Money Stuff: The Big Shareholders Get Bigger

The Problem of Twelve One simple story you could tell about passive investing is that it is pretty purely a game of efficiency: Every S&P 500 fund, for instance, provides the same gross-of-fees return, so the way to compete is by having slightly lower fees than everyone else. And the way to do that is probably economies of scale: It doesn't cost all that much more to run a $100 billion index fund than it does to run a $100 million index fund, so the big fund can charge less (as a percentage of assets) than the little fund, so people who sensibly choose index funds based on price will tend to buy the biggest ones. So the biggest index-fund managers will get bigger, the small ones will get smaller, and the index-fund market will be dominated by a few big players. Meanwhile the rise of passive investing puts a lot of pressure on active managers, and that pressure tends to manifest itself in mergers: Franklin Resources Inc. and Legg Mason Inc. helped pioneer asset management in the 20th century. On Tuesday, the venerable but fading names said they will combine in an effort to compete, as low-cost index funds upend their industry. In an era when traditional stock-pickers are under intensifying pressure, San Mateo, California-based Franklin agreed to buy Legg Mason to create a firm with a combined $1.5 trillion in assets. The deal, valued at nearly $4.5 billion, shows how much the fund industry has transformed since the two companies were founded -- Franklin started in 1947 and Legg Mason's precursor firm began in 1899. Customers are focusing more than ever on costs for money management, and a few large index fund managers dominate the field in managed assets globally. Merger activity in the asset management world has been increasing in recent years. Invesco Ltd. bought OppenheimerFunds from Massachusetts Mutual Life Insurance Co. in 2018, while both Janus Henderson Group Plc and Standard Life Aberdeen Plc were formed in mergers in 2017. The combined story is basically that the rise of index investing will increasingly mean that every public company is mostly owned by the same dozen asset managers. Some of them will be passive funds, and some will be active funds run by big passive-fund managers, and some will be active funds run by big traditional active-fund managers like Franklin Legg. The shares will be split among different funds and portfolios at the big asset management companies, each with their own portfolio managers and objectives, and of course the shares will be held on behalf of the ultimate investors in those funds. Still, every big public company will look at its list of top shareholders, and they will all be more or less the same lists, BlackRock and Vanguard and State Street and Fidelity and Franklegg and so forth. And the people who run those asset management firms, who set their voting policies and supervise their portfolio managers, will at least theoretically have a lot of power over all of the public companies. When we talk about this story we often discuss concerns that all this concentration reduces product-market competition: If every, say, airline is owned by the same few investors, then the managers of those airlines should prefer to keep ticket prices high and profits juicy, rather than cutting prices to try to win market share away from competitors that are, in a sense, all part of the same extended corporate family. But it is really much more deeply strange than that. If the same dozen people control every public company—Harvard professor John Coates calls it "The Problem of Twelve"—what does it mean? Should someone do something? Should those people be required to … explain their votes? Not vote their shares? Vote in a specific way? Ask their ultimate investors how to vote? Have some other formalized rules for how they vote? They have accrued all this power, sort of by accident; should there be rules for how they exercise it? Or is this just how the market works and everything is fine? By the way, if you are an antitrust regulator, what do you make of this merger? It seems very plausible that it is pro-competitive, in the asset-management market: A bigger Franklegg will have more economies of scale and be better able to compete with giants like BlackRock to manage institutions' money. It seems unlikely that this merger will give Franklegg pricing power to raise fees. On the other hand, if you take all this stuff seriously, you might worry that consolidation among asset managers would give, say, airlines more pricing power to raise fares. If you take the theory seriously then asset-manager mergers are sort of meta-mergers for the entire economy; as the big asset managers get bigger and more concentrated, then the ownership of every public company gets more concentrated too.  bZx A basic story of stock exchanges is that you would go to the exchange and be like "how much for a share of Amalgamated Widgets" and the guy at the trading post would be like "$100 bid, $101 offered" and you'd say "I'd like to sell 100 shares" and he'd say "done" and you'd sell 100 shares for $100 each. But if you said "I'd like to sell a million shares" he'd be like "well hold on a minute" and then you'd sit down and discuss how you and he were going to get that done. You can't just sell a million shares all at once; the prices on the stock exchange are for modest trades, not enormous ones. Perhaps the broker would buy a million shares from you at $90 each—well below the quoted price for small trades—and take the risk of going out and trying to sell all those shares for more than he paid you. Perhaps he'd buy 200,000 shares at $95 and then work the order for the rest, trying to sell shares over the next few hours without moving the price too much, and buying them from you for whatever he got (minus a commission). Perhaps he'd say "a million shares is just too many shares, why don't you sell 400,000 and then come back tomorrow."  But then stock exchanges all became computerized and there was no one to say "well hold on a minute." And so now if a stock is $100.00 bid, $100.01 offered, for 100 shares, and you come to the exchange and say "I'd like to sell a million shares," you sell 100 shares for $100 and then 200 more for $99.99 and then a few thousand more for other rational prices and then the order book thins out and you sell most of your shares for, like, $0.01. And this sometimes happens, and it's called a "flash crash," and people say it's a "flash crash due to a fat finger error," and sometimes it is—you meant to sell 1,000 shares and you typed 1,000,000 instead—but sometimes it isn't exactly that. Sometimes you really did want to sell a million shares, but you just didn't quite understand how the computer works. The way the computer works is that it has orders, entered by traders into the system, for some amount of stock at some set of rational prices near the current price, and these orders represent some fraction of the actual demand for stock at those prices. But not all of the demand; plenty of investors would buy Amalgamated Widgets if it fell to $95, but they have not bothered putting in orders to buy it at $95 because it is trading at $100 and if it gets to $95 they'll have plenty of time to put in orders then. And if you go and put in an order to sell a million shares, all at once, the computer will sell your shares to everyone who has expressed interest in buying (thousands of shares) at reasonable prices, and then the computer will keep blindly selling shares to people who have expressed interest in buying at unreasonable prices, and before the computer runs out of orders someone will buy your stock for $0.01. And if the computer had just waited a minute, people would say "wait Amalgamated Widgets has fallen to $90, that's a good deal, I'm gonna jump in and buy some," but the whole point is that the computer doesn't wait a minute; it just sells your shares at whatever prices it sees in its system, even if those prices are dumb. And then a minute later people do jump in, and the price gets back to normal, and it's only a "flash crash," but meanwhile you have sold your shares at dumb prices and are sad. Now I should say that those last few paragraphs describe an abstract potential problem; they do not really describe how modern stock exchanges actually work most of the time. In fact exchanges normally have systems—circuit breakers, limit-up-limit-down protections, rules about stub quotations—to prevent this from happening, and many brokers have systems to prevent you from even submitting dumb orders like this. That's part of your broker's job: When you say "I want to sell a million shares of Amalgamated Widgets," your brokerage's system will automatically say "got it, I calculate it will take 2.6 days to sell that many shares at 10% of volume, we will split your order into 37,653 child orders and send them periodically throughout that period to attempt to match the volume-weighted average price," that sort of thing. You don't just go to the stock exchange and say "I'd like to sell a million shares please," that is silly.  So these are not unknown problems, or staggeringly difficult ones. The point is to have some sort of automated algorithmic implementation (or several redundant implementations) of the old-fashioned approach of, when you go to the exchange looking to sell too many shares, someone says to you "hold on a minute" and then helps you figure out how to do that in an orderly way. All of this is straightforward and sensible but it is also somehow impure and inelegant. You could imagine a purist saying, no, markets should not stop trading based on arbitrary price cut-offs; prices should reflect supply and demand, not your subjective views of what is reasonable. If someone wants to sell a million shares, and the only buyers for all those shares will only pay $0.01, then the market price is $0.01, and the shares should trade there. If a minute earlier the price was $100, and a minute later it was $98, well, circumstances change. The iron law of supply and demand is never wrong, blah blah blah. Those are some thoughts that I had reading about the bZx exploit. bZx is a cryptocurrency trading platform that, and the exploit involved a "flash loan." A flash loan is essentially a loan that is repaid instantaneously: If you can write a smart contract that makes money trading cryptocurrency, you can get leverage for that smart contract with a flash loan. You write a thing that demonstrably turns $100 into $102, and someone will lend you the $100, letting you keep the $2. You can see the appeal of this, but it's a very specific appeal. In traditional finance lots of people "find arbitrages," and then they borrow money to make large levered bets on those arbitrages. Bond X trades at $100, Bond Y trades at $101, you are sure that they are worth the same amount, so you sell a million dollars of Bond Y for $1.01 million and buy a million dollars of Bond X for $1 million and lock in $10,000 of profit when their prices inevitably converge. You don't put up a million dollars of your own money because the position is risk-free, or so you hope, but in fact the history of finance is full of levered arbitrages that blew up. Crypto, though, doesn't rely on subjective notions of what an arbitrage is. Crypto relies on immutable code: If you can write a smart contract that provably generates more money than you put into it, then someone should be willing to lend you money to make that risk-free profit. That's a flash loan. Someone took out a flash loan of 10,000 Ether—about $2.7 million at today's price—and used it to, effectively, do a market manipulation. The basic trade was (1) use some of the Ether as collateral to borrow some Bitcoins, (2) short a lot of Ether against Bitcoin, driving up the price of Bitcoin against Ether, (3) sell your Bitcoins for Ether at the inflated price, (4) now you have more Ether than you started with, (5) return 10,000 Ether to close out the flash loan and keep the rest. The result is that this person—let's call them a "hacker" though I suppose that is debatable—made some money, bZx lost some money, and there was much gnashing of teeth and discussions about how to fix it and about whether fixing things, in a world of decentralized immutable code, is even desirable. I have to say that I do not fully understand the manipulation. It relies on short selling Ether against Bitcoin in a way that drove up the price of Bitcoin (against Ether) dramatically on one particular decentralized exchange, and then selling Bitcoin against Ether to profit from that price distortion. That should not, as a manipulation, work: If you sell a bunch of Ether to drive down the price, that's great, but then you have to buy it back to profit, and that will drive the price right back up again, right? The solution here seems to have been that the attacker shorted Ether in a levered way, and there seems to have been a bug in bZx's code that allowed the attacker to effectively short a lot of Ether without fully collateralizing the position. So the attacker could drive down the price a lot by selling phantom Ether, and then buy back only the amount of Ether it needed without driving the price all the way back up. But one thing to notice here is that all of this had to work via smart contracts. To get the flash loan, the attacker needed to submit one piece of code that did all of this at once. And this in turn relies on algorithmic decentralized exchanges to find the Bitcoin/Ether price: The trades here are not of the form "go out and see who wants to sell Bitcoin, and then buy from them until you've accumulated 100 Bitcoins," or whatever; the trades here are of the form "send an order to the exchange to buy 100 Bitcoins instantly at whatever price the algorithm says." The trades interact only with computers, only with whatever demand is on the books right at that second. From one recap of the trade: Specifically, to complete this trade, bZx forwards the order to KyberSwap, which then essentially consults its reserves and finds the best rate. It turns out to be the KyberUniswap reserve. This step essentially drives the WBTC price up in Uniswap three times higher. What it doesn't do is say "wait a minute that's a lot of Bitcoins, let's stop for a minute and think about how to execute this sensibly." Or: "Huh I notice that the price of Bitcoin just tripled, that seems wrong." What it does is say "hmm this contract wants a lot of Bitcoins, better triple the Bitcoin price." Here is Uniswap's white paper, which explains how its prices move in response to demand. It is a pure and continuous and algorithmic way of running a market, which makes it easier to manipulate. Emin Gün Sirer tweeted: The recent attacks on bzx have little to do with bzx or with flash loans. The culprit here are the decentralized exchanges, which have poor liquidity and are prone to manipulation. Given exchange depth, the amounts available for flash loans, and use of DEX price oracles, these results are inevitable. One thing to say about the Bitcoin/Ether exchange ratio is that it is a particularly abstract quantity: It reflects the relative demand for those two abstract electronic things, not some expectations of future cash flow or anything else. Another thing to say is that both of those things are pretty volatile, and have grown over the last decade from being worth roughly nothing to being worth a lot of money. So whereas it feels kind of normal to say things like "Microsoft stock should not be trading at $0.01, it's worth more than that, must be a flash crash," it feels like a non sequitur to say "Bitcoin should not be trading at 110 Ether because its fundamental value is really like 40 Ether." The reasonableness check has less appeal. This is how I think about a lot of crypto. Traditional finance was humans talking things over with brokers, and then traditional finance computerized and automated that process, but the computerization included a little bit of the old overrides and reasonableness checks. And then crypto came along and was like "what if we made all of this perfect immutable code that would all happen simultaneously," and the answer was very elegant and appealing but also super fun to hack. And so it got hacked. By the way later there was another exploit of bZx, oops.  Elsewhere in crypto In the long run, the destiny of a crypto exchange is to lose its customers' money. The traditional approaches to doing this are (1) hackers steal the money or (2) the founder of the exchange steals the money. "Crypto Exchange FCoin Insolvent After Revealing Up to $130M Bitcoin Shortfall," says this article, and it seems to be taking a refreshing third approach: Zhang claimed in the post that the exchange was neither hacked nor an exit scam but the problem is "a little too complicated to be explained in a single sentence." That's okay, take your time:  In summary, he said the issue came from internal system errors that have – for a long period of time – credited users with more transaction-based mining rewards than they should have received. As the company failed to spot this soon enough to remedy the situation, the snowball has grown even larger since the beginning of 2019. … The announcement came just days FCoin suspended its entire platform after discovering a risk-control issue. Zhang said in the post that he will now personally and manually process users' withdrawal requests made via emails. He claimed that he will "switch tracks and start again" and hopes to use profits from his new projects to "compensate everyone for their losses." If you invest in his new projects please do let me know how that goes. Corp.com Okay here's a weird insider trading hypothetical suggested to me by Chris Clearfield. One general rule is that if you hack into a company's computer systems to read its secrets, and then you trade on those secrets, that is insider trading. (This is not entirely obvious, and certainly not legal advice, but I feel fairly comfortable saying it's the rule.) Another general rule is that if a company just sends you secret information, out of the blue, for no reason, by accident, and you trade on that information, that is not insider trading. (Nobody believes this, it is not legal advice, and you do it at your own risk, but it does seem to be the rule in the U.S., though not elsewhere.) Here is a story about the internet domain name "corp.com," which, due to a quirk of Microsoft Windows, just gets lots and lots and lots of misdirected email.  At issue is a problem known as "namespace collision," a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. ... In practical terms, this means that whoever controls corp.com can passively intercept private communications from hundreds of thousands of computers that end up being taken outside of a corporate environment which uses this "corp" designation for its Active Directory domain. …  During an eight month analysis of wayward internal corporate traffic destined for corp.com in 2019, Schmidt found more than 375,000 Windows PCs were trying to send this domain information it had no business receiving — including attempts to log in to internal corporate networks and access specific file shares on those networks. For a brief period during that testing, Schmidt's company JAS Global Advisors accepted connections at corp.com that mimicked the way local Windows networks handle logins and file-sharing attempts. "It was terrifying," Schmidt said. "We discontinued the experiment after 15 minutes and destroyed the data. A well-known offensive tester that consulted with JAS on this remarked that during the experiment it was 'raining credentials' and that he'd never seen anything like it." Likewise, JAS temporarily configured corp.com to accept incoming email. "After about an hour we received in excess of 12 million emails and discontinued the experiment," Schmidt said. "While the vast majority of the emails were of an automated nature, we found some of the emails to be sensitive and thus destroyed the entire corpus without further analysis." Obviously the hypothetical is, if you own corp.com, and you get 12 million emails an hour from public companies, can you filter those emails for terms like "merger press release" and then trade on what you get? It is somewhere between hacking (Why do you own corp.com? Why are you filtering the emails?) and out-of-the-blue inadvertent receipt of information (you never touched the company's computers, etc.). I don't know the answer, and I don't especially recommend … any of this … but you might get a chance to find out. Mike O'Connor, who owns corp.com, is selling it: The asking price — $1.7 million — is hardly outlandish for a 4-letter domain with such strong commercial appeal. O'Connor said he hopes Microsoft Corp. will buy it, but fears they won't and instead it will get snatched up by someone working with organized cybercriminals or state-funded hacking groups bent on undermining the interests of Western corporations. Yeah at $1.7 million that'll pay for itself in inside information in like 20 minutes.  Things happen "Price", ETFs, and Bond Market Liquidity. Does energy efficiency predict mortgage performance? Bank funding costs and solvency. HSBC Seeks Revamp With 35,000 Staff Cuts in Quinn 'Endgame.' Exclusive Details on Michael Bloomberg's Plan to Rein in Wall Street. What Can the Stock Market Tell Us About the T-Mobile/Sprint Merger? Companies Seize on Loan Demand With Near-Record Refinancing Push. SoftBank investment chief pushes hedge fund after Vision Fund stumbles. Hedge fund Renaissance built stake ahead of Tesla share surge. Climate Skeptic Asset Managers Face Pressure to Reveal Donations. "This observed pattern is consistent with the hypothesis that privacy-conscious consumers substitute away from less efficient privacy protection (e.g, cookie deletion) to explicit opt out, a process that would reduce noise on remaining consumers and make them more trackable." Venezuela, Lebanon, and Tools to De-Fang "Rush-In" Creditors. Zimbabwe Sees Annual Inflation Dropping Tenfold in 12 Months. Elon Musk Calls Bill Gates Underwhelming After Billionaire Buys a Porsche. Amazon Changes the Way It Recruits M.B.A.s. The Body Shop will start hiring the first person who applies for any retail job. Mayo Clinic medical school accepts all 364 applicants by mistake. Chess as an esport. If you'd like to get Money Stuff in handy email form, right in your inbox, please subscribe at this link. Or you can subscribe to Money Stuff and other great Bloomberg newsletters here. Thanks!   Before it's here, it's on the Bloomberg Terminal. Find out more about how the Terminal delivers information and analysis that financial professionals can't find anywhere else. Learn more.   You received this message because you are subscribed to Bloomberg's Money Stuff newsletter. Unsubscribe | Bloomberg.com | Contact Us Bloomberg L.P. 731 Lexington, New York, NY, 10022