The past 15 years have seen a plethora of banking scandals and many more continue to emerge, which begs the question as to why history keeps on repeating itself. Here, Nick Leeson, who brought down Barings Bank in 1995, talks of his experience and explains why financial institutions seem to carry on with the same erroneous ways

From the Lehman Brothers collapse in 2000, the $2.3bn-worth (€1.8bn) of losses suffered by UBS as a result of risky bets made by rogue trader Kweku Adoboli in 2012 to the $920m fine given to JPMorgan Chase in 2013 for losses connected to the ‘London Whale’ trades, the past 15 years have seen some of the biggest banking scandals to date.

Unfortunately, these will not be the last banking crimes, as some of the world’s top banks brace themselves for millions of dollars worth of litigation losses related to alleged cases of foreign exchange rate fixing.

Despite tougher legislation laid down by regulators, cases of wrongdoing among financial institutions (FIs) continue to surface. It therefore begs the question as to why lessons from the past have not been learnt.

Nick Leeson, who brought down the 233-year-old Barings Bank in 1995 after accumulating $1.3bn of liabilities (more than the entire capital reserves of the bank), answers the question simply: “It’s down to poor systems, poor controls and poor quality of people.”

Drawing on his experience as a rogue trader at Barings Bank in Singapore, Leeson gives his candid views as to why FIs continue to commit these crimes. “I’m not suggesting I have all of the answers, but I can speak honestly about what went wrong during my time at Barings Bank,” he says. “Much of it was my fault, but the structure [of the bank] had many organisational flaws and the quality of people in certain positions was not what it should have been. A lot of these errors apply to more recent scandals.”

Leeson revealed everything in a Q&A with StrategicRISK before his keynote speech at the StrategicRISK-Zurich financial institutions forum.

The past decade alone has witnessed some of the biggest financial scandals and collapses to date. Clearly, lessons have not been learnt, have they?

Lessons have been learnt, but they are forgotten quickly. That’s just human nature. Each scandal serves as a reminder that we should have learnt better. Making a mistake once is acceptable, but making the same mistake again is stupid and unjustifiable.

Cases such as Jérôme Kerviel at Société Générale, Bruno Iksil at JPMorgan Chase or more recently the manipulation of the foreign exchange rate show that the potential for another global upheaval is apparent.

All financial scandals are same; they just differ in terms of degree of complexity and level of deception. Why these are allowed to happen always boils down to three main errors: poor systems, poor controls and poor quality of people.

Should poor risk management be added to your list of errors? Lax risk management is often cited as a reason for why things have gone wrong.

The problem is that risk management is an evolving discipline, but it is not evolving quickly enough. The function is a work in progress, but it’s nowhere near where it should be. The issue is that financial markets are developing at a faster speed than risk management.

Risk management has to evolve at the same speed, if not faster, than financial markets. Otherwise, there will always be a disproportionate amount of risk. It is a classic tortoise and hare example, where the hare (financial markets) is racing ahead of the tortoise (risk management).

Do you think that risk managers are receiving adequate support from the board to really fulfil their roles and help prevent problems?

Not receiving the right support is a key element, but the question should be why they are not receiving it. Typically, it is because it costs businesses money to invest in risk management and the returns are not immediate.

Unfortunately, when executives and board members decide where to invest their money – in risk management or in the trading desk – they will opt for what will make the most money and therefore choose the trading desk.

What about the regulators? The 2008 financial crisis exposed how weak the regulatory framework was. It is not helpful if risk managers and regulators are one step behind…

The problem is that few talented people are going into roles at regulatory bodies. Typically, the highest calibre of people go into the trading environment, the next calibre choose risk management and then someway down the path some people become regulators.

When I worked in Singapore, there was a shortage of good people in these roles. It was a process of ‘natural selection’. When banks needed to hire, they looked to other firms. When nobody from other organisations was suitable, they searched for people from the regulators and auditors.

Alternatively, if an auditor was recruited, did a particularly good job and the bosses deemed them to have potential, they would often get recruited onto the trading desk. This level of poaching weakens the regulators and, all of a sudden, there are few high-calibre staff regulating, risk managing or auditing.

What can banking bosses do to prevent the next scandal? Often, when a rogue trader has been exposed or a case of wrongdoing surfaces, executives are said to have to ‘turned a blind eye’. Is this fair?

Executives and all employees should be challenging decisions and actions. Executives should challenge from the top down and employees should challenge from the bottom up. However, for this to happen, the right culture needs to be in place so that all members of staff feel empowered and sufficiently comfortable to communicate their concerns.

When I worked at Barings Bank, the point of referral was not a nice person. This worked in my favour because if anyone had had an inkling as to what I was doing, the point of referral would be the last person they would go to.

Would you have done things differently had you been challenged?

Absolutely. During my time in Singapore, I survived day by day and as no one was questioning what I was doing, I became more comfortable – not comfortable with what I was doing, but comfortable with the idea that I had some more time to correct it. After a while, I started to think in terms of three- or four-day periods. I was supplying figures to the accountant that did not make any sense, but they just accepted it, and so I felt I had weeks to sort out the mess. Then, when auditors came in and they did not expose anything, I began to think I had months to fix the problem. If errant behaviour is not punished, another employee might witness it and copy the behaviour.

So, what does good corporate governance look like?

Good governance is having a culture where departments look over the organisation, ask intelligent and challenging questions, rather than having departments that look at sheets of numbers and tick a few boxes.

What does a good risk manager like? They will be someone who challenges the organisation and members of staff everyday. However, what risk managers tell me is that they are so weighed down with paper work, box-ticking and filling in reports merely to comply with the latest legislation, that they do not have the opportunity to challenge anyone or anything the way they should.

It is important that risk managers are in positions of authority and have a voice within the organisation. I have heard of so many cases where risk managers have been ignored, where they have provided reports to boards and have been told that they are wrong. If risk managers report to non-executive directors who are more responsible and culpable for what goes wrong, then maybe more will be done to prevent cases of fraud and scandal