I spent some time this morning reading the recently published “JPMorgan Chase & Co. Management Task Force Regarding 2012 CIO Losses,” a 129-page report on how and why the Chief Investment Office (CIO) lost more than $6 billion for the company in 2012. The media has been quick to point the finger at Bruno Iksil, the so-called “London Whale” responsible for executing the trades. As Felix Salmon notes, the executive summary on the first 17 pages of the report is well-written and provides the context behind this trading disaster for JPMorgan.

I went through the other portions of the document and wanted to highlight that the Risk Management, particularly in the CIO, wasn’t up to snuff. First, this was a huge red flag:

The Firm’s Chief Investment Officer did not receive (or ask for) regular reports on the positions in the Synthetic Credit Portfolio or on any other portfolio under her management, andinstead focused on VaR, Stress VaR, and mark-to-market losses. As a result, she does not appear to have had any direct visibility into the trading activity, and thus did not understand in real time
what the traders were doing or how the portfolio was changing. And for his part, given the magnitude of the positions and risks in the Synthetic Credit Portfolio, CIO’s CFO should havetaken steps to ensure that CIO management had reports providing information sufficient to fully understand the trading activity, and that he understood the magnitude of the positions and what
was driving the performance (including profits and losses) of the Synthetic Credit Portfolio.

But the big question: why did it take so long for JP Morgan to discover that these trades were losing money for the company? Turns out, it had to do with rudimentary platforms in place to measure/track risk on a daily basis. Alas, they were relying on Microsoft Excel!

During the review process, additional operational issues became apparent. For example, the model operated through a series of Excel spreadsheets, which had to be completed manually, by a process of copying and pasting data from one spreadsheet to another. In addition, many of the tranches were less liquid, and therefore, the same price was given for those tranches on multiple consecutive days, leading the model to convey a lack of volatility. While there was some effort to map less liquid instruments to more liquid ones (i.e., calculate price changes in the less liquid instruments derived from price changes in more liquid ones), this effort was not organized or consistent.

…

In addition to these risk-related controls, the Task Force has also concluded that the Firm and, in particular, the CIO Finance function, failed to ensure that the CIO VCG (Valuation Control Group) price-testing procedures – an important financial control – were operating effectively. As a result, in the first quarter of 2012, the CIO VCG price-testing procedures suffered from a number of operational deficiencies. For example, CIO VCG did not have documentation of price-testing thresholds. In addition, the price-testing process relied on the use of spreadsheets that were not vetted by CIO VCG (or Finance) management, and required time-consuming manual inputs to entries and formulas, which increased the potential for errors.

Yikes!

If you’re into risk management at all (like I am), the entire report is worth perusing.