to calculate Deutsche Bank’s Value at Risk) computer systems at the time. When the market moved against SHI in the course of 2008, and in particular in the autumn of that year, on its case DBAG became entitled to call for margin in substantial sums. It did not do so until it became apparent to it, as a result of another bank, Morgan Stanley (MS), seeking collateral in respect of Mr Said’s trades with it (using DBAG’s name and credit under the FXPBA) and from 2 direct trades that Mr Said had concluded with DBAG, that there was a deficiency in margin put up by SHI, which then led to the margin calls under the FXPBA to which I have already referred. These were made between October 13th and October 17th 2008 and were paid between 14 and 22 October 2008, without protest.
Furthermore, in the course of reporting the situation to SHI and making these margin calls, DBAG discovered two other major computational errors on the GPF account under the DBX system (the Russell Multiplier Error and the Ignored Payments Error) which reflected other deficiencies in that computer set-up. Although the latter would have impacted on earlier trading in amounts not calculated by the experts, on discovery on 16 October and 22 October 2008 respectively the errors were corrected. The effect of the errors was that assets in the Cash and Securities Accounts on the GPF platform had been overstated by US$115m and US$315m respectively. It is in these circumstances that a deficit emerged on the GPF account which led to a disputed margin call on that account on 22 October 2008. DBAG was less than straightforward about its margining and computational difficulties.”
In short, Deutsche Bank had enormous difficulty in recording trades which Vik submitted through their systems, and knock-on difficulties in calculating their own exposure as a result of executing the trades which Vik submitted.
It got worse, because as a direct result, Deutsche Bank could not quantify its own exposure. As Vik’s positions went more and more underwater, Deutsche Bank was simply incapable of making timely and accurate margin calls:
It has been accepted by DBAG since February 2012, but not before, that it did not accurately record the details of the EDTs and OCTs and that it did not accurately value them on a mark to market basis nor require collateral in respect of them at any stage prior to the margin calls in October 2008. The computer system operated by DBAG and its Prime Brokerage (PB) desk was not capable of recording transactions of such complexity nor of producing valuations on a MTM basis nor of calculating margin requirements by reference to exposure (MTM) or what is known as VaR (value at risk), which is intended to reflect the loss involved in the liquidation of the assets in question. SHI says that, in consequence of this inability to record and report on the exposure and margin generated by Mr Said’s trading, whether or not there was an agreed limit on Mr Said’s authority to US$35 million worth of exposure or an agreement to limit SHI’s liability to that figure, the effect of DBAG’s failures was that SHI was ignorant of the true figures (in the persons of both Mr Said and Mr Vik) and was unable to appreciate the risks being run on the EDTs. Had there been any appreciation that the exposure and margin requirement exceeded US$35 million, and in particular to the extent that it did, steps would have been taken to close out those transactions and reduce the exposure to manageable levels. Although the forensic accountancy experts instructed by the parties differ on matters of detail, both agree that by April 2008 the collateral requirement of Mr Said’s trading, if properly calculated in accordance with DBAG’s maximum entitlement would have been of the order of US$90 million and, after dropping below the US$35 million limit in May and June 2008, from July onwards fluctuated between US$50-100 million until September and October when it leapt, with some fits and starts, to US$400 million and, at its peak at the time of the margin calls, to US$800-$900 million.
That’s an impressive outcome on a $35Mn trading limit.
How did it happen? It appears that Deutsche Bank couldn’t bring themselves to admit, to their high rolling billionaire client, Mr Vik, that they couldn’t actually book and process the exotic options trades that he wanted to do. So they kind of ploughed on anyway with their fingers crossed and some IT bodges, and a teeny tiny Ops guy trying to make it all happen while the higher ups studiously ignored his occasional bleats.
This is just the sort of thing that happens when a trading operation is totally dominated by its bonus-driven Front Office, and lo, via email, Naked Capitalism has a strong opinion, from Someone who Was There at The Time, on just when the rot set in:
The discovery document tells a simple story of consequences. Deutsche management voluntarily ceded Risk control to its Front Office more than a decade ago, and this is the result.
Pre 2000, the New Product Review process was a corporate center function, NPA. Nothing new was transacted until it was vetted by all affected parties in the firm (ops , legal, IT risk, Front Office, accounting, compliance).
Up to 2000, NPA rejected most of the ‘new products’ proposed, due to operational limitations.
But this is what happened next:
In 2000 the firm transferred the NPA process to the businesses .
Transferring this basic Operational Risk function to the business was the death knell.
Here’s why new product vetting matters. “Vanilla” products (such as, say, US Treasuries or currency pairs) are already available for trading and have been for decades, sometimes centuries. Their method of trading, the legal implications, the risks of both the banks’ and their customers’ positions, the systems and operational processes needed to support them and how they can be accounted for are reasonably well understood. Note that the risks are “understood” – just because a bank understands a risk does not mean that it has gone away.
But with a new product, none of that exists. There’s inevitably going to be a period of trial-and-error while the banks and their customers figure out (often through attendance at the School of Hard Knocks) how a product can be managed and with what risks being incurred. Most of all, the systems to process them need to be understood, and then built. There’s a lead time, usually long.
Deutsche Bank’s profit centre managers couldn’t be bothered with any of this boring homework. Their incentive structures – bonuses – were dependent on client fee income from the likes of Alexander Vik. If they said “no” to a request from Vik to trade in a product, they lost the opportunity to earn a fee, and they might lose Vik’s business altogether.
As our insider rightly says, this is a structural problem. Fee income had a higher priority in Deutsche Bank than risk management. Unless Deutsche Bank stops the cultural rot, this won’t be the last time it finds itself in this sort of difficulty.
Something else needs fixing too: the rot has already left a hideous legacy in Deutsche’s systems. Once of the juiciest pieces entered into evidence in the Vik case was the internal Audit Report which laid bare just what a pile of awfulness Deutsche Bank’s back-end systems now are, even according to their own internal assessment, which furnished our opening quote. Audit reports usually come with added whitewash. Goodness knows, then, what the plain truth would look like.
The judgment has the ‘highlights’ of the Audit Report. We don’t think it matters much what these firm-internal acronyms mean; you will get the idea:
Mr Eggenschwiler, the Global Head of CRM PWM commented that the suggestion that margin levels were insufficient to collateralise the exposures told less than half the story because the reality was that the FXPB process and systems did not and could not reflect the true position or exposure. As their systems could not handle the TPFs, it did not matter how diligent CRM was or how much collateral they might have had because the margin requirement was unknown as a result of the absence of proper booking. He made much the same point in relation to stress testing, commenting, as indeed was the fact, that what was booked on GEM had very probably been stress tested but the TPFs were not correctly reflected in GEM or were completely absent which meant that they would not be subject to such tests. If trades were not booked properly onto the systems, everything was affected downstream so far as CRM was concerned. These appear very fair points to make.
To summarise: garbage in, garbage out, in Deutsche Bank, as elsewhere.
Deutsche Bank won the Vik case, and are now trying to get their money back. They were successful in advancing the argument that if you gamble, you can expect to lose, and the house you gamble in can’t be expected to pay your losses, even in an ineptly-run casino, where, every so often, the roulette wheel leaps from its bearings, mows down a high-roller, and clobbers the croupier.
Naturally, the badly burned Alexander Vik is now doing a very passable impression of a turnip from which it will be mighty tricky to extract blood:
Deutsche Bank AG told a London court that Norwegian entrepreneur Alexander Vik had lied, hidden assets and transferred his trading company to a friend to escape a $250 million debt stemming from his failed lawsuit against the German lender.
It is, we suppose, comforting to know that billionaires can also plead poverty.
Under new management, Deutsche Bank recently promised to “rip out its IT”. Can we cheerfully conclude, then, that once the proposed mega-IT implementation and migration project has been completed, all will be well? Nope: call us a bunch of naysaying Cassandras if you will, but anyone who has been in the bank IT game for any length of time knows that the delivery record of such major programmes is, to put it as nicely as we can, rather variable, or more bluntly, apocalyptically dreadful.
In the Vik case, Deutsche ended up looking like a bunch of no-hopers with junk systems and spineless shirking management. They don’t necessarily stand out from their peers in that respect; there’s yet more good cheer in that last link:
Peter Roe, analyst at TechMarketView, noted the bank has a better IT track record than most. “Historically Deutsche Bank had one of the more centralised approaches to IT, suggesting that other banks are in an even worse mess,” he said.
“More centralized” is relative. The FT, back in October 2015, spelt out what it means in Deutsche’s case, with more indications that the Front Office has been running riot for a long time.
In discussions with colleagues, [Cryan] has expressed alarm about the “Horlicks”, or total mess, the bank has made of its technology by allowing individual teams and traders to operate on their own incompatible platforms.
By operating a deliberate strategy of pitting teams against each other, in an attempt to spur them on, the bank has found itself riddled with different systems — all of which must be reconciled, often by hand, before trades can be processed and recorded.
Even DB insiders say nasty things (FT again):
Kim Hammonds, who Deutsche hired from Boeing two years ago as its chief information officer, has told colleagues that its IT systems operate by trial and error — an approach akin to her former employer sending aircraft into the sky, watching them crash, and then trying to learn from the mistakes.
The “learn from the mistakes” bit may not be going too well; also from the October 2015 FT, another recent boob that looks very like another Prime Brokerage-style coup:
The German bank’s IT systems were called into question again last week when the Financial Times revealed that its London foreign exchange desk paid $6bn to a US hedge fund by mistake and only recovered it the next day.
Fat fingers, if that is what this was, are a pretty well-known problem. Whatever: seven years after the Vik incident, it appears that Deutsche is still screwing up in Prime Brokerage in much the same way. Clearly, though, it’s not just the Prime Brokerage department that has a problem:
Deutsche now has, for example, more than 100 different booking systems for trades in London alone, and has no common client identifiers. It has even been unable to retrieve some of the data requested by regulators — which contributed to its failure in this year’s US bank stress tests.
The next time you read about how the Federal Reserve, the ECB or whoever has done stress testing of the big banks, and the banks have “passed”, you might want to consider the validity of those sorts of stress test exercises in the context of the above remark, and our little glimpse of Deutsche, with its “better IT track record”.
We’ll now turn our attention to other potential stakeholders who really should be concerned; first of all, potential investors in any possible Deutsche Bank capital-raising. Being charitable, we could say that, if these are transactions entered into on a commercial basis, then the rule of “buyer beware” applies and it’s all just business.
We do hope, though, that regulators insist that the prospectus for any public capital raising spells out fully the IT risks which Deutsche Bank has. In the light of the judgement which the English High Court handed down concerning Deutsche Bank, it would probably be more accurate to describe these as “IT problems” rather than “IT risks”.
As for the Deutsche Bank managers who purport to manage the bank and allocate bonuses, the Deutsche Bank “risk managers”, the auditors who audit it, and the regulators who regulate it, all on the basis of the pitifully incomplete and unreliable business data that comes from Deutsche Bank’s shambolic systems: they’ve clearly all got their fingers crossed. Sarbox enforcers are, as usual, AWOL.
Potential investors in a capital raising should take all that into account too.
One other group ought to take an interest in this story too: if taxpayers ever end up on the hook for Deutsche Bank, they might want to ask their government why they didn’t do more to make sure that the hook which they got skewered on was allowed to become quite so sharp and painful. Mr Vik already knows how that feels.
Lastly, remember the suggestion of Peter Roe, analyst at TechMarketView:
…other banks are in an even worse mess.
More astonishingly awful risk mismanagement from Deutsche Bank was covered at Naked Capitalism here and here ($12Bn worth of a mismarked leveraged super senior trade: CDOs, another new product, natch, this time in Deutsche Bank’s giant derivatives book, second only in size to JP Morgan’s).
The recent FT story, accessible by Googling “Deutsche Bank to rip out IT systems blamed for problems”, is illuminating, particularly the incredulous comments by people who can’t believe it’s that bad, and the insiders who coolly affirm that it’s easily that bad, and worse.