% fortune -ae paul murphy

The IT role in the mortgage meltdown

The essence of the recent credit meltdown is simple: American banks are forced by law to value their mortgage portfolios at what others will pay for them, but because they also face minimal book equity percentage rules, a drop in the third party market for mortgage derivatives can force a bank into technical bankruptcy - and because that triggers a range of creditor protection measures which effectively shut down the bank's day to day operations, financial institutions participating in inter-bank transfers with banks rumored to be headed for trouble either refuse to lend or raise their overnight rates and either way push their partners over the brink into insolvency.

On the surface the roots of this are well known - I believe the rather overtly partisan summaries provided by Charles Smith ( Cover-Ups Led to Financial Crisis), in this article by Thomas Sowell or in this eight minute youtube video are actually pretty close to what an unbiased person would have made from the facts.

None of the public finger pointing I've seen, however, addresses the IT role in this - specifically the general willingness of the IT people involved to quietly go along with senior management wishes instead of holding their collective feet to the fire on either, or both, the practical problems with risk valuation or the moral issues raised by public financial statements that must have seemed obviously dishonest to insiders.

Now on a personal basis I need to mention that reporting to the assistant deputy minister responsible for systems that he had neither the authority to embark on a hundred million dollar IT redevelopment nor the skills to pull it off, got me blacklisted by Alberta Health - and raising the issue, with the president of a mid range public company, that his finance vice president had just told analysts about the outstanding success of a major financial systems change that hadn't actually started yet, got my contract pulled in short order.

Personal experience aside, however, the moral issue here is clear: we are generally employed by the organizations we work for, not the people running them - and owe our primary loyalty to the business owners and stake holders, not whoever happens to be in charge.

And we're the information custodians: at Worldcom it was Bernie Ebbers who went to jail, but hundreds of people, many of them working in IT with daily access to key information, had to know better than he did what was going on. Similarly hundreds of people at Fannie and Freddie had access to all of the information needed to send Messrs Raines and Johnson to jail -but even during the congressional hearings raised by the OfHEO [Office of Federal Housing Enterprise Oversight, regulators for Fannie/Freddie] audit, none of these people spoke up.

Some people did speak up, quietly, about the second set of issues: technical problems with correctly valuing mortgage backed securities.

There are two versions of this. In the simple one, the allegation is that Wall Street's traders knowingly used inadequate valuation models - here's a bit from an article for the New York Times by Saul Hansell summarizing that argument:

In fact, most Wall Street computer models radically underestimated the risk of the complex mortgage securities, they said. That is partly because the level of financial distress is "the equivalent of the 100-year flood", in the words of Leslie Rahl, the president of Capital Market Risk Advisors, a consulting firm.

But she and others say there is more to it: The people who ran the financial firms chose to program their risk-management systems with overly optimistic assumptions and to feed them oversimplified data. This kept them from sounding the alarm early enough.

Top bankers couldn't simply ignore the computer models, because after the last round of big financial losses, regulators now require them to monitor their risk positions. Indeed, if the models say a firm's risk has increased, the firm must either reduce its bets or set aside more capital as a cushion in case things go wrong.

There's probably some truth to this, but the bigger truth is that the randomization underlying all monte carlo based valuation methods was, and is, not just wrong but known to be wrong. Nobody knows whether that had an impact on the problem - because nobody knows whether the resulting valuation errors were significant.

The problem is inherently complex - imagine being asked to value a portfolio of 10,000 residential mortgages issued to a total of something like 17,652 individuals. Each mortgage balances some issue amount against some payment stream; each has had zero or more payments recorded against it, each has an initial interest rate; an interest computation method; zero or more early payment opportunities; some mention of late or missed payment penalties and conditions, and an expiry, renegotiation, or call date.

The answer is, of course, that the value of the portfolio depends on assumptions you make about the future: specifically about defaults, late payments, interest rates, and reaction to market change in the value of the collateral properties. Once you commit to any one set of these assumptions there are packages as small as Excel plugins that will calculate both the point value of the portfolio for you and its likely rate of change with respect to one or more of your assumptions.

Now, because you can predict roughly the probable range for most of these assumptions but not the actual values the variables involved will have for each of the time periods you have to consider, what you do is write a monte carlo simulation in which you try tens of thousands of value combinations and plot the results to see what, on average expectations, the portfolio might be worth.

Notice, that at this point even something has large as 0.0005% error in the outcome would be completely insignificant - so randomization error should have no effect, right?

Wrong, because what the bank will do with your result is hedge by splitting two bets among many bettors: one set with people who are just basically pessimists and bet your computation is too high, and one set with optimists who think your value estimate will prove to be too low.

Unfortunately there's no commissions money to be made in strictly off-setting risks, so banks and traders engaged in leverage - multiplying the effect of differences in the outcome by, in one example cited by Frank Partney a billion times. And, of course, errors are multiplicative.

And did IT people warn them? In general we did not - in general we acted as cogs in a wheel leaving the occasional brave quant to mutter about valuation risk while Wall Street's IT people almost unanimously treated the garbage going in to the computational process as gold coming out.

None of that, of course, makes us big players in a debacle that became inevitable as soon as Congress mandated the moral hazard Wall Streets traders were only too happy to jump into - but the IT community was a bit player here and our collective silence, I think, buys us some share of the bottom line responsibility too.

Paul Murphy wrote and published The Unix Guide to Defenestration. Murphy is a 25-year veteran of the I.T. consulting industry, specializing in Unix and Unix-related management issues.