There is so much grist in the just-released Senate Permanent Subcommittee report on the JP Morgan London Whale trades that the initial reports are merely high level summaries, which is understandable. Even with the admirable job done by the committee in documenting its findings and recommendations, it will take some doing to pull out the critical observations and convey them to the public. Plus the hearings tomorrow should provide good theater and further hooks for commentary.

But some critical findings emerge, quickly. We here at NC were particularly harsh critics of JP Morgan’s conduct, and disappointed in the media’s failure to understand that the information JP Morgan presented as it bobbed and weaved showed glaring deficiencies in risk controls. Yet the failings described in the report are even worse than we imagined. For instance, Michael Crimmins, in a post, Why Hasn’t Jamie Dimon Been Fired by His Board Yet? wrote last July:

The first stunner, that JP Morgan was restating the first quarter financials, should have caused a deafening ringing of alarm bells. For a company of JP Morgan’s stature to be compelled to restate prior period financials is a very clear signal of bigger problems with their overall financial reporting. In isolation we would normally expect to see a massive selloff with an event of that seriousness. Analysts and reporters may have missed the significance since it was dropped into a footnote and overshadowed by the other disclosures. … But the real cause for alarm is the reason for the restatement. JPM was forced to disclose that it relied on its traders to provide honest and accurate valuations for its financial statement disclosures. That’s like putting the foxes in charge of not just the henhouse, but the entire farm. Much to its chagrin that was a costly choice. Note that was not a mistake, but a conscious choice…. t appears that JPM is attempting to make the case that rogue traders, with criminal intent, mismarked the books. That may be so and relevant criminal charges against those traders should be pursued. But that strategy does not protect management. If there was mismarking, especially to the extent that occurred here, it is the responsibility of management to know or have procedures in place to alert them to the potential for fraud. Step one in that control process: Don’t let your traders mark their own books. If you do you have no excuse. Your controls are worthless and as CEO, you are responsible for ignoring that fundamental control gap. Full stop. Which leads to the second underreported stunner. It is a very big deal when a firm is compelled to disclose a material weakness in internal controls. That’s the worst level of internal control failure a going conern can report. In JP Morgan’s case its more damning since Dimon, as recently as May 10, 2012, certified that all was well with internal controls as of the end of 1Q2012. That assessment means that it is impossible for the firm’s external auditor to sign off on the financial statements until and unless the control breakdowns are remediated sufficiently for the auditor to provide assurance. The description of the control weaknesses at JP Morgan appear to be design flaws, so it’s likely the weaknesses existed in periods earlier than the first quarter of 2012, when it was ‘discovered’. The fact that the unit with the weaknesses by all accounts was under the direct control of the CEO throws doubt on the validity of his prior certifications about the quality of the internal controls. The external auditors will be under extreme pressure to either support or refute the earlier certifications. Falsifying the certification is the worst Sarbanes Oxley violation there is, so Dimon is going to have to come up with an airtight rebuttal.

Not only does the Senate report hew to the Crimmins’ take, it presents an even worse picture. Just to give a few highlights:

Management hid the existence and role of the unit within the JP Morgan Chief Investment office that entered into the “whale” trades, the Synthetic Credit Portfolio, from its inception, even as its exposures ballooned, from the OCC The bank made repeated, knowing misrepresentations about the size of the losses, the severity of the control failures, and the degree of management knowledge to regulators and investors The contempt for regulators and for the need for timely and adequate disclosure is symptomatic of an out of control environment. Between the beginning of the year and end of April 2012, the SPG breached risk limits 330 times, sometimes even violating bank-wide limits. Yet staff and management regarded them as an inconvenience rather than treating them as shrieking alarms that warranted swift action JP Morgan managers and risk control officers were aware of and complicit in the mismarking of positions (this is a very big deal in a financial institution)

One illustration of how damning the report is in the discussion of the Value at Risk measure used. Those who followed this debacle closely may recall that JP Morgan disclosed that it had changed its VaR model for the SCP portfolio in early 2012 and that it showed much lower levels of VAR. JP Morgan then reverted to the older VaR model after the Whale trade blew up. The impression the bank gave and the media duly parroted was that this was a big “oopsie,” that the bank had implemented a model that had a serious bug in it and just happened to flatter the SCP. We doubted it and assumed the bank had implemented the model knowing full well that it would allow the CIO to take much bigger risks (and thus book more profits if the trades worked out) with the new model. In other words, our belief was that the model didn’t innocently allow the SCP to take more risk, that more risk-taking was the entire point, but we also assumed the bank was being truthful in implying that the model contributed to the trade getting out of hand. As Crimmins wrote in a May post, Why the Cops Should be Knocking on Jamie Dimon’s Door Soon, noted that the model was implemented with unusual haste and was not vetted by the OCC and added:

This sort of “whoops our models understated risk” is a convenient way to shift blame off management to “model error” for a decision to take on additional risk. Given that easy profits in banking are vanishing, which are we to believe: that JPM, heretofore seen as a leader in the CDS marker, suddenly became grossly incompetent? Or did they decide to take on more risk and implement models that would mask from regulators and the public the scale of the wagers they were taking?

So how can reality turn out to be worse than our cynical take? JP Morgan implemented the new VaR model as part of its extensive efforts to cover up the risk limit breaches:

The SCP’s many breaches were routinely reported to JPMorgan Chase and CIO management, risk personnel, and traders. The breaches did not, however, spark an in-depth review of the SCP or require immediate remedial actions to lower risk. Instead, the breaches were largely ignored or ended by raising the relevant risk limit. In addition, CIO traders, risk personnel, and quantitative analysts frequently attacked the accuracy of the risk metrics, downplaying the riskiness of credit derivatives and proposing risk measurement and model changes to lower risk results for the Synthetic Credit Portfolio. In the case of the CIO VaR, after analysts concluded the existing model was too conservative and overstated risk, an alternative CIO model was hurriedly adopted in late January 2012, while the CIO was in breach of its own and the bankwide VaR limit. The bank did not obtain OCC approval as it should have. The CIO’s new model immediately lowered the SCP’s VaR by 50%, enabling the CIO not only to end its breach, but to engage in substantially more risky derivatives trading. Months later, the bank determined that the model was improperly implemented, requiring error-prone manual data entry and incorporating formula and calculation errors. On May 10, the bank backtracked, revoking the new VaR model due to its inaccuracy in portraying risk, and reinstating the prior model.

If you believe the problem with the new, risk friendly VaR model was that it was “improperly implemented, requiring error-prone manual data entry and incorporating formula and calculation errors,” I have a bridge I’d like to sell you.

In another example of the aggressiveness and the ineptitude of the cover-up, the traders were mis-marking the position. And it was not, as is already being well reported in the media, of their own discretion and with management either not noticing or pretending not to notice, it was at the instigation of management in the CIO and known and sanctioned at the top levels of the bank, at least for a while.

Rather than using the “mid-mark,” the midpoint of the bid-asked spreads, as the basis for its valuations in keeping with established JP Morgan policy, the Whale positions were valued according to trader wishful thinking:

According to notes of an interview of Bruno Iksil as part of the JPMorgan Chase Task Force review, Mr. Martin-Artajo, told him that he was not there to provide “mids.” Mr. Martin Artajo thought that the market was irrational…Recorded telephone conversations, instant messaging exchanges, and a five-day spreadsheet indicate that key CIO London traders involved with the marking process were fully aware and often upset or agitated that they were using inaccurate marks to hide the portfolio’s growing losses.. On January 31, 2012, CIO trader Bruno Iksil, manager of the Synthetic Credit Portfolio, made a remark in an email to his supervisor, Javier Martin-Artajo, which constitutes the earliest evidence uncovered by the Subcommittee that the CIO was no longer consistently using the midpoint of the bid-ask spread to value its credit derivatives. Mr. Iksil wrote that, with respect to the IG9 credit index derivatives: “we can show that we are not at mids but on realistic level.”648 A later data analysis conducted by the bank’s Controller reviewing a sample of SCP valuations suggests that, by the end of January, the CIO had stopped valuing two sets of credit index instruments on the SCP’s books, the CDX IG9 7-year and the CDX IG9 10-year, near the midpoint price and had substituted instead noticeably more favorable prices.649 This change in the CIO’s pricing practice coincided with a change in the SCP’s profitloss pattern in which the Synthetic Credit Portfolio began experiencing a sustained series of daily losses.

And these differences were large:

On March 23, Mr. Iksil estimated in an email that the SCP had lost about $600 million using midpoint prices and $300 million using the “best” prices, but the SCP ended up reporting within the bank a daily loss of only $12 million. On March 30, the last business day of the quarter, the CIO internally reported a sudden $319 million daily loss. But even with that outsized reported loss, a later analysis by the CIO’s Valuation Control Group (VCG) noted that, by March 31, 2012, the difference in the CIO’s P&L figures between using midpoint prices versus more favorable prices totaled $512 million.

Now recall the plot so far: this optimistic marking is still all within the CIO. Here’s where we get to upper management weighing in officially:

On May 10, 2012, the bank’s Controller issued an internal memorandum summarizing a special assessment of the SCP’s valuations from January through April. Although the memorandum documented the CIO’s use of more favorable values through the course of the first quarter, and a senior bank official even privately confronted a CIO manager about using “aggressive” prices in March, the memorandum generally upheld the CIO valuations. The bank memorandum observed that the CIO had reported about $500 million less in losses than if it had used midpoint prices for its credit derivatives, and even disallowed and modified a few prices that had fallen outside of the permissible price range (bid-ask spread), yet found the CIO had acted “consistent with industry practices.”

So the Controller is fully on board with a substantial, erm, deviation from long established practice. And why did he do that? To legitimate the public financials reflecting the flattering marks:

The sole purpose of the Controller’s special assessment was to ensure that the CIO had accurately reported the value of its derivative holdings, since those holdings helped determine the bank’s overall financial results. The Controller determined that the CIO properly reported a total of $719 million in losses, instead of the $1.2 billion that would have been reported if midpoint prices had been used. That the Controller essentially concluded the SCP’s losses could legitimately fall anywhere between $719 million and $1.2 billion exposes the subjective, imprecise, and malleable nature of the derivative valuation process.

Now get this bit:

The bank told the Subcommittee that, despite the favorable pricing practices noted in the May memorandum, it did not view the CIO as having engaged in mismarking until June 2012, when its internal investigation began reviewing CIO recorded telephone calls and heard CIO personnel disparaging the marks they were reporting. On July 13, 2012, the bank restated its first quarter earnings, reporting additional SCP losses of $660 million. JPMorgan Chase told the Subcommittee that the decision to restate its financial results was a difficult one, since $660 million was not clearly a “material” amount for the bank, and the valuations used by the CIO did not clearly violate bank policy or generally accepted accounting principles. The bank told the Subcommittee that the key consideration leading to the restatement of the bank’s losses was its determination that the London CIO personnel had not acted in “good faith” when marking the SCP book, which meant the SCP valuations had to be revised.

So why did the Comptroller flip his position? Because there was incriminating evidence in the bank! You really have to get what happened: the Comptroller tried to play along with wildly unrealistic marks, figuring it would somehow not come back to bite the bank. May 10 was the day the bank disclosed that the Whale losses were $2 billion and might be higher. So this looks to be a CYA contemporaneous document. The New York Times reported on May 11 that the SEC had opened an investigation “in recent days.” But it may have been the opening of an FBI investigation later that month that led the bank to decide to take a harder look at how exposed it was. As CNN reported at the time:

Erik Gordon, a law and business professor at the University of Michigan, said the opening of an FBI investigation escalates pressure on the bank. “The FBI are not guys looking for violations of civil and and securities law,” Gordon said. “They look for one thing, and one thing only: criminality.” James Cox, a professor at Duke Law School, said that it is unusual for the FBI to launch an investigation so soon after an incident in which no malfeasance is immediately apparent.

Ahem, this blog disagreed with the “no malfeasance apparent” bit, and explained why.

One last bit: The Senate committee also went hard after the bank’s claim that the SCP was as hedge. Readers may recall Dimon’s astonishing claim the Whale trade was a “economic hedge.” To understand the significance, you also need to appreciate why Dimon located a proprietary trading unit (the Senate report makes a forceful case for this description) in the CIO.

The CIO can hold “available for sale” portfolios, and their purpose is to meet bank liquidity needs. The bank of course can also seek to get some profit from them, but in theory, that is a secondary objective. Because they are supposedly to help the bank manage its Treasury, the special “available for sale” treatment means, basically, that the bank can trade them at any time (they are “available for sale”) BUT does not realize gains or losses until sale. In other words, it can be traded like a trading book but not be marked to market! How perfect is that for speculating? Now you can understand why this book got so big and why Ina Drew and her team were paid so handsomely.

Crimmins explained how disingenuous Dimon’s claims about the CIO’s “economic hedge” were:

Further confirmation that the ‘hedge’ wasn’t technically a hedge comes from Jamie Dimon himself. In hindsight, the new strategy was flawed, complex, poorly reviewed, poorly executed and poorly monitored. The portfolio has proven to be riskier, more volatile and less effective an economic hedge than we thought. As Dublon explained above, “There is a difference between accounting and economic valuations.” Dimon takes care to refer to the ‘economic hedge’, which is a term of art. It has no significance for financial disclosure purposes. It means whatever the user wants it to mean. If Dimon has not been vigilant in using the phrase ‘economic hedge’ in his disclosures and public comments about this portfolio then he’s made some false disclosures. An “economic hedge’ is not a ‘hedge’ for financial disclosure purposes. ‘Economic hedge’ is a meaningless phrase. The abbreviated term ‘hedge’ when used to describe the trading portfolio embedded in the CIO book is a false characterization of the portfolio.

This is only a small section of the Senate report’s evisceration of the claim that the portfolio was a hedge:

When asked – despite the lack of contemporaneous documentation – to identify the assets or portfolio that the SCP was intended to hedge, CIO and other bank officials gave inconsistent answers…[several examples]… At the same time, the CIO’s most senior quantitative analyst, Patrick Hagan, who joined the CIO in 2007 and spent about 75% of his time on SCP projects, told the Subcommittee that he was never asked at any time to analyze another portfolio of assets within the bank, as would be necessary to use the SCP as a hedge for those assets. While it is possible that the portfolio the SCP was meant to hedge changed over time; the absence of SCP documentation is inadequate to establish whether that was, in fact, the case. 251 In fact, he told the Subcommittee that he was never permitted to know any of the assets or positions held in other parts of the bank.252 Given the lack of precision on the assets to be hedged, JPMorgan Chase representatives have admitted to the Subcommittee, that calculating the size and nature of the hedge was “not that scientific”253 and “not linear.”254 According to Ms. Drew, it was a “guesstimate.”255 She told the Subcommittee that there was “broad judgment” about how big the hedge should be, and that she used her “partners” as “sounding boards” if she later wanted to deviate from what had been agreed to.256

The report makes clear that the OCC didn’t see this as a hedge and thought that any insurance-style tail-risk hedging should be done at the business unit level, not on a bank-wide basis, as the CIO claims it was doing.

I’ve been astonished that the press and the markets have bought Dimon’s bluster as long as they have. The Senate revelations, combined with Josh Rosner’s documentation of massive control failures across the JP Morgan and the Fed slapping the bank for “weaknesses” in its capital management may finally lead to a long-overdue reassessment of Slimin’ Dimon. Bullying is a poor substitute for basic operational blocking and tackling.