Why did the SEC fail to spot the Madoff case?
With Congress now probing the Bernard Madoff case, some claim the SEC missed the risk because of under staffing. Even if that’s an issue, one SEC enforcement officer using basic risk-management skills, asking probing questions, searching for clear answers, and exercising timely follow up could have helped in detecting this fraud before it grew to such a staggering size.
The central flaw at the SEC is that its current oversight approach is not sufficiently risk focused. Moreover, any changes in approach have tended to be in response to a specific event instead of incorporating an overall risk-based approach across all areas under their regulatory purview.
The SEC is responsible for overseeing registered broker-dealers, transfer agents, clearing agencies, investment companies and investment advisers, yet there is not a consistent risk approach used in all of these examinations. For example, in 2003, after widespread unlawful trading practices surfaced in the mutual fund industry, the SEC took steps to take a more risk-based approach.
Yet these higher examination standards were not viewed important enough to be applied to investment advisers such as Bernard Madoff. The weakness in the SEC’s existing examination approach can be best highlighted by the fact that, in the last 16 years, while Madoff’s firm was investigated 8 times, no fraudulent activities were ever uncovered.
As part of their broad regulatory mandate, the SEC is responsible for overseeing over 10,000 investment advisers. This agency needs to adopt a “where there is smoke there is fire” approach. The SEC must become risk focused in the scope and frequency of its monitoring and surveillance operations. Given the significant number of investment advisers, even if we assume that 99 percent are low risk, that still leaves 100 that need to be closely monitored and scrutinized.
The SEC should keep a detailed list of the top risky investment advisers and use it to prioritize and set review frequency. Currently, there is no clear indication that the SEC links review frequency or scope of exam with level of perceived riskiness. Former SEC Chairman Arthur Levitt recently indicated that only 10 percent of investment advisers are examined every three years. A wealth of new fraud can be dreamed up, hatched, and perpetrated at such firms in the interim.
Instead, the SEC must develop a stronger risk filter that will quickly flag investment advisers which exhibit higher risk characteristics. Such red flags should center on corporate governance issues such as level of independence and checks and balances. For example, does the investment adviser clear its own trades or do they use an independent third-party? Who is this third-party? Are they well known and do they have a good reputation? Who is the accountant for the investment adviser and what is their reputation and size?
Other warning indicators can come in the form of formal as well as informal complaints. What is the nature and frequency of such complaints and is a particular firm being consistently implicated?
Importantly, the SEC needs to develop a better “whistleblower” framework so it can quickly identify and respond to such complaints. If managed properly, the thousands of e-mails the SEC gets annually can be a powerful risk management tool to identify and respond to potential risk.
The SEC maintains a website to collect complaints and tips. However, the fact that whistleblower tips about Mr. Madoff’s firm were received as far back as 1999 and yet they were never fully vetted speaks to the weakness in the SEC’s risk filtering and response system. The SEC must be able to quickly sort through creditable allegations. Once such allegations have been identified, they must be prioritized, investigated and resolution reached in a timely manner.
Internally, the SEC should revise policy and include a clear action plan, process, and timeframe to address whistleblower complaints and tips. This would establish immediate accountability. To further encourage SEC investigators to comply with new response policy, standards must be directly linked to annual employee performance reviews.
In 1920, long before the SEC was established, Charles Ponzi was able to keep his scam running and undetected for only eight months. Fortunately, this fraud quickly unraveled when local media began to raise and followed up on some basic risk-related questions. The Madoff case and the failure of early detections is a further indication that the SEC should move to a more risk-focused approach.
Doing so, when coupled with timely follow up and consistent risk-based examination practices will help restore market confidence that the SEC can and will protect us against investment fraud.