08 September 2008

A Perfect Storm: OPS Risk & The Asian Factor...

The forensic professionals have been busy at Freddie Mac and Fannie Mae over the past six months, and we are only looking at the tip of the ice berg. The results are in and Uncle Sam (US) is now adopting them in order to try and achieve new corporate governance and operational risk management objectives. The "Asian Factor" is a major influence in this decision.

The historic announcement has been well received by some of the institutions and Asian countries that were heavily invested in the US mortgage backed securities market. In Hong Kong, HSBC soared 4.5 percent and No.1 China lender ICBC rose 4.7 percent in trading.

Asian stock markets soared Monday after Washington announced a bailout of mortgage giants Fannie Mae and Freddie Mac — a move that could help bolster a shaky U.S. housing market and renew global investor confidence.

The initial relief will give some the feeling that the worst is over and that is not the case. The Operational Risks associated with these events have now increased exponentially as new people take over and existing people jump off the sinking ship. Just the attrition in manpower will create new threats from within these organizations in the form of just errors and omissions alone.

And now let the litigation begin:

A shareholder is suing five banks, claiming they did not warn her or other investors about a proposed accounting-rule change that lowered the value of Fannie Mae stocks she bought, Bloomberg News reported.

The proposed rule is FAS 140, the accounting standard that specifies the conditions for keeping securitized assets off the balance sheet. If the proposal is issued in its current form and takes effect in November 2009 as expected, it could force companies like Fannie Mae to bring some special-purpose entities back on their balance sheet.

Plaintiff Karen Orkin, who bought 600 shares of class B Fannie Mae shares, filed the suit in New York State Supreme Court in Manhattan this week as a proposed class action, according to Bloomberg. The complaint reportedly says 89 million shares of the stock were sold, and the share price sunk by 44 percent in value in four months.

The five banks — Citigroup, Merrill Lynch, Wachovia, Morgan Stanley, and UBS — formed a syndicate to underwrite the stocks. Wachovia, Morgan Stanley, and UBS declined to comment on the suit.

The lawyers and the accountants are circling the feeding frenzy looking for new opportunities to cash in on the next phase of the sub-prime mortgage crisis. And they are not the only firms that have been gearing up for the court room drama in the months and years to come. FTI, LECG and other eDiscovery firms such as Encore are creating specialty units to focus on the growing number of law suits and litigation as a result of the tremendous fraud allegations:

The fact that numerous government entities are involved puts a high premium on the use of sound electronic discovery processes, chain of custody and especially forensic expertise. “What may start as a broad-based investigation by the SEC could quickly evolve into a complex web of related cases,” said Hemanth Salem, Encore’s Vice President of Professional Services and member of the Subprime Services Unit. “For example, the discovery process must factor in that an investigation could quickly expand to include 10b- 5 and derivative cases, ERISA ‘stock-drop’ cases, fraud or negligence claims revolving around slack underwriting standards, lack of appropriate internal accounting controls and failure to disclose exposure to risk in MBSs and CDOs.”

As the markets stabilize and the new corporate governance takes hold at institutions across the globe, take a minute to consider the real interdependencies. Operational Risk is directly tied to the sophistication of our systems, software and algorithms that make up the very DNA of our financial trading infrastructure. Add to this the complexity of people, cultures and their behavior when emotions of fear, greed and even revenge come into play. Welcome to the "Perfect Storm" of Global Enterprise Risk Management.

02 September 2008

EDD Overload: Modern Incident Response...

Remote Digital Forensics is quickly migrating into a vast science that requires a sound combination of both legal and technical expertise. The EDD process has been helpful in educating the marketplace about the industry and the steps that are necessary for a complete and thorough eDiscovery review. However, relevancy and precision is highlighted here by Richard Betjlich:

Why copy a 2-terabyte RAID array on a server if cursory analysis reveals that a small set of files provides all of the necessary evidence to make a sound case? Expect greater use of "remote previews" during incident response and select retrieval of important files for forensic analysis.

In addition to focusing on just the material that matters, modern incident response and forensic processes are more rapid and effective than historical methods. When hard drives were 40MB in size, it was feasible for a moderately skilled investigator to fairly thoroughly examine all of the relevant data for signs of wrongdoing. With today's volume of malicious activity, hard drive size, and efforts to evade investigators (counter- and anti-forensics, for example), live response with selective retrieval and review are powerful techniques.


The explosion of ESI and EDD related businesses is creating confusion and fear in the marketplace. Corporate counsel is working with outside law firms to get a better understanding of what their specific competencies are in the processing and analysis of electronically stored information that is relevant to the case. The question may remain, are they looking at everything instead of what is material to the case thus driving up the costs of litigation and the billable hours?

The Federal Rule of Evidence 502 takes effect in a few months (December 1, 2008) and this will address part of the problem:

Managing information that is discoverable through email from Party A to Party B using the internal e-mail system provided by the employer to the third parties outside of the organization including lawyers is the nexus here. How can an organization make sense of it all and keep the GC from pointing fingers at the CIO?

The answer begins with building awareness and education with all employees in the organization, not just the legal staff and IT. It begins the moment any employee opens the word doc or excel spreadsheet. The second you reply to that IM or e-mail on your PDA . Only through effective education and policy management will the enterprise learn how to modify behavior regardless of what tools and systems are put in place to organize, sort and query ESI.
"Whether building the castle walls or defending the crown jewels, knowing the right questions can make all of the difference."

The beginning of your educational journey starts here: CastleQuest