Annual Top 10 losses 2018
- 8 February 2019
The ORX News Top 10 of 2017 explores the ten largest operational risk loss events of 2017. All of the loss events are taken from last year's monthly top 5 loss event articles published by the ORX News team.
2018 in review
Uptick in operational risk losses
The frequency of publicly reported operational risk losses rose this year for the first time since 2014. This follows an increase in ORX News’ coverage of cyber-related events in 2018 to include major data breaches and fraud at non-financial firms. Excluding events at non-financial firms, loss frequency fell by almost 2 per cent from 2017, but total severity increased by 26 per cent.
Conduct risk a major source of loss
Conduct-related events cost firms €27.7bn in 2018, accounting for over 92 per cent of the year’s total severity. ORX News has approximated conduct losses using event type categories EL01 Internal Fraud; EL04 Clients, Products & Business Practices; and EL0303 Employment Diversity and Discrimination. Applying these parameters to last year’s data shows a decrease of 5 per cent in the number of conduct-related events, yet an increase of almost 41 per cent in loss severity.
Legacy losses almost equal new losses
ORX News records legacy losses in the year the first loss relating to the event was reported. As such, although €21bn of legacy losses were added to the ORX News database this year, this amount is not recorded in 2018 and contributes to the loss totals of previous years. This amount is considerably higher than the €12.2bn of legacy losses added to the database in 2017, and includes major MBS settlements by Barclays and Wells Fargo.
The top ten of 2018
1. Former Anbang Insurance chairman embezzles CNY 75.25 billion in illegally-raised funds and insurance premium income
The top spot was taken by an embezzlement scheme at a Chinese insurer. Former Anbang Insurance chairman and general manager Wu Xiaohui was accused of embezzling CNY 75.25
billion (USD 11.99 billion, EUR 9.65 billion) by diverting funds that were raised illegally and insurance premium income to companies owned by him. Anbang oversold wealth management
insurance policies between 2011 and 2017.
2. PrivatBank defrauded of USD 5.5 billion through fraud scheme orchestrated by former owners
In second place is another large-scale internal fraud. On 16 January 2018, the National Bank of Ukraine (NBU) announced that PrivatBank had lost at least USD 5.5 billion (EUR 4.5 billion) through a large-scale and coordinated fraud scheme. According to the investigation, a shadow banking structure coordinated the fraud which involved issuing loans to related parties, a fraudulent loan payment scheme, and efforts to disguise the flow of funds through payments between accounts and fraudulent accounting records.
3. Punjab National Bank assesses total liabilities as INR 143.57 billion for fraud involving letters of undertaking
Thirdly, a long-running fraud involving collusion between bank staff and a diamond businessman. Punjab National Bank (PNB) has assessed its total liabilities as INR 143.57 billion (USD 2.23
billion, EUR 1.79 billion) after being defrauded in a scheme whereby former bank employees fraudulently issued letters of undertaking (LoU) to diamond businessman Nirav Modi and companies associated with him. The fraud began in 2010 and took place at the Brady House branch of the bank in Mumbai.
4. Société Générale pays USD 1.34 billion to settle with US authorities over trade sanctions violations
In fourth place, the first of two losses for Société Générale (SocGen). On 19 November 2018, it was reported that SocGen had agreed to pay fines amounting to USD 1.34 billion (EUR 1.15bn) to the US authorities to resolve investigations into its violations of US international sanctions. According to the authorities, from at least in or about 2004 to in or about 2010, SocGen conspired to violate the Trading with the Enemy Act and the Cuban Assets Control Regulations. In particular, SocGen violated regulations by structuring, conducting and concealing US dollar transactions using the US financial system in connection with US dollar credit facilities involving Cuba.
5. Wells Fargo fined USD 1 billion for auto insurance and mortgage mispractice and risk management deficiencies
In fifth place, the biggest retail banking loss of the year. Wells Fargo was jointly fined USD 1 billion (EUR 808.7 million) by the US Bureau of Consumer Financial Protection Bureau (CFPB) and the US Comptroller of the Currency (OCC) for breaching the Consumer Financial Protection Act (CFPA) in the way it administered its auto insurance loan programmes and mortgage rate-lock extensions, and for breaching the Federal Trade Commission Act (FTCA) by having several deficiencies in its risk management and administration. The firm was also ordered to provide redress to all the customers which it damaged.
6. ING Bank pays EUR 775 million settlement over allegations it violated AML and CTF regulations
In sixth place, the first of two anti-money laundering settlements. On 4 September 2018, ING Bank Netherlands (ING NL) agreed to pay the Netherlands Public Prosecution Service (NPPS)
EUR 775 million (USD 899.8 million) in a fine and disgorgement over allegations that it had violated the Anti-Money Laundering (AML) and Counter Terrorist Financing (CTF) Act. The violations were due to insufficiencies in its internal policies, and its participation in culpable money laundering.
7. Société Générale pays USD 750 million in LIBOR settlements with DoJ and CFTC
In seventh place, a settlement relating to benchmark lending rate manipulation alleged to have taken place in 2010 and 2011. On 4 June 2018, Société Générale (SocGen) agreed to settle
with the US Department of Justice (DoJ) and the US Commodity Futures and Trading Commission (CFTC) for a total of USD 750 million (EUR 643.1 million) to resolve investigations relating to London Interbank Offered Rate (LIBOR) submissions. SocGen will pay USD 275 million to the DoJ and USD 475 million to the CFTC in regulatory penalties and disgorgement over alleged LIBOR manipulation.
8. US Bank to pay USD 613 million over its AML/BSA compliance failures in relation to Scott Tucker’s payday loan scheme
In eighth position, a second AML settlement. US Bancorp’s subsidiary US Bank agreed to pay a total of USD 613 million (EUR 500.5 million) in restitution and a settlement with the US Office of the Comptroller of Currency (OCC), Federal Reserve (Fed) and Financial Crimes Enforcement Network (FinCEN). US Bank was found liable of adopting an inadequate anti-money laundering (AML) and Bank Secrecy Act (BSA) compliance programme, and failing to report suspicious banking activities carried out by a long-time customer, Scott Tucker, the owner of payday loan scheme Tucker Payday Lender.
9. Coincheck loses around JPY 58 billion worth of NEM coins following hack in hot wallet
In ninth place is a cryptocurrency loss. On 26 January 2018, the Japanese cryptocurrency exchange Coincheck suffered a hacking attack resulting in a loss of around JPY 58 billion (USD
531.9 million, EUR 427.5 million) worth of NEM coins. Other cryptocurrencies traded by the exchange such as ripple, bitcoin and ether were not affected by the hack.
10. MetLife provisions and pays USD 511 million over failure to locate pension beneficiaries
In tenth place is the second loss from the insurance sector. As of 19 December 2018, MetLife has paid and provisioned a total of USD 511 million (EUR 416.3 million) over its failure to
make proper efforts to contact thousands of retirees in order to pay pension benefits. The amount comprises a USD 510 million provision announced in a US Securities and Exchange
Commission (SEC) Form 8-K filing on 13 February 2018, and a USD 1 million settlement reached with the Massachusetts Secretary of the Commonwealth on 18 December 2018.