Booking a false trade is as easy as typing in a false address on an online credit card application. In both cases, the bank should catch the falsified information almost immediately.
Within minutes of a trade being entered into a bank's risk management system, back office procedures check for confirmation from the counterparty or broker. If there is no confirmation forthcoming by the end of the trading day, an alert or red flag would be raised and the issue elevated in importance. Even in the smallest trading firm, someone notices when a trade is not confirmed.
To get away with hiding false trades for more than a day or two means that either: a) the back office (people and systems) did not perform adequately; b) there were false confirmations coming from outside the bank or; c) the trader still had access to middle and back office systems.
Either way, there was an extreme breach of the bank's risk management systems. Real-time transaction monitoring and surveillance technology would alert risk authorities to unauthorized or unusual access to trading and post-trading systems, and could limit position breaches by flagging if trade confirmations have not been received.
In many rogue-trading cases (Soc Gen, Barings) the trader had a history of making very good profits, so that the banks' risk managers turned a blind eye when the tide turned against him or her. This kind of moral hazard overrides even the best technology, as the alerts and red flags are ignored.
It remains to be seen whether this was the case at UBS.
Richard Bentley is industry vice president, banking & capital markets at Progress Software.