Penny Cagan
Managing Director

© 2008 Algorithmics Incorporated. All rights reserved.

Pieter Bruegel the Elder, The Fall of the Rebel Angels
March 2008: Bear Stearns is acquired by JP
Morgan in a transaction orchestrated by the
US government
July 2008: US Federal government seizes
IndyMac (largest thrift to fail in US history)
Sept. 7, 2008: US government takes over
Freddie Mac and Fannie Mae
Sept. 14, 2008: Bank of America announces it will acquire Merrill Lynch
Sept 15, 2008: Lehman Brothers files for bankruptcy
© 2008 Algorithmics Incorporated. All rights reserved.

Sept. 16, 2008: US government announces $85 billion emergency aid package for AIG
Sept. 18, 2008: Federal Reserve and central banks in
Asia and Europe pump up to $180 billion into money markets. US Congress considers $700 billion facility to buy bad debt from banks.
Sept. 19, 2008: US government announces that it will insure all money market funds. The SEC bans short selling of shares in 799 financial stocks.
Pieter Bruegel the Elder, Landscape with the Fall of Icarus
© 2008 Algorithmics Incorporated. All rights reserved.
Sept. 22, 2008: Goldman Sachs and Morgan Stanley announce they have requested a change in their status to Bank Holding Companies, regulated by
Federal Reserve

 Underwriting of new loans: Credit Risk (loan quality) & OpRisk
(documentation, background check, integrity of loan process)
 Securitization: Reputation & OpRisk (mis-selling, valuation, investor issues) & Liquidity Risk (cash shortages)
 Investor: Credit, Market & OpRisk (mark-to-market issues, what are securitized loans worth when they are sold in volatile markets, will the investment pay off, what’s under the hood of structured products)
 Market Reactions: Market Risk, OpRisk (increased volatility leads to behavior that can increase oprisk, such as unauthorized trades, questionable valuations, processing issues), Credit Risk (bankruptcies can occur if investors, issuers and packagers can not raise funds.)
© 2008 Algorithmics Incorporated. All rights reserved.

SubPrime Market Volatility - Event Trigger: Number of Events
RELATIONSHIP RISK CLASS
PROCESS RISK CLASS
PEOPLE RISK CLASS
EXTERNAL RISK CLASS
0 10 20 30 40 50 60 70 80 90 100
Source: Algo FIRST
© 2008 Algorithmics Incorporated. All rights reserved.

SubPrime Market Volatility - Event Trigger: Number of Events
BUSINESS & STRATEGIC RISK
SECURITIES LAW VIOLATIONS
SALES RELATED ISSUES
LEGAL LIABILITIES
DISCLOSURE RELATED ISSUES
LAW/REGULATION CHANGE
TRADING MISDEEDS
INTERNAL FRAUD
EMPLOYMENT, HEALTH & SAFETY
SPECIFIC LIABILITIES
ERRORS AND OMISSIONS
EXTERNAL FRAUD
NEGLIGENCE
TRANSACTIONAL AND BUSINESS PROCESS
RISK
0 10
Source: Algo FIRST
© 2008 Algorithmics Incorporated. All rights reserved.
20 30 40 50 60 70 80 90

“At any given time there exists an inventory of undiscovered embezzlement in - or more precisely not in - the country's business and banks. This inventory - it should be called the bezzle.
It also varies in size with the business cycle." from “The Great Crash: 1929” by John Kenneth Galbraith.
© 2008 Algorithmics Incorporated. All rights reserved.

 Supply of fraud is correlated with supply of credit
 Access to credit allows for the continuance of both fraud and gray-matter market practice issues
 Corporations push the boundaries when credit is available in terms of compensation, disclosure, client relationships, profit taking and financial reporting
 Enron, Worldcom, and Madoff frauds initiated during bubble and uncovered during retraction
 The absence of credit during a downturn results in uncovering of frauds
© 2008 Algorithmics Incorporated. All rights reserved.

CBOE Volatility Index,1990-2008, vs. events in the FIRST database
WGZ $230m UAT
Enron
$2.2 billion fraud
Codelco $170m UAT BankBoston
$73m fraud
Kidder Peabody/
J. Jett $350m UAT
Barings $1.3 billion
UAT
AIB Allfirst
$691m UAT
Hamilton Bank
$130m fraud
December 2008:
Bernard Madoff
$50 billion
Ponzi Scheme
SocGen $7.2b
UAT
Calyon $247m
UAT
Source: CBOE, Bloomberg and FIRST
© 2008 Algorithmics Incorporated. All rights reserved.

A Gallery of Rogues: Bernard Madoff and Robert Stanford
Bernard Lawrence "Bernie" Madoff (born April 29, 1938 ) is an
American businessman and former chairman of the NASDAQ stock exchange. He founded the Wall Street firm Bernard L. Madoff
Investment Securities LLC in 1960 and was its chairman until
December 11, 2008, when he was charged with perpetrating what may be the largest investor fraud ever committed by a single person .
© 2008 Algorithmics Incorporated. All rights reserved.
• Robert Alan Stanford , charged with running $9.2 billion investment fraud
• Sold $8 billion of Certificates of Deposit through Stanford
International Bank, based in Antigua
• Promised double-digit returns over the past 15 years
• Bank claimed $51 billion in deposits and assets under management, with more than 70,000 clients in 140 countries
• Possible money laundering charges pending

Organization Name
American International Group Inc.
Sum of Loss Amount
Citigroup Inc.
Bank of America Corporation
UBS AG
Wells Fargo & Co.
Morgan Stanley & Company
Goldman Sachs Group, Inc., The
JPMorgan Chase & Co
Top 8 Total
Others
Grand Total
Source: Algo FIRST
© 2008 Algorithmics Incorporated. All rights reserved.
96,278,000,000
63,400,000,000
55,038,000,000
48,400,000,000
8,617,925,000
3,700,000,000
3,060,000,000
1,600,000,000
280,093,925,000
65,634,029,280
345,727,954,280
Percentage
0.89%
0.46%
81.02%
18.98%
100.00%
27.85%
18.34%
15.92%
14.00%
2.49%
1.07%

SubPrime/Market Volatility - Products and Services
LENDING PRODUCTS & FINANCING SERVICES
INSURANCE PRODUCTS AND SERVICES
FINANCIAL PRODUCTS (UNSPECIFIED)
EQUITY PRODUCTS
DERIVATIVES, STRUCTURED PRODUCTS AND
COMMODITIES
DEBT PRODUCTS
CLEARING SERVICES
CASH MANAGEMENT SERVICES
ASSET MANAGEMENT PRODUCTS AND SERVICES
0 10 20 30
Number of Events
40 50
Source: Algo FIRST
© 2008 Algorithmics Incorporated. All rights reserved.
60

We will see a fundamental re-design of risk management:
Operational Risk provides the governing framework
IN: Integrated. Consistent. Actionable. Non-deterministic.
OUT: Silos, automatic models, compliance running on auto-pilot
Categorizations have become meaningless!
Operational risk is the driver for change
© 2008 Algorithmics Incorporated. All rights reserved.

Organization Name
Kaupthing hf
Glitnir Bank
Indymac Bancorp Inc
BankUnited FSB, Coral Gables, Florida
Wachovia
Guaranty Bank, Austin, TX
Colonial Bank, Montgomery, Alabama
Franklin Bank, S.S.B., Houston, Texas
Downey Financial Corp.
Top 10 Total
Others
Grand Total
Source: Algo FIRST
© 2008 Algorithmics Incorporated. All rights reserved.
Loss Amount
28,200,000,000
23,400,000,000
15,900,000,000
9,400,000,000
4,900,000,000
4,500,000,000
3,000,000,000
2,800,000,000
1,500,000,000
1,400,000,000
95,000,000,000
19,429,024,512
114,429,024,512
Percentage
2.45%
1.31%
1.22%
83.02%
16.98%
100.00%
24.64%
20.45%
13.90%
8.21%
4.28%
3.93%
2.62%

Bank Failures - Contributory Factors
CORPORATE/MARKET CONDITIONS
LACK OF CONTROL
MANAGEMENT ACTION/INACTION
STRATEGY FLAW
CORPORATE GOVERNANCE
OMISSIONS
ORGANIZATIONAL STRUCTURE
EMPLOYEE ACTION/INACTION\EMPLOYEE
MISDEEDS
STAFF SELECTION/COMPENSATION
0 20 40 60 80
Incidence of Factors
(An event can have more the on contributory factor)
Source: Algo FIRST
© 2008 Algorithmics Incorporated. All rights reserved.
100 120

LENDING PRODUCTS & FINANCING
SERVICES
DERIVATIVES, STRUCTURED
PRODUCTS AND COMMODITIES
CLEARING SERVICES
CASH PRODUCTS
CASH MANAGEMENT
CARD PRODUCTS
0
Bank Failures - Products and Services
20 40 60
Number of Events
80 100
© 2008 Algorithmics Incorporated. All rights reserved.
120

1.
Lack of care for stakeholders
2.
Automatic approach
3.
Unknowns ignored
4.
Silos accepted
5.
Risk and return managed separately
Domenico di Michelino, La commedia illumina Firenze
© 2008 Algorithmics Incorporated. All rights reserved.

Short-term earnings culture threatened shareholder value
Failure to put clients’ interests first
Fiduciary duties became secondary
Compensation
Community Role
Pieter Bruegel the Elder, The Fall of the Rebel Angels
© 2008 Algorithmics Incorporated. All rights reserved.

Perfecting standard models
Firms that experienced more significant problems tended to apply a mechanical risk management approach.
Senior Supervisors Group (2008)
The tendency to overly formalize arcane aspects of an analysis often detracts from the bigger picture.
Corrigan Report (2008)
© 2008 Algorithmics Incorporated. All rights reserved.
Pieter Bruegel the Elder, Parable of the Blind

Methodology can convey a false sense of precision
All models use assumptions and assumptions can have a material impact on the model outcomes.
However, most models do not specifically acknowledge what assumptions they are making.
Federal Reserve Bank of New
York (2008)
Pieter Bruegel the Elder, The Adoration of Kings
© 2008 Algorithmics Incorporated. All rights reserved.

The existence of organizational silos appeared to be detrimental to performance during the turmoil.
Business areas [made] decisions in isolation and in ignorance of other area’s insights.
Senior Supervisors Group (2008)
Pieter Bruegel the Elder, The Tower of Babel
© 2008 Algorithmics Incorporated. All rights reserved.

Pursuing returns without managing risk
Firms that recorded relatively larger unexpected losses tended to champion the expansion of risk without commensurate focus on controls .
Senior Supervisors Group (2008)
Pieter Bruegel the Elder, Gluttony
© 2008 Algorithmics Incorporated. All rights reserved.

1.
Focus on the Stakeholders
2.
Acknowledge uncertainty transparently
3.
Imagine and Challenge assumptions
4.
Manage risk at the enterprise level
5.
Manage risk and return proactively
Pieter Bruegel the Elder, Fortitude
© 2008 Algorithmics Incorporated. All rights reserved.

Develop a culture of risk governance
Risk management must rely heavily on judgment, communication and coordination . This culture of governance will help to break down the silo mentality.
It [requires] rigorous and continuous attention at the highest levels.
Pieter Bruegel the Elder, Justice
Corrigan Report (2008)
© 2008 Algorithmics Incorporated. All rights reserved.

Risk is more than a single number
[We] must recognize the limitations of mathematical models.
Corrigan Report (2008)
Managers at better performing firms relied on a wide range of measures of risk.
Senior Supervisor Group (2008)
Pieter Bruegel the Elder, Prudence
© 2008 Algorithmics Incorporated. All rights reserved.

Discover the Unknown, Don’t Perfect the Known
Firms [must] think creatively about how stress tests can be conducted.
Corrigan Report (2008)
Firms that tended to avoid significant challenges assessed risk positions drawing on different underlying assumptions .
Senior Supervisors Group (2008)
© 2008 Algorithmics Incorporated. All rights reserved.

Dismantle silos
Firms that understood quickly the risk they faced relied on information from many parts of their businesses.
Better performing firms were able to integrate their measures of market risk and counterparty risk across businesses.
Senior Supervisors Group (2008)
Institute of International Finance (2008)
Pieter Bruegel the Elder, The
Tower of Babel
© 2008 Algorithmics Incorporated. All rights reserved.

The need for speed
[Firms] must have the capacity to monitor risk concentrations as well as exposures to institutional counterparties in a matter of hours and provide effective and coherent reports to senior management.
Corrigan Report (2008)
© 2008 Algorithmics Incorporated. All rights reserved.

Black Swans will happen
 There will be more risk-related regulation:
Recent G20 and BIS actions are just a start
 Comprehensive and active ERM is “back”
 Assumptions, models and results will become context specific
 Client-centric financial innovation is here to stay
Pieter Bruegel the Elder, The Battle about Money
© 2008 Algorithmics Incorporated. All rights reserved.

Think!
 Imagine. Explore what you don’t know
 Challenge your assumptions
 Communicate, don’t “report”
 Use sound judgment
Risk management =
Decision making under uncertainty Pieter Bruegel the Elder, Hope
© 2008 Algorithmics Incorporated. All rights reserved.

OpRisk Best Practices is part of the solution
 Manage risk on a firm-wide basis and overcome silos
 Integrate risk identification, risk and self assessments, monitoring and testing of controls within the enterprise-wide risk framework
 Look at all material risks together, and not be limited to market, credit, liquidity and operational risk
 Understand assumptions and what happens if assumptions fail
 Integrate scenario approaches within overall framework
 Lobby to change an organization’s culture
 Supplement quantitative tools with qualitative judgment
© 2008 Algorithmics Incorporated. All rights reserved.

For further information contact:
Penny Cagan
Managing Director penny.cagan@algorithmics.com
212-612-7853
© 2008 Algorithmics Incorporated. All rights reserved.