Friday, 30 October 2009

Why can finance be hacked?

There are lots of reasons why finance is different from normal markets, but I am particularly interested in why it is difficult to model economically.

It's not fundamentally because "finance markets deal with money, which is essential to all other markets". On this basis, energy markets would have the same problems, as no other markets can operate without energy; equally, computer hardware or telephones.

Instead, it's because finance has a special characteristic in information-theoretic terms: it creates contracts which operate on other contracts, which in turn operate on the first contract again.

This is what George Soros calls reflexivity - but I will use another term: self-referential.

Self-referential systems behave very differently to "normal" systems. Douglas Hofstadter has made a whole career out of analysing them. In his famous book Gödel, Escher, Bach he compares the self-referential patterns in Escher's art and Bach's music to Gödel's Incompleteness Theorem and the philosophical revolution it brought to the study of mathematical systems.

From this analysis he draws some deep insights into how cognition works: his idea is that the essence of human intelligence is our ability to think about ourselves, refer to ourselves in language, and mix up multiple levels of reference.

Finance is just like that. A contract can relate to the outcome of another contract; options can be designed over other options; and a payment for services can be made on the basis of another payment for services (when your bank charges you for transferring money?) And if a bank makes a loan, increasing the money supply, it affects the value of money across the economy, changing the probability of a recession and thus influences the loan's own chance of being repaid.

This is essentially different from linear or equilibrium systems, where the effect of any change is relatively simple and predictable. If I decide to buy zinc, the demand for zinc is higher than otherwise expected, and its price rises. If I buy a bit less zinc, the price rises a bit less. And those prices are expressed in money, which is a completely different thing than zinc, and doesn't affect it significantly.

Equilibrium systems tend to return back to their previous state after a change. Linear systems change in proportion to their inputs. Self-referential systems can do completely different things.

Which is not to say that we can't work with them or predict how they behave. We simply need different tools to do it.

The traditional economic tools of maximisation, equilibrium analysis, supply and demand functions: all have some applicability to finance, but they must be supplemented with additional tools which can handle self-reference.

Fortunately humans have come across this challenge before. There are three major fields which all contain self-referential structures, and each of them can shed light on how to deal with financial modelling.

Mathematics. Gödel, and others before him such as Bertrand Russell, struggled with the concept of self-reference in concepts such as sets which contain themselves and mathematical statements that make assertions about their own proofs. There is a rich body of work explaining what we can and cannot know for sure about mathematics, and we know of constraints which we can place on mathematical systems to eliminate some of the unmanageable scenarios which emerge.

Language. This statement is false. Or in its original, 3000-year-old form, Cretans are always liars - or at least so said Epimenides, a Cretan. Language is a very fluid medium with few strict rules, but the addition of statements which talk about themselves makes it even more unpredictable. The linguistic equivalent of Glass-Steagall is to ban simple statements like This statement is false; but this victory only holds until someone discovers that an economics professor can still say "The economics profession right now is useless" and thereby impugn the logic of their own claim.

Software. Unlike mathematicians and linguists, software developers actually have to make something work in the real world. So they've been obliged to find ways to build and control self-referential systems without destroying the world. Software is self-referential because software code resides in memory, and also has the ability to change whatever is in memory.

This problem can lead to software bugs which make your programs crash: but it has also bedevilled software security experts for decades. The classic mechanism by which viruses (or trojan horses) work is to overrun the normal memory limits within which a program is designed, and to put new program instructions into memory where they shouldn't be. This is how your computer can get infected and start sending out Vi@gr@ adverts.

People try to solve this problem in many ways. Some are restrictive (all those Windows security popups asking your permission to change the network settings); others are really annoying (Illegal instruction - this program is shutting down); some are clever, such as automated cloud-based malware detection; others crude and simplistic, like those 5 megabyte security updates that your antivirus software downloads every night. Sometimes a privileged person has permission to do things that others don't; but sometimes the goal is to protect people from their own mistakes as well as from the malicious actions of others.

Just like financial regulations, as it happens. In fact, the finance market has nearly all the characteristics of an insecure, unstable, hackable multi-user computer.

So who should we get to design new financial institutions, structures and the regulatory environment? Perhaps it would be worth letting some programmers loose on things. Start by reading this book if you're interested in a readable introduction to the subject.

2 comments:

Alexander Ainslie said...

Leigh,

This is a fascinating read. Thanks.

www.twitter.com/aainslie

missmarketcrash said...

great post - best, missmc