Business Architecture of Fraud

Business architecture is about the architecture of the various businesses within one company. Banks for example have designed so-called Chinese walls. These are not walls as you would see in real architecture, but they are virtual walls that separate one business (unit) from the other, in cases where both may not influence each other.

This is the case where the bank is doing business with corporate clients (in serving a possible IPO or stock emission) and the brokerage business where brokers may act on information that is sensitive. If the broker in the bank learns about a possible action with a corporate client it can gain money (in an illegal way).

Business architecture is not visible, but should be made visible.

The best example of fraud-prone-architecture comes from the Madoff case.

Business architecture-wise there are three lessons to draw from that case:

1. The profile of the leader who someone is doing business with. Madoff gained "Respect" as having been the president of the Nasdaq stock-exchange. But think about this. Would you trust your money to an (hedge fund) investor who has been president of Nasdaq? Is that a credible biographic path for an investor? A broker (nasdaq) is something completely different than an investor. Would you imagine Warren Buffet become president of Nasdaq or the NYSE? Having worked for Nasdaq one would know all the mazes in the legal net to start a fraud. (but I agree somehow that this is easy knowing once the damage has been done. Hindsight knowledge...which makes it a weak argument).

2. Optimal was one of the funds of Santander who invested in Madoffs hedge funds. Optimal administrators warned for the design "error" in the hedge fund. On a page 35 (source: El Pais) of the prospectus of the hedge fund, was published the article "possibility of Fraud": it stated that "the nor the funds itself, nor the custodian would operate as a custodian." Who then, one might ask.

Business architecture is something that analyst and (risk) managers should make visible by drawing the business and the organization around it.

3. Finally, the profile of a risk manager. That is one similar to that of a (private) detective. The risk manager should never rest, never stop asking questions and never stop to investigate... and a risk manager is not a loner out there at the attic of your organization. Sometimes we all have to play the role of the detective... Investigate when something smells fishy ("a guaranteed return of 10 percent"...hmmm smells ....)