Prof. Jayanth R. Varma’s Financial Markets Blog

A blog on financial markets and their regulation

Why Aadhaar transaction authentication is like signing a blank paper

Using Aadhaar (India’s biometric authentication system) to verify a person’s identity is relatively secure, but using it to authenticate a transaction is extremely problematic. Every other form of authentication is bound to a specific transaction: I sign a document, I put my thumb impression to a document, I digitally sign a document (or message as the cryptographers prefer to call it). In Aadhaar, I put my thumb (or other finger) on a finger print reading device, and not on the document that I am authenticating. How can anybody establish what I intended to authenticate, and what the service provider intended me to authenticate? Aadhaar authentication ignores the fundamental tenet of authentication that a transaction authentication must be inseparably bound to the document or transaction that it is authenticating. Therefore using Aadhaar to authenticate a transaction is like signing a blank sheet of paper on which the other party can write whatever it wants.

All this was brought home to me when I bought a new SIM card recently and was asked to authenticate myself with a finger print. The employee of the telecom company told me that there was a problem and I needed to try again. Being a little suspicious, I stretched forward and twisted my neck to peep at the computer screen in front of the employee (this screen would otherwise not have been visible to me). My suspicion was allayed on seeing an error message on the screen and I tried again only to get the same error message. After three attempts, the employee suggested that I come again the next day. Back home, I saw three emails from UIDAI (Unique Identification Authority of India) stating “Your Aadhaar number ___ was used successfully to carry out e-KYC Authentication using ‘Fingerprint’ on ___ at ___ Hrs at a device deployed by ___.” Note the word successfully.

That is when I realized that the error message that I saw on the employee’s screen was not coming from the Aadhaar system, but from the telecom company’s software. That is a huge problem. This conclusion was corroborated the next day when after one more error message, I found that the employee had left one field in the form partially filled and the error message disappeared when that was corrected.

Let us think about why this is a HUGE problem. Very few people would bother to go through the bodily contortion required to read a screen whose back is turned towards them. An unscrupulous employee could simply get me to authenticate the finger print once again though there was no error and use the second authentication to allot a second SIM card in my name. He could then give me the first SIM card and had over the second SIM to a terrorist. When that terrorist is finally caught, the SIM that he was using would be traced back to me and my life would be utterly and completely ruined.

Actually, even my precaution of trying to read the employee’s screen is completely pointless. The screen is not an inseparable part of the finger print reader. On the contrary. the fingerprint reader is attached by a flimsy cable to a computer (which is out of view) and the screen is purportedly attached to the same computer. It is very easy to attach the fingerprint reader to one computer (from which a malicious transaction is carried out) and attach the screen on the counter to another computer which displays the information that I expect to see.

Another way of looking at the same thing is that a rogue employee of the telecom company could effortlessly execute what is known in computer security as an MitM (Man in the Middle) attack on the communication between me and the Aadhaar system. In fact, I see some analogies between the problem that I am discussing and the MitM attack described by Nethanel Gelerntor, Senia Kalma, Bar Magnezi, and Hen Porcilan in their recent paper (h/t Bruce Schneier). Neither I nor the Aadhaar system has any way of detecting or foiling this MitM attack.

I think the whole model is fundamentally broken, and Aadhaar should be used only to verify identities, and not to authenticate transactions. Transaction authentication must happen with a thumb impression, a physical signature, a digital signature or something similar that is inseparably bound to a document.

Secret deals between exchanges and traders: securities fraud implications

Dolgopolov has a nice paper on the conditions under which secret arrangements between exchanges and high frequency traders might or might not constitute securities fraud. Modern exchanges use complex order types and intricate order hiding and matching rules, and they could claim that any bugs or flaws in their trading protocols are honest implementation mistakes. Smart traders who exploit these trading imperfections and frictions could simply claim to be skillful beneficiaries who discovered the bugs by their own effort. In many cases, there appears to be collusion between the exchange and the HFT firms (the exchanges often disclose undocumented features and bugs privately to their best customers in return for getting more business from these firms), but this is not easy to prove. Dolgopolov proposes legal theories under which securities fraud liability could be imposed on the HFT firms themselves.

For over a decade now, I have been arguing for a different solution: regulators should mandate that critical exchange software be open source (here, here, here and here). At the risk of sounding like a broken record, I would like to reiterate my view that “regulators and self regulatory organizations have not yet understood the full power of the open source methodology in furthering the key regulatory goals of market integrity.”

Global Capital Flows: VIX versus US Fed

Historically, the VIX (the volatility of the US stock market implied by option prices) has been an important barometer of global risk aversion that has a strong influence on global capital flows. A BIS Working Paper published last month (Avdjiev, Gambacorta, Goldberg and Schiaffi, “The Shifting Drivers of Global Liquidity”) demonstrate that this changed in the aftermath of the Global Financial Crisis with US monetary policy becoming the dominant driver of capital flows while the VIX declined in importance. They also point out that this phenomenon peaked in 2013 and there has been a partial return to pre-crisis patterns since then.

The results make intuitive sense: as global central banks pursued unconventional monetary policy, a large amount of duration risk ended up on the ever expanding balance sheets of these central banks. They thus became the marginal risk taker in the economy. (The authors use the Wu-Xia shadow rate as their measure of US monetary policy to take account of the impact of unconventional monetary policy). Since 2013, the central banks have been in tapering mode and they are no longer the marginal risk taker in the economy.

Though the authors do not venture down this path, I think their results explain well why the 2013 taper talk had such a drastic impact on emerging markets while the coordinated tightening by global central banks during the last year has had such a muted impact. The marginal risk taker is now the private investor and the low level of VIX currently indicates that the marginal risk taker is in “risk on” mode. This suggests that we should be looking at the VIX rather than at global monetary policy for the early warning signs of the next wave of turbulence in emerging markets.

Electronic banking liability allocation

A couple of days back, the Reserve Bank of India (RBI) issued new guidelines regarding who bears the loss from online banking frauds. The effect is to limit the liability of the customer and thereby transfer the loss to the banks. This measure has been seen as a customer friendly one. Basic economics teaches us to be careful about coming to such a conclusion. In equilibrium, banks would probably recover all expenses incurred by them from their customers. In fact, today, bank customers in India are probably paying higher fees as banks try to recover their bad loan losses from their customers. Unless banking becomes more competitive, the effect of the RBI regulation would more likely be a transfer from one group of customers (those who do not use online banking or have not been defrauded) to those who have lost money.

I think that the RBI regulation is a very good move for a very different reason: incentive compatibility. The important thing is that the regulation places losses on the party that can do something to reduce frauds. A customer cannot improve the bank’s computer security, she cannot ensure that the bank patches all its software, follows a good password policy, and so on. Only the bank can do all this. Unfortunately, computer security does not receive adequate attention from the top management of banks in India. If the new policy helps concentrate the minds of top management, that would be a good thing. If that does not happen, maybe the bank will wake up when the losses materialize. That is the true benefit of the new regulation – it has the potential to reduce online frauds.

Enterprise without entities

In recent months, a significant amount of money has been raised using smart contracts and initial coin offerings. In May 2016, The DAO raised about $150 million with an “objective to provide a new decentralized business model for organizing both commercial and non-profit enterprises”. It did not have a formal organizational structure or legal entity and consisted only of open source computer code. A bug in this code allowed a hacker to siphon off about $50 million of this money, but this was reversed by a hard fork of the Ethereum blockchain (see here for the details). A few days ago, Bancor raised even more money than the DAO amidst criticism that its business model is seriously flawed.

These smart contracts create business enterprises without creating any legal entity. You cannot sue a piece of code, nor send it to jail, but when this piece of code creates a self enforcing contract, it becomes an enterprise. This seems to create a challenge for the legal system.

It was in this context that I read “Enterprise without Entities” by Andrew Verstein (Michigan Law Review, 2017).

This Article challenges conventional wisdom by showing that vast enterprises – with millions of customers paying trillions of dollars – often operate without any meaningful use of an entity.

This Article introduces the reciprocal exchange, a type of insurance company that operates without any meaningful use of a legal entity. Instead of obtaining their insurance from a common nexus of contract, customers directly insure one another through a web of countless bilateral agreements. While often overlooked or conflated with mutual insurance companies, reciprocal exchanges include some of America’s largest and best known insurance enterprises.

This Article explores how it is possible to run an international conglomerate with essentially no recourse to organizational law as it is normally conceived.

The whole paper is worth reading for the wealth of detail and careful legal analysis. It tells us that enterprise without entities is not some radical new innovation made possible by smart contracts, but is something that has been successfully practised since the early twentieth century.

More importantly, it also tells us that the challenge in making smart contracts work is not going to be legal. The real challenge is the more mundane and much harder task of writing software without nasty bugs.

How to bury zombie companies quickly

Earlier this week I posted about the bankruptcy literature of the 1990s that sought to rely less on judges, administrators and experts and more on contracts and markets. As promised in that post, I now explore the implications of that framework for the widespread corporate distress in India today.

While much of the discussion on the Indian situation emphasizes the problem of bad loans in the banking system, the government’s Economic Survey rightly described it as a twin balance sheet problem encompassing problems in the balance sheets of the banking system and of the corporate sector. Of the two, I would argue that the problem in the banking system is the less serious one for many reasons.

  1. The overt problem is largely confined to the public sector banks and from past experience we know that these banks can run smoothly (without any run on the banks) regardless of how little capital they have. Indian Bank in the mid 1990s is a classic example of the depositors retaining their faith in the bank even after reporting a large loss that resulted in a negative net worth. These days, there is the issue of Basel norms, but strictly speaking, they apply only to internationally active banks. If the overseas operations of the unhealthy public sector banks are shut down or transferred to healthier ones, there is no technical bar on letting them operate with low levels of capital adequacy. By placing restrictions on their fresh lending, any moral hazard problems can be alleviated.

  2. Many observers believe that bad loans are not confined to the public sector banks, and that at least some private sector banks have a large but covert problem. But this issue can probably be addressed by imposing a large preemptive recapitalization on them.

  3. India needs to move away from a bank dominated financial system, and some degree of downsizing of the banking system is acceptable if it is accompanied by an offsetting growth of the bond markets and non bank finance.

In my view, the problem of zombie companies is far more serious than the problem of zombie banks. There is overwhelming anecdotal evidence that these zombie companies are a major drag on the economy. For those who are not swayed by anecdotal evidence, an IMF working paper published this month demonstrates that the decline in private investment in India is linked to over-leveraged companies being unable to start new projects or complete ongoing projects. For India to achieve high growth, it is necessary to sort out these zombie companies.

Bankruptcy is the most effective way of putting an end to the zombie companies, and recycling their assets for more efficient use. Bankruptcy breaks the vicious cycle through which past debt acts as a brake on future growth. As Heidt put it: “Bankruptcy separates the past from the future … it takes the debtor’s past assets to pay its past creditors.”

Traditional bankruptcy processes may not provide an adequate solution to this problem because the number of companies involved is quite high and because India does not yet have enough trained bankruptcy professionals and judges to do bankruptcy on a massive scale. This is where I am fascinated by the idea in the bankruptcy literature of the 1990s of using markets instead of courts. This is much more scaleable in the Indian context because some Indian financial markets are reasonably deep, and the supply of funds in these markets is quite elastic because they are open to foreign investors.

My preferred solution is basically the same as the AHM procedure that I mentioned in my last blog post. In this approach, the government forces the banks to converts all their loans into equity, and also forces the banks to sell the resulting equity in the stock market within a tight time frame. The new shareholders decide whether to sell the assets or to run the business. In any case, with the debt completely removed, the company is no longer a zombie company, and even a partial or total liquidation would be a voluntary liquidation by the shareholders that does not require significant court intervention. The difficulties with this method are easy to surmount:

  1. It assumes a well functioning equity market, but I think this is more reasonable assumption to make than that banks can suddenly figure out how to restructure all this debt, or that rating agencies can be trusted to provide useful guidance on this (Partnoy’s scathing piece last month should remove all doubts on the matter) or that an omniscient central bank can tell the banks how to restructure all the debt.

  2. One “discretionary” question still appears to remain: how much of the old equity should be wiped before the conversion of the loans. In the original AMH procedure, this problem is solved using Bebchuk options: old shareholders are given the option to buy out the creditors pro rata. In most of the zombie companies, the Bebchuk options are unlikely to be exercised, and the old shareholders would be completely wiped out. Allowing the old shareholders to retain 5-10% of the expanded equity might be another possibility to make it politically more palatable.

  3. The banks would take large losses in this process that could leave them poorly capitalized. I have already discussed this above. For public sector banks, the capital does not really matter, and for the private sector banks, the problem can be solved by imposing a preemptive recapitalization. The important thing is to downsize the banking system so that we do not get into this mess again.

Bankruptcy ideas from the 1990s

During the last few weeks, I had the opportunity to read (and in some cases re-read) the large stream of literature about bankruptcy that emerged in the United States in the early 1990s. (That is one of the benefits of taking a serious vacation). There are a lot of original ideas in this literature because a serious application of the law and economics paradigm to this field probably began around this time. As Aghion, Hart and Moore wrote, prior to the 1990s, “economic analysis – which has been applied with such great success to other aspects of law in the last thirty years – has, with a few notable exceptions, not been used to shed light on optimal bankruptcy procedure”. The radical thinking in the 1990s literature can probably be attributed to the backlash against corporate abuses during the late 1980s and early 1990s. The savings and loan crisis of the 1980s in the United States somehow managed to provoke a greater outrage against financial fraud than the much bigger global financial crisis of the last decade.

Probably the best compilation of the 1990s bankruptcy literature is the proceedings of the Interdisciplinary Conference on Bankruptcy and Insolvency Theory of 1994 published in the Washington University Law Review. This features provocative articles like Adler’s “A World Without Debt” and Heidt’s article that begins with the line “The Bankruptcy Code is fifteen years old and fourteen years out of date”. Above all, there is the famous paper by Aghion-Hart-Moore describing one of the most radical bankruptcy procedures ever proposed – the AHM procedure.

In keeping with the law and economics paradigm, most proposals of that era are based on a greater reliance on contracts and markets rather than on judges, administrators and experts. The complication is that the problem of bankruptcy arises only under imperfect capital markets and there are obvious difficulties in relying too strongly on imperfect capital markets. Yet this 1990s idea underlies a number of the post crisis innovations in reorganization of distressed financial enterprises – contingent equity, contingent convertible bonds (CoCos), and hair cutting of claims against clearing corporations.

My motivation for studying this literature stems from the problem of corporate distress in India today. It is hard to see how India’s zombie companies can be efficiently and speedily resolved without relying much more on markets than on so called experts. That is the subject of a future blog post.

Are markets efficient if you are a particle physicist?

Among the thousands of pages that I read during my two month long vacation were two papers that show that many of the large number of published asset pricing anomalies (Cochrane’s “zoo”) have withered away over time. The papers are
Hou, Xue and Zhang (2017), Replicating Anomalies, NBER Working Paper 23394 and
Mclean and Pontiff (2016) Does Academic Research Destroy Stock Return Predictability?, Journal of Finance.

Hou, Xue and Zhang show that out of the 447 anomalies that they study as many as 286 (64%) are insignificant at the conventional 5% level. Increasing the cutoff t-value to 3.0 raises the
number of insignificance to 380 (85%). Clearly, there are a lot of Type M errors in the anomalies literature and a few Type S errors as well.

I started wondering what would happen if we imposed an even higher standard of statistical significance. This is where particle physics comes in. While the social sciences are quite happy with significance levels of 5% and 1% (implying cutoffs of around 2 or 3 standard deviations), the significance level required for the discovery of a new particle in physics is 0.0001% or one in a million (implying a cutoff of around 5 standard deviations). For example, when the Higgs particle was discovered in July 2012, the official press release from CERN stated: “Today, both the ATLAS and CMS experiments are beyond the level of around one per million that’s required to claim a discovery.” For more discussion on the 5 sigma standard, see here, here and here.

Asset prices exhibit significantly fatter tails than the Gaussian distribution and that would require raising the cutoff even higher. The statistical quality control world uses a shift of 1.5 standard deviations so that 6 standard deviations (six sigma) are required to achieve quality standards that would otherwise require only 4.5 standard deviations.

I pored over Table 4 of Hou, Xue and Zhang that lists the t-values for all the anomalies that are significant at the 5% level. Not one of these is above 6.0 and only two (Abr1 and dRoe1) are above 5.0. Adjusted for fat tails, there is no anomaly that meets a one in a million standard of significance. By this standard, therefore, markets can be assumed to be efficient. More prosaically, finance is still at the Tycho_Brahe stage of assembling enough high quality data to discriminate between competing theories.

Why do economists ignore risk?

Cochrane writes on his Grumpy Economist blog:

Here’s how covered interest parity works. Think of two ways to invest money, risklessly, for a year. Option 1: buy a one-year CD (conceptually. If you are a bank, or large corporation you do this by a repurchase agreement). Option 2: Buy euros, buy a one-year European CD, and enter a forward contract by which you get dollars back for your euros one year from now, at a predetermined rate. Both are entirely risk free.

It is only an economist who today thinks of this trade as risk free. Before the global financial crisis many finance people would have thought so too, but not today. After the crisis, any serious finance professional would immediately think of the multiple risks in these trades:

  1. The US bank could default

  2. The European bank could default

  3. The forward contract counterparty could default

  4. There is euro redenomination risk. In that terrifying state of the world, depending on the nationality of the bank and the forward contract counterparty, one or both of these could be redenominated into some other currency – new francs, marks, liras or drachmas . Theoretically, you could end up being long new French francs (on the euro CD) and short new German marks (on the forward contract).

During the last decade, finance has moved on from simplistic notions of risk. I like to believe that in many top banks today, those who espouse Cochrane’s view of risk would be at risk of losing their job. Or at least they would be asked to enrol in a course on two curve (or multi curve) discounting. In today’s finance, there is return free risk, but no risk free return. Covered interest parity is today only an approximation that you may use for a back of the envelope calculation, but not for actually quoting a price. I wrote about this in a wonky blog post last year, and I have discussed two curve discounting in another wonky post half a dozen years ago.

The wonderful thing about finance is that it provides an opportunity to get rid of bad ideas by marking them to market. The problem comes when we distrust the market and start thinking of model errors as market inefficiencies. Cochrane writes about the violations of covered interest parity:

… this makes no sense at all. Banks are leaving pure arbitrage opportunities on the table, for years at a time. … But this is arbitrage! It’s an infinite Sharpe ratio!

Rather than accept that the covered interest parity model is wrong in a two curve world, Cochrane thinks that post crisis regulations are preventing the banks from doing this “arbitrage” and bringing the markets back to the old world. It is true that a Too Big to Fail (TBTF) can still do covered interest “arbitrage”. But what that tells us is that a TBTF bank can pocket the gains from the covered interest trade and palm off the risks to the tax payer. A TBTF bank can do the trade, because it is closer to being risk neutral (anybody can be risk neutral with other people’s money). Yes, the covered interest trade has a positive Sharpe ratio but not an infinite one, and perhaps not even a very large one. We need less TBTF banks doing low Sharpe ratio trades, keeping the gains and shoving the losses to the taxpayers.

And both economists and policy makers need to take risk more seriously than they do today.

Indian financial history

My blog post a couple of months ago on financial history books led to a lively discussion in the comments on a similar list for Indian financial history. There was so much useful material in these comments that I thought it useful to hoist it from the comments to a blog post in its own right. As you can see, very little of this post is my contribution. Most of the material is from my colleague at IIM Ahmedabad, Prof. Chinmay Tumbe who is deeply interested in business, economic and demographic history. All that I have done is to add hyperlinks wherever possible, and must in fact confess that I have not yet read most of the material listed here.

Amol Agrawal January 27, 2017 at 5:44 pm

I was also wondering whether you could recommend some books on India’s financial history as well. I guess you might say there are hardly any. But I guess history of RBI (Volume I), History of SBI, Indigenous Banking by LC Jain etc could be a part of the list. But these are just on banking, We have very little ideas on equity markets, insurance, funds etc. Could you please help me with a few titles?

Jayanth Varma January 27, 2017 at 9:07 pm

There are some excellent books on Indian economic history. The Cambridge Economic History of India is absolutely invaluable. There are some books and other material on the history of the East India Company and the Dutch VOC which are also relevant. Adam Smith’s [discussion](, Ch.1, Of the Expences of the Sovereign or Commonwealth) of the English East India Company in the Wealth of Nations is also worth reading. Angus Maddison’s Asia in the World Economy 1500–2030 AD is also useful.

But there is too little of financial history in all this. I would like to know more about the financial transactions of Jagat Seth for example though there is some material here.

Indian monetary history in the nineteenth century is absolutely fascinating: I think at one time or the other, India had every kind of exchange rate regime known at the time. Oscar Wilde famously advised a student to omit this chapter because it is too sensational. If you have access to JSTOR, I recommend: Laughlin, J. Laurence. “Indian Monetary History.” Journal of Political Economy, vol. 1, no. 4, 1893, pp. 593–596.

Way back in 2010, SEBI set up an Advisory Panel on History of Indian Securities Market of which I was a member and some material was collected and made available on the SEBI web site. I do not think that much progress has taken place after that.

Amol Agrawal January 28, 2017 at 8:58 am

I fully agree we have nothing much in financial history which is a puzzle. I have read the Lodewijk Petram work on World’s oldest Stock exchange. We need similar accounts for BSE and other Regional SEs which were important earlier. I have seen SEBI’s links but most are unreadable. Like RBI and SBI have commissioned their history, we need SEBI/IRDA etc to do the same for other markets. From these, students like me can pick up and build.

Likewise Sylla and Homer’s History of Interest Rates could be developed into History of interest rates in India using several RBI publications. There is some data which has to be all put together.

Having said this, I think following books do give some perspective on history of finance in India:
1) Industrial Organisation (1934) by PS Lokanathan
2) Organisation and Finance of Industries in India (1937) by D R Samant and M A Mulky
3) Financial Chapter in History of Bombay (1910) by DE Wacha

There are some others which are mainly on banking. I can add them but I think if one reads History of RBI and History of SBI (by Prof AK Bagchi), banking is pretty much covered.

We clearly need to expand this list and have more works on India’s financial history. I will try and add as and when I find more readings.

Jayanth Varma February 13, 2017 at 9:28 pm

Another useful book is
Raymond W. Goldsmith The financial development of India, Japan, and the United States : a trilateral institutional, statistical and analytic comparison, Yale University Press 1983.

Prof. Chinmay Tumbe March 1, 2017 5:10 pm

Adding a few that have not been covered above:

  1. Goldsmith has one book just on India called Financial Development of India, 1860-1977, which is a truly monumental work.

  2. A 2017 book by a friend of mine attempts to synthesise monetary history in India

  3. I have a paper in the Indian Economic and Social History Review on the history of the Post Office as a financial institution; not too many associate that with finance though it is the largest financial institution of India in terms of network and personal deposits.

  4. Tirthankar Roy has a recent paper on seasonality of interest rates in the money market of colonial India.

  5. Dwijendra Tripathi of IIMA wrote the biography of Bank of Baroda in the 1980s and updated that in the late 2000s.

  6. Amiya Bagchi’s edited volume on Money and Credit in Indian History in 2002 has wide ranging contributions to it

  7. P R Brahmananda’s Money, Income, Prices in 19th century India: A Historical, Quantitative and Theoretical Study.

  8. On the 1860-65 Bombay episode, see Wacha’s Financial Chapter; or any
    biography of Premchand Roychand as in Lakshmi Subramanian’s Three Merchants
    of Bombay

  9. Some Books:

    Of course, several other banking histories can be added to this list.

The Financial History Review does not have a single piece on India, which
goes to show the huge scope for research in this field. Amol’s thesis on
south Indian banking history will add to our knowledge.