Friday, August 26, 2011

Breaking News: Market Share Stolen by Hackers!

A Wall Street Journal article today carries the following quote:

Chinese state television has broadcast footage of what two experts on the Chinese military say appears to be a military institute demonstrating software designed to attack websites in the U.S.
DailyTech blog captured screenshots including the image below.

This further supports my prediction in a January 2010 blog post What Will Tomorrow (Today?) Bring: Virtual War.
"Make no mistake, this is
Cyber Warfare."
It is now undeniable: we are engaged in a new Cyber Cold War which represents the most unconventional and asymmetric war the world has ever seen. Control is extremely decentralized. Weapons are easily acquired. The risk of retaliation is low. Battles are waged remotely. The prosecutors and victims of the war can be anyone or any group of people. Governments, individuals, and businesses are all players, like it or not.

The WSJ article shows, however, that more conventional power structures are now on the battlefield. Many in the LulzSec group may have simply been bored, over-caffeinated students who wanted some celebrity. However, security insiders increasingly see hard evidence to support the WSJ's case: governments, particularly those of Russia, China, and the US are quietly backing attacks.

Many people would laugh at the notion that a foreign military might wage an online attack on a US financial institution. Consider, however, two factors which might give them motivation:
  1. Sovereign Wealth Funds (SWFs) increasingly own debt and equity of governments AND businesses. This gives them a financial interest in the success (or failure) of certain companies as well as economies. Hack a bank, leak a headline, and watch the share price drop until a buying opportunity has emerged.
  2. Many emerging market countries have discovered that they don't have to create an economy as big as the US in order to have companies which compete on a global scale. These companies can be jump-started with some quiet government support. As a result, it has become common policy to support "national champions" which successfully compete against the largest and most mature global (though still mostly US-based) companies. Government-sponsored hackers might help these champions by hacking the competition and stealing trade information or by creating bad headlines.
Like it or not, we have to acknowledge that certain governments have the means, the motive, and the opportunity to commit cyber attacks against financial institutions. In all likelihood, this has been going on for at least several years. Consider a March 2009 article:
"A vast Chinese cyber-espionage network, codenamed GhostNet, has penetrated 103 countries and infects at least a dozen new computers every week, according to researchers ... [GhostNet] is the latest sign of China's determination to win a future 'information war'... In 2003, the Chinese army announced the creation of 'information warfare units'."
Fox News added to the story:
"The Chinese government on Monday denied it was behind GhostNet"
Banking has the notion of security at its core. Think of a bank branch and you'll instantly visualize vaults, armed guards and video surveillance. Behind the scenes, banks all have hardened ATMs, teller stick-up procedures, passwords and permissions. In other words, security is tightly integrated with their physical channels.

It is also tightly integrated into their physical products through watermarks, microdot printing on checks, serial numbers on other financial instruments, signature specimens, etc.

Ironically, banks have been dangerously slow to understand how this relates to the online world. Today's banks are dot-coms. Online banking is now a core product. Moreover, it is the "face of the bank" for many customers. It is the gateway or channel through which all other products and services are offered.

Dot-com execs have an advantage in the realm of security and fraud inasmuch as their core product is a piece of technology which intrinsically has a set of permissions and security controls built in. The tools their engineers use also have permissions and security controls at their core. Bank execs need to think like dot-commers. Online security and fraud prevention are just as intrinsic to their core products as signature cards, credit scores, personal relationships, and armed guards once were.

The logical conclusion is that banks need to be organized, staffed, and run more like dot-com businesses to survive in the current Cyber Cold War. Security must be "baked in" to everything they do, just as credit scores and ratings have been baked into lending and trading decisions for decades. Executives should make no mistake: on the current battlefield, market share is not stolen by a bank down the street who might lure customers away with better rates and free toasters. Market share is "stolen" by hackers who ruin the bank's reputation or steals clients' identities and thus causes customers to flee.

It is no longer a sci-fi fantasy that these hackers may be shadow agents of a competitor or even a government intent on manipulating markets, economies, or even specific businesses.

Thursday, August 18, 2011

Follow-Up: What Will Tomorrow Bring: Financial Utilities

The FT had more to say this week on the future of banking. Opinionators Patrick Jenkins and Megan Murphy argue in "Banking: Again on the edge" that:

"cuts this time are set to differ from those of previous cyclical downturns. Bankers and regulators agree they may mark a profound change in employment patterns across the world’s banking industry.

The reason is simple enough. At the same time as western economies are teetering on the edge of double-dip recessions, the banking industry itself is caught in the middle of a period of deep structural change – much of it ushered in by the regulatory response to the first wave of the financial crisis three years ago."

Every consultant worth his salt is busy trying to write something prescient on the future business model for banks. GLG Research recently published a report called out the following key parameters, with a focus on retail banking:
1. Peer-to-Peer (P2P) Lending: An advanced technology that eliminates middlemen and directly connects borrowers and lenders.

2. Prepaid General Purpose Reloadable (GPR) cards: In return for modest commissions, a global agency network of convenience stores and retailers are now enabling cards to be “loaded” with cash. When equipped with remote deposit check capture, direct deposit, bill payment and ancillary credit, savings and investment accounts, these cards make traditional bank branching redundant. eWallets such as those touted by ISIS, Google, Visa, Amex, Paypal and FaceCash are the offspring of GPR built on the same infrastructure; similar economics but a different, arguably more convenient, access device.

3. Social Media: Social media like Facebook and LinkedIn can offer insight into customer behavior that can be applied to enhance customer acquisition, retention, and even underwriting (

Wednesday, August 17, 2011

Yeah, What HE Said: Limited Government

Quote shamelessly borrowed from the Cato Institute's blog today:

"Limited government is one of the greatest accomplishments of humanity.
It is imperfectly enjoyed by only a portion of the human race, and, where
it is enjoyed, its tenure is ever precarious. The experience of the last
century is surely witness to the insecurity of constitutional government
and to the need for courage in achieving it and vigilance in maintaining it."
- Tom G. Palmer, Cato Institute Fellow and Humanitarian

Saturday, August 13, 2011

Nik's Laws: Profit

If profit is outlawed, only outlaws will profit.

Thursday, August 11, 2011

What Will Tomorrow Bring: Financial Utilities

The story of the financial industry is a breathless one. With all that money sloshing around, smart people know that there is profit to be made. Unfortunately, due to that same money (=liquidity) and profit potential, financial products and services get commoditized very quickly. Competitive advantage is fleeting. It's textbook hyper-competition. Constant, hostile, explosive innovation is necessary to survive.

Unfortunately, that also leads smart, sensible people to do horrifically stupid, risky, nonsensical things which relieve immediate (financial or political) pressures but which have been entirely "un-thunk" in terms of their end-state consequences.

Hyper-competition also intrinsically conflicts with hyper-regulation.

Last year I predicted that the weight of new regulations (written and unwritten), political instability, and economic realities would force financial institutions to give up their for-profit status to become utilities:

Financial Institutions will once again be lobotomized. Divided into two classes:
- Utilities (aka retail banking)
- Casinos (aka everything else)

"Utilities" are done for as a for-profit enterprise. Just like Amtrack and Con Ed, they will require permanent and heavy subsidy verging on nationalization to survive the tonnage of regulations which will be piled on.
Evidence continues to pour in to support this including:
  • More than 8,000 entries in the OCC's list of sanctions here. They are just one of a half-dozen governmental agencies which take enforcement actions against banks
  • 111 bank collapses in the past 12 months per the FDIC's Bank Failure website. Twenty-six banks collapsed between 2000 and the end of 2007
  • Voluntary closure of a regional bank this week "in an extreme example of the frustration felt by many bankers as regulators toughen their oversight of the nation's financial institutions"
  • According to a Marakon report (source of the chart above), "only four US banks, or 10% of banking equity capital, are expected to generate returns above the cost of equity; a staggering 90% of banking capital is not performing"
But you ain't seen nothing yet. The above are mostly smaller institutions. The financial titans (Titanics?) are better at fighting and delaying, but trust me they are also bending under the weight. Their stock prices are beginning to reflect it.

UCSD professor Frank Partnoy yesterday published his opinion in the Financial Times with a piece titled "The coming world of smaller banks." He highlights not only the unavoidable reductions in share prices and headcounts, but more damningly, the unavoidable extinction (or drastic evolution) of the standard banking business model:
If all of the world’s major banks had failed during 2007-08, and regulators had permitted Apple, Facebook, Google and Microsoft to take over the economy’s capital allocation function, how would employment numbers have changed? Surely any neo-bank would hire smart lenders, traders, analysts and advisers, the people who have the strongest relationships with, and knowledge of, the institutions that demand or supply capital. But would they have hired all of them? Half? How many people would a new bank really need? Hedge funds take on traditional bank functions with a fraction of the employees.
He concludes:
[Banks] will occupy a smaller place in the economy and they will be less profitable. In a decade, there will be fewer professionals working on Wall Street than there are today.
If I map his comments onto my own, it becomes clear where the job losses will be. The "Financial Utilities" will be characterized by a low-skill, low-innovation, low-margin, high-volume business model. Since capital and information are almost entirely digital these days, there is nary a barrier to massive automation. The remaining jobs will be the folks keeping the computers humming and the 'relationship' people in high-touch areas like customer complaints and regulatory relations.

Monday, August 08, 2011

Yeah! What HE Said: Smart is as Smart Says ... Hopefully History Repeats

Allow me to quote myself quoting someone who has every right to give Uncle Sam a big ole "told ya so" right now.

"Experience hath shewn, that even under the best forms of government those entrusted with power have, in time, and by slow operations, perverted it into tyranny." - Thomas Jefferson

"And to preserve their independence, we must not let our rulers load us with perpetual debt. We must make our election between economy and liberty, or profusion and servitude." - Thomas Jefferson

"That government is best which governs least." - Thomas Jefferson

Sunday, August 07, 2011

Time for Timmy to Take a Page from the Dick Nixon Book

Three months ago, on April 19, Timmy G flashed that charming nose-flair and scowl as he proclaimed "no risk" of credit rating downgrade. With a Treasury Secretary like that, who needs enemies?

That incredible foresight has created quite a bank of political capital and immense credibility for Timmy. Knowing that his fatherly tone alone can instill confidence in the most dubious heart, he decided today to leverage a bit of his capital, saying, in effect, 'trust me - China will continue to support borrowing habit.' No need to get our fiscal houses in order. That's just too hard. Too confusing. Too complicated for the average dumb voter. Better to just distract everyone by attacking the ratings agencies ... for ... um ... our fiscal mess?

Also based on his incredible Volcker-like, Lula-like track record of securing our country's fiscal future, he shared some friendly advice with his colleagues in Europe, admonishing those pre-pubescent countries to make sure they don't spend more than they make. If only they were as fiscally responsible as we are. If only they were lead by such world-class minds as we.

Investors are expressing their immense appreciation for Timmy's FDR fireside chat moment by voting with their feet ... from equities, debt, swaps, and even energy straight into gold.

Friday, August 05, 2011

Risk Free?

S&P's downgrade of US debt is not the first domino, nor will it be the last.

Traders and Brokers: wear rubber underwear Monday.

Thousands of funds are contractually required to hold a specified percentage of AAA debt. They ALL have a significant position in US Treasuries. Monday they will have to decide whether they go to their investors hat in hand requesting permission to hold non-AAA US debt or whether to dump their holdings. Furthermore, risk algorithms and valuation models used by nearly all financial institutions and investors are based on the US treasuries as the "risk free" rate of return. These models will have to be re-assessed ... and the consequence will be a shift in investments.

The charters of many countries and sovereign wealth funds require their central banks to hold AAA notes (or the currencies of those countries) for their national reserves. Thus, the US's reserve currency status may also be reviewed next week. FX markets, interest rate markets, swap markets ... wow - hold your hats, kiddos.

(update) Don't take my word for it. Mohammed el-Elrian echoed my comments in the Financial Times over the weekend.

The fact that yields on US debt have fallen all week speaks more to our ability to manipulate markets (in the short and medium term) than it does to confidence level. So don't go there.

This could have been avoided. Go ahead and fiddle, Congress. Washington is burning.

Thursday, August 04, 2011

Stupid is as Stupid Does

Switzerland has spent over a century building a safe, predictable, stable currency. Sadly, as one of the last bastions of sovereign stability, the nation is now feeling the unintended consequences of their scotch ways. It is teetering on the verge of recession because their currency is too expensive. As a consequence, Europeans are cancelling trips to the Swiss Alps because everything is too expensive there. Swiss are driving across the (0pen) border to buy TVs and food in Italy where their francs go much further.

Thus, the central bank intervened in currency markets today to knock down the franc. Tonight, the franc is trading above where it started the day.

Ditto Japan.

Consequently, the Swiss and Japanese central banks' wallets are a few billion dollars lighter tonight ... and currency traders' wallets are a few billion dollars heavier.

When will central banks learn??