McKenna Speaks to Market Technicians Association Chicago

On February 19, 2013, I spoke to the Chicago Chapter of the Market Technicians Association. The topic was, “Risk 2013: Protecting Your Trading Accounts From Fraud”.

Here is the text of my remarks:

It used to be you could assume that even if a broker/dealer or FCM failed, accounts would transfer smoothly from one firm to the new one. Not anymore.

That changes everything.

There are two things that seem to be uppermost on minds of those with accounts at FCMs and broker/dealers:

• How financially viable is the firm you trade through?
• Who runs the firm and whom do they do business with?

When a firm starts to struggle financially or if it not managed well, the temptation to dip into customer segregated funds increases. When a firm is not financially viable or is managed for the benefit of a few insiders, the likelihood of a failure is greater and the likelihood there will be a shortage when the failure occurs – preventing a smooth transfer of accounts and uncertainty and potential loss to customers – is now greater than ever before.

In December 2009, after Madoff and before MF Global failed in October of 2011, the SEC adopted rules to better protect clients of investment advisers from theft and abuse.

The idea was to provide greater assurance to investors that their accounts contain the funds that their investment adviser and account statements say they contain. The new rules encourage registered investment advisers to place their clients’ assets in the custody of an independent firm, unlike Bernard Madoff did.

If an independent custodian is not used or an adviser has control of client assets, surprise exams and third party reviews by PCAOB registered accounting firms are required to protect investors’ assets.

The new custody rules require registered investment advisers who control or have custody of their clients’ assets to hire an independent public accountant to conduct an annual “surprise exam” to verify those assets actually exist. This surprise examination provides another set of eyes on the clients’ assets, thereby offering additional protection against the theft or misuse of funds.

Registered investment advisers whose client assets are not maintained with independent firms must obtain a third-party written report assessing the safeguards that protect the clients’ assets.

The report — prepared by an accountant registered and inspected by the Public Company Accounting Oversight Board — among other things, must describe the controls that are in place to protect the assets, the tests performed on the controls, and the results of those tests. These requirements are not yet in place for custody of customer assets by broker-dealers or FCMs.

Also the SEC adopted changes in July 2010 to the principal disclosure document that SEC-registered investment advisers provide to clients and prospective clients. The changes substantially improve the quality of disclosure clients receive and allow them to better evaluate the risks associated with a particular investment adviser.

No how about broker-dealers and FCMs?

In June 2011, a few months before MF Global’s failure, the SEC did propose rules to better protect customer assets maintained at broker-dealers. The proposals would strengthen SEC and SRO oversight of broker-dealers’ custody practices. Under the proposals:

Audit Enhancements: A broker-dealer that maintains custody of customer securities and cash would be required to undergo a compliance examination — by a Public Company Accounting Oversight Board-registered public accounting firm — that would include an audit of the controls the broker-dealer has in place to protect customer assets. Broker-dealer audit requirements also would be updated to facilitate the ability of the PCAOB to inspect broker-dealers’ registered public accounting firms.

Auditor Access: A broker-dealer that maintains custody of customer securities and cash — or clears transactions — would have to allow SEC and SRO examiners to access the work papers of the registered public accounting firm that audits the broker-dealer and discuss any findings with the personnel of the registered public accounting firm.

Custody Reports: A broker-dealer would file a report on a quarterly basis with the SEC and its designated examining authority that contains information about whether and, if so how, the broker-dealer maintains custody of its customers’ securities and cash.  The report would establish a custody profile for broker-dealers that examiners could use as a starting point to focus their custody examinations.

The SEC has not yet, more than eighteen months later, approved this proposal for broker/dealers. Now the CFTC has made even more proposals for FCMs, very similar ones, related to PCAOB certified audits and “expert” audits of the SROs by public accountants.

Of course the audit firms want the work, and the fees. But how well have firms like PwC proved their worth given the failure of MF Global? The public accounting firms don’t want the public to see the results of these audits. Wouldn’t it be interesting if you, the customer, could go back to see if PwC ever highlighted any issues at MF Global regarding systems or controls over segregation of customer assets? The audit firms are opposed to transparency for the results of their work because it could expose them to liability.

On February 5^th, the Commodity Futures Trading Commission (CFTC) held a Public Roundtable to discuss proposed rulemaking on “Enhancing Protections Afforded to Customers and Funds Deposited by Customers.” The first panel, included representatives from the Public Company Accounting Oversight Board, external auditors PricewaterhouseCoopers, Ernst & Young, Deloitte, KPMG and Grant Thornton and SROs CME Group, FINRA, and National Futures Association focused on the “Role of Examination’s Experts’ Reviews of Self-Regulatory Organization (SRO) Examination Programs.”

The Securities Industry and Financial Markets Association reported that the panel expressed concern that examination reports containing confidential information may become available to the general public. They suggested that firms produce two separate reports: one to be submitted to regulators and one for public disclosure.

“A CFTC staff member asked how a best practices concept could be built into expert reports based on lessons learned. Sam Telzer from Pricewaterhouse Coopers responded that it is hard to define what a best practice is but that specific industry standards are normally followed. (That’s not very reassuring.)

CFTC staff asked what qualifications the Commission should look for in an exam expert. Panelists responded that the exam experts qualification require a certain amount of industry experience and level of expertise in the risk management. They suggested that the definition from the CFTC be specific but “not so prescriptive that it is impossible to find someone to do the work.” (We wouldn’t want to inhibit anyone from doing the work as long as they are PCAOB registered, for example.  But a lot of good that did us at PFG Best or MF Global.)

CFTC staff also asked about the transition broker dealers made in submitting to annual audits and reporting from outside accountants. Vogel noted that all of her members complied with the rule but complained about the increased cost associated with another audit. She added that accounting firms with only a few broker-dealer clients “raise red flags” on their level of expertise and effectiveness. “ (Indeed.)

In a comment letter about the proposal, the NFA said it is particularly concerned about the proposed changes to SRO examination practices, as well as the proposal that NFA and/or the Joint Audit Committee retain an examinations expert to review and render an opinion about their respective supervisory programs. The NFA says the CFTC does not have adequate information to estimate the ongoing costs for biennial reviews by the examinations expert, or the incremental costs of additional controls testing or ongoing compliance with standards that the FCMs develop. (If it costs too much it must be bad, right?  Maybe some FCMs, broker dealers and audit firms can’t afford to be in business if they are forced to do things right and not allow customers to be cheated.)

As it turns out, the PCAOB pilot inspection program for audit firms that audit broker dealers has produced a horrendous result. In August of 2012, the Public Company Accounting Oversight Board, the US audit industry regulator, issued its first report on the auditors of broker-dealers under a pilot inspection program. The PCAOB released the report on August 18, the first anniversary of the SEC’s approval of temporary rules that gave the regulator the authority, under the Dodd-Frank Reform Act, to require registration and, therefore, inspection of the auditors of broker-dealer firms. A majority of the auditors of broker dealers do not audit any other SEC registered companies.

It was ugly. The PCAOB inspection team found serious auditing deficiencies in all 23 audits they reviewed. This was the first time most of these audit firms were scrutinized by anyone but their peers in the accounting industry.

There were approximately 4,400 broker-dealers that filed audited annual financial statements for fiscal periods ended during 2011 with the SEC. According to the PCAOB’s first report, there are 800 registered public accounting firms that issued audit reports for 4,400 financial statements of brokers-dealers for fiscal period 2011 filed with the SEC.

Some of these firms audited only one broker-dealer, while others audited over 150 broker-dealers. Approximately 300 of the 800 firms also reported issuing audit reports for public company issuers like MF Global, JPMorgan, Barclays and Goldman Sachs.

The broker-dealers that were inspected by the PCAOB were not judged by any new rules. The auditors operate, for now, under generally accepted auditing standards (“GAAS”) issued by the American Institute of Certified Public Accountants (“AICPA”). The new “surprise” examination of investment advisors who have custody of customer funds or securities is also performed under AICPA attestation standards.

Broker-dealer audit firms  – and auditors of FCMS if the proposals are approved, will have to start auditing those firms under PCAOB standards. One wonders how, given their poor performance under well-known AICPA standards, how most of them will ever be able to make the transition and stay in business.

To see how bad it is even with the larger audit firms just look at the failures of MF Global, audited by PwC, and Refco, audited by Grant Thornton who inherited the audit and its team from Arthur Andersen. The ten futures commission merchants, or FCMs, with the most customer segregated assets under their control, almost $117 billion, as of June 30, 2012 according to reports filed with the CFTC, are audited in four cases by PwC. The rest are audited by one of the other Big Four audit firms. (A Big Four auditor obviously didn’t help safeguard customer funds any better at MF Global where the auditor is also PwC.)

• Goldman Sachs (PwC)
• JP Morgan (PwC)
• Newedge (EY)
• Deutsche (KPMG)
• UBS (EY)
• Citigroup (KPMG)
• Merrill Lynch (PwC)
• Morgan Stanley (Deloitte)
• Barclays (PwC)
• CSFB (KPMG)

Large banks have been sanctioned recently for commingling their broker-dealer customers’ funds with their own. JP Morgan, and its auditor PwC, and Barclays were fined in the UK for not safeguarding the funds of brokerage customers.

More serious scrutiny by the PCAOB and SEC of the large audit firms who cover the largest FCMs is also required. PwC audits four of the top ten FCMs. Why has there been no scrutiny of PwC lapses at MF Global and at JP Morgan and Barclays where PwC not only allowed the banks to commingle but stood by while JPM exploited control weaknesses related to the “whale trades” and Barclays manipulated

What were the MF Global Red Flags for smaller customers?

MF Global is legacy Refco, and we know how well that turned out. Many of the same people worked at Refco and at Man Financial, which bought the Refco broker/dealer, and then at MF Global especially in compliance and back office here in Chicago. MF Global had problems almost immediately. Many of you remember Dooley the wheat trader. Corzine’s trading in sovereign risk repo to maturity was disclosed in filings.  The SEC questioned disclosures before last annual report. Regulators had been complaining about regulatory capital.  Bonds were issued in August to pump up liquidity.

On the positive side, for all of the bad things people said about Corzine later regarding how he ran New Jersey and what a lousy trader he was a Goldman Sachs, you could find as many people who thought his presence at MF Global was a confidence booster, including JC Flowers, the major investor in MF Global who bailed it out after the wheat trader fiasco.

MF Global was audited by PwC, a well-known long-term client of PwC who also audits Man Financial and was involved in setting up Sox controls at Refco. PwC also audits JPM, BAC, GS, and Barclays, four of the top ten B/Ds plus MF Global. It was reasonable to assume the firm has industry expertise and professionalism.  But what good did that do customers when Corzine gave the orders and no one, including the board, balked at following them or keep his activities in check?

PwC and its clients JPM and Barclays were fined by UK authorities for not maintaining control over customer segregation for several years.

When Lehman went bankrupt the seg funds issue was bad and is still being sorted out.  However authorities in UK recently decided not to fine Ernst & Young for falling down on the job the way they had PwC in the Barclays and JPM case.

JP Morgan was the MF Global main bank.  But given JPM’s own history with seg funds violations in UK should there have been as much confidence in them?

PFG Best ended with a failed suicide, a written confession, guilty plea and a jail sentence. But there were numerous repots of Wasendorf’s utter control over the office, the banks, and the general operation of the business. His own son wanted out. The history of the firm is a long complicated one involving acquisition of accounts and employees of other failed or weak firms and lots of complaints and sanctions. On the other hand Wasendorf served on industry boards and committees lending an air of credibility and become an “untouchable”.  Wasendorf used the customer funds primarily for personal expenses, although he claimed funds were also used to meet “ever increasing regulatory and capital requirements”.

Both situations, according to Dan Roth of the NFA in an interview with Futures magazine in November, involved the misuse of customer segregated funds by an FCM. The nature of the misuse is different in that one involved outright theft; the other one involved a theft as well, but a theft to fund the firm’s ongoing operations and investments. (But should a distinction be made?)

One case involves theft of excess segregated funds where the firm drew down its excess segregated funds and used them to fund proprietary bets. The other is more of a blatant outright theft. (But is it? The law doesn’t differentiate between how the funds were used.  Customers still left hanging.)

After MF Global, the NFA realized must have greater use of technology to monitor firms’ compliance with segregation requirements, and moved in that direction. Peregrine six months later upped the stakes. It wasn’t just PFG Best incident. It was MF Global and Peregrine together, which moved the NFA to implement daily confirmation of all seg balances.

I think new daily automated confirmation of segregated balances with outside sources – regulators making sure on an audit basis and during spot checks that the funds that the FCM claims it is holding, it is actually holding at the bank – are too little too late. That’s because SROs, the CFTC and the SEC are unwilling to post external auditor reports of systems and policy control weaknesses prepared by outside auditors, at SEC site for broker dealers or at CFFTC or NFA for FCMs.

What did they say about MF Global?  The funds were transferred inadvertently because of “chaos” and risk management system that could not keep up with the growing complexity of the business that Corzine brought?  What did PwC have to say about that, if anything? How could Corzine and his CFO Steenkamp sign off on the Sarbanes-Oxley certifications of disclosures and internal controls over financial reporting if basic information all broker dealers and FCMs need like how much belongs to the firm and how much to customers could not be determined on a timely basis or accurately?

Roth of the NFA admitted that daily electronic outside confirmation doesn’t address all the risk involved in customer segregated funds. There is always fellow customer risk. That means if one customer goes bust and the firm uses other customers funds to cover, a bankruptcy turns those customers into general creditors.

But daily confirmation of seg balances should act as a deterrent as long as the data is monitored and discrepancies are acted upon on a timely basis.

Roth suggests you do due diligence on your FCM. Look at the new BASIC page on the NFA website which has info on financial condition. The financial information included on the NFA website for an FCM will include three reports:

• FCM Capital Report: This report will show the most recent month’s information on adjusted net capital, required net capital and excess net capital;

• FCM Customer Segregated Funds Report: This report will show total funds held in segregated accounts, total funds required to be held in segregated accounts, excess segregated funds, the percentage of segregated funds that are held in cash and each of the investments permitted under CFTC Regulation 1.25 and whether the FCM held any funds at a depository that is an affiliate of the FCM during the previous month; and

• FCM Customer Secured Amount Funds Report: Identical to the FCM Customer Segregated Funds Report, this report will show the same information in regard to an FCM’s secured funds.

Would such transparency have warned retail customers that something was wrong at MF Global or Peregrine? I think that this information is posted too late for the average investor to do anything about it. Recall that rumors of MF Global’s demise were hanging out there for a few months. But the average trader didn’t believe it.  Large firms, perhaps knowing better, pulled their money, some of them getting wire transfers until October 28^th, the Friday before the bankruptcy was filed on Halloween.  JP Morgan, who perhaps knew MF Global’s condition best of all, declined to make an offer for the broker/dealer.  Interactive Brokers walked away that weekend.  Insiders like preferred shareholder and the primary employer of Corzine, JC Flowers, hasn’t complained since.  He never sued anyone for his investment loss. Maybe he got his money out some other way. But many smaller investors and money managers are still waiting for their money and may never get all of it.

What will help:

• SROs using the electronic confirmation process to verify directly with the bank that balances are the same as what FCMs are reporting
• Conducting the bank confirmation process at annual “audit” time and spot checking at any time
• When the system is developed for all seg depositories — bank, broker/dealers, money market accounts — to report to regulators on a daily basis the funds that they are holding on behalf of FCM customers so regulators can compare that information with the daily reports they get from the FCMs to identify discrepancies.

NFA says that if a depository that won’t file this information with regulators, it will be deemed an unacceptable seg depository.

NFA started using an electronic bank confirmation process as part of the annual audit process and the NFA says that’s how the fraud at Peregrine.

But what was the external auditor doing all that time? The external auditor was a one-woman shop in suburban Chicago. She was PCAOB registered, had never had any disciplinary actions, but her audit reports and any weaknesses noted are not available on the SEC site.

PwC’s reports for MF Global are not available either. PwC requested confidential treatment of those reports and so they are not available for investors to see if the firm had issues before it failed.

Roth was asked by Futures magazine why the PFG fraud wasn’t caught during the spot audits of FCMs following the MF Global bankruptcy? He responded that the CFTC asked SROs to go in and perform examinations of certain FCMs for seg compliance. NFA specifically asked the CFTC whether they wanted those examinations to confirm balances to outside sources and they told us “no.” They were checking to see only that what the FCM said on the report they had was enough and in compliance.  They trusted and didn’t verify. The directions CFTC gave NFA for conducting those examinations did not include confirmation of balances to outside sources.

That was crazy and defies all basis auditor logic. But it’s also what the outside auditor of PFG Best did not do, was prevented for doing or knew would have shown a discrepancy if she did do. We have not heard anything since about whether this external auditor, who was a PCAOB registered auditor and subject to inspections but never inspected, was just dumb or in on the scam.

And there’s still no rule that says an FCM has to tell you where your money is, at which depository, only that it is somewhere and you can check amounts with this new transparency.

What can you do to make sure your firm will keep you account safe:

• Use all the tools to check the financials – BASIC at the NFA for FCMs and SEC filings for broker-dealers, including the SEC comment letters about the accounting issues at publicly traded firms.
• Ask your firm which bank they use as segregated funds depository. JP Morgan is probably the least popular bank in this business in the minds of large institutional futures investors.
• Push back on demands for too much collateral or margin.  Don’t leave excess fund in your account.  If you must deposit more of your money, make sure you understand the details of your account agreement regarding how it can be used and your rights in case of a problem. Better yet, everyone should be more familiar with their account agreement and ask for changes if its not fair to your f=rights and interests.
• Look at who the external auditor is.  A bigger one is much better than a smaller one.  One that has been inspected by the PCAOB for any kind of audit is better than one that has never been inspected.  One whose inspections show no discrepancies for broker-dealer audits will be the best of all.  Expect consolidation in this area.  Very few of the auditors are ready for prime time and even the Big Four are clearly falling down on the job ad out experience with PwC and clients MF Global, JP Morgan, and Barclays demonstrate.
• For FCMs you can check seg status at the CFTC site under market reports. If you don’t understand how to interpret these numbers for the FCM you do business with, perhaps you should not be in this asset class at all.
• Demand regulators provide transparency to external audit reports of compliance and segregated account controls discrepancies noted on an annual basis and remediation plans. Instead worrying about causing a run on firms with weak controls, regulators should be more concerned about protecting all investors from weak or uncontrolled firms not just big investors.

From a magazine article I wrote for Forbes in November, here’s seven ways to avoid investing in fraudulent companies, in general:

Given all this, how can you check for accounting risk in the stocks you own? Here are seven sure ways:

Scrutinize earnings revisions. Even though an 8-K filing isn’t required, as it is with a restatement, you can usually find the details of any revision in a company’s quarterly 10-Q or annual 10-K.

Read the SEC’s mail. SEC letters questioning a company’s financial statements, as well as the company’s responses, can be found through an Edgar search on the SEC’s site. The SEC does not make letters public for up to 20 business days after completing its review of a filing. But if it had a lot of questions, maybe you should, too.

Watch for changes in auditors. Notably 26% of firms accused by the SEC of fraudulent accounting between 1998 and 2007 changed their auditors just before or during their fraud–more than double the rate at which firms with clean accounting switched.

Track the shorts and the chatter. Short-sellers aren’t always right about a stock, but some are good at sniffing out accounting problems. If a stock has a high or rising short interest, dig deeper at member sites such as ShortSqueeze and ValueForum or search for the pros’ takes at Forbes.com and SeekingAlpha.

Look for anomalies in the financials. If revenue keeps rising while the workforce, facilities and backlog/bookings shrink, it could be a red flag for revenue manipulation. If revenue is going down but net income always hits targets, accounting tricks may be in play. Other tip-offs: earnings rising when cash flow isn’t, an unexplained buildup in inventories and unusual swings in accruals.

Beware highfliers. Low-multiple companies cook the books, too, but young, hot companies face pressure to justify their lofty multiples and often have less-well-developed internal controls. Plus, it takes regulators time to issue new accounting guidance for new industries, like social media and cloud computing. That leaves open a window for the companies and their auditors to creatively interpret GAAP.

Watch for repeat offenders. Navistar’s accounting problems led it to be delisted from the NYSE for 16 months during 2007 and 2008. Daniel Ustian, the CEO during that period, agreed with the SEC to pay back $1.3 million in incentive pay but continued running the company–until this past August, when it suffered a big loss and disclosed that the SEC was again questioning its accounting. He took a sudden retirement.