New biometric access system for SG

Société Générale (SG) is attempting to shore up its risk controls with the implementation of biometric access controls for dealing personnel. The news follows an internal investigation by a bank committee into the €5 billion rogue trading event that identified major weaknesses in its supervision, security and control procedures.

Rogue junior trader Jérome Kerviel is reported to have faked emails to cover his trades, and used log-in codes from other SG employees to place the unauthorised trades. The review identified priority areas that included the strengthening of IT security through the development of biometric authentication systems, reinforcing controls and alert procedures, and improving the structure and governance of the operational risk management system. Plans for improving access security and conducting targeted security audits are also being pushed forward.

Although the review shows that risk control procedures were followed correctly at SG, routine checks were not supported by more detailed probes, which could have discovered the unauthorised trades much earlier.

The French government, which conducted its own review into the event, also found that the bank's security systems and internal controls were lacking and that the bank missed a number of alarms, notably derivatives exchange Eurex’s alert to the French bank about the positions in Kerviel's book.