Josh Rosner (@JoshRosner) is co-author of the New York Times Bestseller “Reckless Endangerment” and Managing Director at independent research consultancy Graham Fisher & Co. He advises regulators, policy-makers and institutional investors on banking and financial services (a more complete bio appears at the end of this column).

This is part 4 of 5; Yesterday evening, we published the Introduction. We will be releasing a different part each evening and morning culminating in the release of Rosner’s complete report on Friday morning. On that date, the Senate Permanent Subcommittee on Investigations will release their final report on JPM’s CIO Group (aka the London Whale).

Prior installments are here: Intro, part 2 and part 3.



In the wake of at least $6.2 billion in losses and an earnings restatement in the CIO’s office, which manages JPM’s excess cash and should therefore be run by top talent, the regulatory response has been surprisingly muted. The two reports issued by JPM in early January were unrevealing and illustrate the current state of regulatory capture where large financial institutions are concerned.

When Freddie and Fannie suffered accounting scandals early last decade, with Freddie understating earnings and Fannie overstating them, the Companies and their regulator (OFHEO) recognized the importance of credible investigations. Freddie hired an outside firm to do an independent investigation[i] and their regulator embarked on two detailed and meaningful investigations.[ii] After these investigations were complete, OFHEO issued exhaustive and meaningful demands on the companies in the form of Consent Orders[iii].

On January 14, 2013, without the benefit of a similarly complete investigation, the Federal Reserve issued two fairly narrow Consent Orders to JPMorgan.[iv] The first order related to violations of the Bank Secrecy Act and anti-money laundering requirements, the second to the losses in the Chief Investment Office. Neither of these orders appears to have resulted from any meaningful investigation and neither addressed the many other recent failures of the Company’s internal controls. When the rod is spared, as seems to be the standard approach to dealing with violations by our biggest banks, we find ourselves reminded that spoiled children behave badly.

The ability of any management team to steer a company with a balance sheet as large as JPM’s seems an impossible feat, one that bears inquiry and consideration. While the “London whale” losses are generally viewed in isolation they are little more than the most dramatic recent example of poor internal controls.

A Whale’s Tale – a Whitewash Report

When compared to the report the Board of Freddie Mac undertook, JPM’s “Task Force” was a whitewash. Freddie initiated a truly independent investigation by an unaffiliated firm and directed all employees of the Company to fully cooperate with the investigation. There were no limitations proscribed on the scope of the review and as the investigators or the Firm’s independent auditors discovered additional matters they were also looked into[v].

In contrast, JPMorgan’s “Task Force” issued a report of questionable independence and limited in scope. Michael Cavanagh, co-Chairman of JPMorgan’s investment bank, led the “Task Force”. Cavanagh reports directly to Jamie Dimon and is both a longtime “lieutenant” and his possible successor[vi].

For Michael Cavanagh to be tasked with investigating another executive that reported directly to Jamie Dimon[vii] about losses in a unit that he knew, as early as 2010, appeared to have inadequate controls[viii] is more troubling. As former SEC Chairman Harvey Pitt said, “It’s incomprehensible to me that they did these reports internally, it’s like asking Joe Paterno to do the Penn State [sexual abuse] investigation instead of [former FBI director] Louis Freeh… having picked Cavanagh to do this strikes me as potentially foolish in the extreme, the only reason you do a review this way is because you don’t want to find anything unduly damaging[ix].”

The Task Force Report

While we will offer some assessments of the primary content of the report it is important to recognize that, as is often the case, some of the most valuable information is buried in the footnotes. As a result, we will first focus on many of those items.

Footnote 2: The description of “what happened” is not a technical analysis of the Synthetic Credit Portfolio or the price movements in the instruments held in the Synthetic Credit Portfolio. Instead, it focuses on the trading decision-making process and actions taken (or not taken) by various JPMorgan personnel. The description of activities described in this Report (including the trading strategies) is based in significant measure on the recollections of the traders (and in particular the trader who had day-to-day responsibility for the Synthetic Credit Portfolio and was the primary architect of the trades in question) and others. The Task Force has not been able to independently verify all of these recollections.

This footnote raises questions about the thoroughness of the investigation.

Footnote 10: John Hogan, who succeeded Mr. Zubrow as the Firm’s Chief Risk Officer in January 2012, did not have sufficient time to ensure that the CIO Risk organization was operating, as it should. Nevertheless, the Task Force notes that there were opportunities during the first and second quarters of 2012 when further inquiry might have uncovered issues earlier.

While it may in fact be true that John Hogan did not have sufficient time to address the control problems in the CIO’s office, the reality remains that problems in risk management of the CIO’s office existed, and were known to the firm’s most senior management[x] possibly for several years prior to the 2012 trading losses. This reality calls into question the accuracy of the firm’s filings[xi] and compliance with Title III of the Sarbanes-Oxley Act[xii]. Investors may well wonder whether, as long as those weak controls were generating outsized profits; management was not interested in correcting those control weaknesses.

Footnote 20: Although the Task Force has reviewed certain general background information on the origin of the Synthetic Credit Portfolio and its development over time, the Task Force’s focus was on the events at the end of 2011 and the first several months of 2012 when the losses occurred.

Given the preexistence of problems in risk controls in the CIO’s Office it is unclear why the scope of the investigation would have been limited to late 2011 and 2012. It seems fair to consider that a broader inquiry might have highlighted failures by the firm’s senior-most management to address, in a timelier manner, the poor oversight and weak control environment.

Footnote 26: This Report sets out the facts that the Task Force believes are most relevant to understanding the causes of the losses. It reflects the Task Force’s view of the facts. Others (including regulators conducting their own investigations) may have a different view of the facts, or may focus on facts not described in this Report, and may also draw different conclusions regarding the facts and issues. In addition, the Task Force notes that its mandate did not include drawing any legal conclusions, and accordingly, this Report does not purport to do so.

While it remains unclear whether the firm’s primary regulator or other regulatory bodies are conducting credible investigations, the legal and financial risks to the firm, stemming from the losses in the CIO’s office, should remain an ongoing cause for concern.

Footnote 30: Shortly before this exchange, Ms. Drew and Mr. Wilmot had notified Messrs. Dimon and Braunstein that CIO (as part of its budgeted RWA reduction) would reduce the Synthetic Credit Portfolio’s RWA by year-end 2012, from $43 billion to $20.5 billion.

This exchange took place in January 2012 and, given the size of the exposures, it seems fair to believe that Jamie Dimon would have paid sufficient attention to the exposures. Denial of awareness of the degree of the problems only supports our view that the firm is too big to adequately manage.

Footnote 43: This was one in a series of e-mails that the other trader wrote to himself and to other traders in the last two days of January, all expressing similar views about the performance of the Synthetic Credit Portfolio, and the options available as to how best to manage it.

The report notes that “On January 31, that executive sent an e-mail to the same trader – which he also forwarded to Ms. Drew – in which he stated that the Synthetic Credit Portfolio was not behaving as intended and described the Synthetic Credit Portfolio’s performance as “worrisome”” and goes on to say that “Ms. Drew also received separate daily profit-and-loss reports on the Synthetic Credit Portfolio.” It seems implausible that Jamie Dimon would never have directly instructed Ina Drew to keep him apprised of the management of positions in an office that he long knew had control issues and, since at least January, knew of the enormity of the positions.

Footnote 86: Mr. Dimon had not been in the office from April 2 until his return on April 12.

This seems to be another attempt by the “Task Force” to exonerate Jamie Dimon and refers to the statement that “Mr. Dimon had been briefed on the issue and the work being performed, although he had not been involved firsthand in many of the discussions that had taken place during that period.” If, as we now know he was aware of the risks and size of the positions, this rationale calls into question his ability to manage the firm.

The report offers little insight into the degree of the internal control problems, how long they existed prior to this trading catastrophe, and what specific information Jamie Dimon possessed or when he became aware of the problems. Statements in the press, that he had allowed the CIO’s Office to operate with different risk controls and less oversight than the rest of the firm, were neither acknowledged nor addressed. Neither were reports that Jamie Dimon placed trades in the CIO book, a risky proposition – as John Corzine can attest – for an executive who has little time to mind his trades. The report also suggests that the armies of examiners within our largest banks are either captured or not up to the task of oversight.

Similarly, the Board of Directors’ Risk Policy Committee appears to ignore the control environment that existed in the CIO’s office before this event. The Risk Committee’s report to the Board demonstrates they were not fully apprised of the operating environment in the CIO’s Office. While they appear not to have been properly informed of the problems that existed,[xiii] it seems that they may have also failed to make sure they had a grasp of the key risks to the Firm.

One has to wonder how the regulator can avoid forcing the replacement of Board members for significant failures that include:

  • The risk management for the CIO had resided within that office;
  • The risk control environment that allowed traders to take extroadinarily large positions in illiquid contracts;
  • The lack of internal proceses that allowed traders in the CIO to mark their own positions; and
  • A heavily qualified auditor’s opinion.

These breakdowns of controls are not isolated. The long list of regulatory run-ins outlined here and the costs that they represent are important factors to consider when determining management effectiveness and the operating results of the Firm.

[i] Baker Botts, LLP. “Report to the Board of Directors of The Federal Home Loan Mortgage Corporation.” Internal Investigation of Certain Accounting Matters December 10,2002-July 21,2003. July 22, 2003. .

[ii]Office of Federal Housing Enterprise. “Report on the Special Examination of Fannie Mae”, May 2006, available at and Office of Federal Housing Enterprise. “Report on the Special Examination of Freddie Mac, December 2003 available at

[iii] and Oversight, Office of Federal Housing Enterprise. “In the Matter of The Federal Home Loan Mortgage Corporation (“Freddie Mac”).” December 9, 2003. .

—. “In the Matter of The Federal National Mortgage Association (“Fannie Mae”).” May 23, 2006. .

[iv] Board of Governors of the Federal Reserve System. January 14, 2013. .

[v] Baker Botts, LLP. “Report to the Board of Directors of The Federal Home Loan Mortgage Corporation.” Internal Investigation of Certain Accounting Matters December 10,2002-July 21, 2003. July 22, 2003. . (See also: Our investigation included (i) review of over 250,000 pages of hard copy documents (600 boxes of documents remain to be reviewed); (ii) over 200 interviews; (iii) review of electronic documents and files, including the imaging of hard drives, evaluations of e-mails, and conducting key word searches yielding two terabytes of electronic evidence; (iv) listening to over 11,000 minutes of tapes of telephone conversations; and (v) examinations of relevant employee performance reviews and personnel files.”)

[vi] and and Business. “JPMorgan – A letter From Jamie Dimon.” .

Erik Schatzker, Christine Harper and Mary Childs. “Bloomberg Archives: JPMorgan Shifts CIO to Prop Trading.” Bloomberg Businessweek, April 13, 2012: .

Moyer, Liz. “Jamie Dimon’s Mr. Fix It: Michael Cavanagh.” The Wall Street Journal, May 14, 2012: .

[vii] (see Schatzker, Erik, Christine Harper and Mary Childs. “Bloomberg Archives: JPMorgan Shifts CIO to Prop Trading.” Bloomberg Businessweek, April 13, 2012. . (See: JPMorgan also said Ina Drew, who ran global treasury at JPMorgan prior to the acquisition, would report directly to Dimon. Drew’s title changed in February 2005 to “chief investment officer,” according to the 2005 year-end filing.)

[viii] The Wall Street Journal. “J.P. Morgan Knew of Risks.” June 12, 2012: . (See: “In 2010, another bad trade caught the attention of a senior finance executive who notified top J.P. Morgan executives. Joseph Bonocore, then chief financial officer of the CIO, became concerned when London-based traders lost about $300 million in a few days on a foreign exchange-options trade, without any offsetting gains to balance out the losses. Mr. Bonocore brought the matter to Barry Zubrow, then J.P. Morgan’s chief risk officer, and Michael Cavanagh, then chief financial officer, both of whom reported to Mr. Dimon. Messrs. Zubrow and Cavanagh, who remain at the bank in other top roles, gave Mr. Bonocore authority to order that the position be reduced… Mr. Dimon recalls being told of the trades, a person close to him said.”)

[ix] Gandel, Stephen. “JPMorgan’s London Whale review: Inside job.” CNN Money, January 18, 2013: .

[x] “ Schatzker, Erik, Dawn Kopecki and Bradley Keoun. “House of Dimon Marred by CEO Complacency Over Unit’sUnit’s Risk”, Erik Schatzker, Dawn Kopecki and Bradley Keoun,.” Bloomberg, June 12, 2012. (See: Dimon treated the CIO differently from other JPMorgan departments, exempting it from the rigorous scrutiny he applied to risk management in the investment bank, according to two people who have worked at the highest executive levels of the firm and have direct knowledge of the matter. When some of his most senior advisers, including the heads of the investment bank, raised concerns about the lack of transparency and quality of internal controls in the CIO, Dimon brushed them off, said one of the people, who asked not to be identified because the discussions were private.”)

[xi] p.119 (See: “The valuation control function is also responsible for determining any valuation adjustments that may be required… The determination of such adjustments follows a consistent framework across the Firm.”)

[xii] 107th Congress, “PUBLIC LAW 107–204—JULY 30, 2002.” Last modified 2002. .

[xiii] Board Review Committee Report, p. 5-6. (See: “CIO also made an annual presentation to the Audit Committee on the control environment in CIO. Following this presentation to the Audit Committee in July 2011, the Audit Committee reported to the Board that the CIO’s presentation stated that the overall control environment and business processes of CIO remained strong. In connection with its December 13, 2011 meeting, the Risk Policy Committee received a report prepared for it and the Audit Committee on the Firm’s Risk Management Control Environment, which covered Firmwide risk management as well as risk management for the lines of business and CIO. That report addressed, among other things, risk management priorities for 2012, the status of responses to regulatory-driven initiatives, risk technology issues and initiatives, issues with model risk governance, and the status of control assessment issues (including matters requiring attention (“MRAs”) identified by regulators) and action plans to address them. These reports did not raise issues with regard to under-resourcing or other deficiencies in the risk management function in CIO, or a lack of appropriate risk limits or compliance with risk limits at CIO.”)

Print Friendly, PDF & Email

What's been said:

Discussions found on the web:

Posted Under