What Super System can teach us about risk: Bank Shot; Crypto Regs; Crypto Climate; Super Computing; Cyber Vigorish; Cyber-Human Systems; Soft(ware) Power
They say courage is invisible, but I never knew a top player who didn’t have it written all over his face — clear as day.
- Doyle Brunson
Risk Developments this letter:
The Card Players (1895) by Paul Ceézanne. Museée d’Orsay.
At the turn of the millennium poker had reached new heights of popularity. Propelled by the success of the movie Rounders, the introduction of online poker and the nationally televised World Series of Poker, males ages 13-30 were especially prone to the fad. As a young man in high school, I too was caught up by the Moneymaker effect. For those new to poker, and interested in studying the game, there was one book that was a must read. Often called “The Bible” of poker, Super System, a 605 page tome of poker wisdom and folksy fables was written by Doyle Brunson, a cowboy hat wearing poker pro. The translation from poker skill to risk management is more clear-cut than a lot of what I write about here, but that doesn’t mean there aren’t hidden truths that we can still reveal.
For the purpose of this letter, I focused primarily on Brunson’s advice regarding No-Limit Texas hold ‘em poker, a particular style of game that allows players to risk all their chips on any hand, at any time, even before all cards have been dealt. For a more in depth look at the rules, see the wikipedia link above. What I am primarily concerned with is Bruson’s strategy, not his poker tactics. Bruson intentionally developed and reinforced his reputation for being an aggressive poker player, which acts as a nice foil to the question, “why is society so risk averse today?”
This topic came up in a recent twitter conversation with a former statistics classmate:
Modernity is obsessed with risk management, justification and “resilience.” Perhaps I am part of the problem, writing a newsletter on risk. The issue, as James pointed out, is not so much that we talk about risk, but that the talk is disconnected from, or even worse, obfuscates actual risk management.
Bruson’s strategy can be best summed up as, put constant pressure on your opponent and only let up when they get cocky, then apply even more pressure at the last second. His key insight is, there are four basic setups in a simple one-on-one game:
This bit of game theory leads to a counterintuitive lesson; play weak hands more aggressively and you can get some “free” money that you can use to take real gambles. This creates the appearance of being lucky. There are, of course risks to this strategy. Sometimes you are playing the bully you get steamrolled by a strong hand. The trouble with trying a strategy where you play good hands more aggressively is you don’t get your opponent to risk much when you win. The goal is to be like a bullfighter, waving the flag constantly, and standing just close enough to get hurt, without ever being in any real danger. Easier said than done.
Brunson explains his approach like this:
The accumulation of all those small pots is the big part of my winning-formula. It’s the bonus I get for playing the way I do… and it’s the “secret” as to why I win.
Experienced traders will recognize this as selling convexity, sometimes colloquially called “picking up pennies in front of a steam roller.” It’s not usually a good idea to make small amounts consistently at the risk of one existential blow up, but in Texas hold’em you see five of the seven cards in your opponent’s hand, so it’s easier to get out of the way, and in no-limit Texas hold’em you can be a bigger bully, which makes the pennies even easier to steal.
That is, it made the pennies easier to steal, until Doyle Brunson published Super System. The book has such an impact on poker that it changed the style of play, especially when people were playing against Brunson himself. I even wrote about these complex systems last week. This brings me back to the earlier point about the proliferation of risk aversion in society and all the cheap talk about “resilience.”
In a naive world, it pays to be a risk taker. The rewards themselves may not merit the risk taken, but the performance of being a risk taker has positive externalities that allow risk takers to keep making big bets. This inverts the selling convexity setup, providing a cushion for a big loss without having to quit altogether. But in a cynical world, you can’t bluff, and it’s bluffing that allows for some degree of risk taking.
Brunson is famous for what is called a semi-bluff, a bad hand that could turn out well. These marginal hands are the kind of unexpected successes venture capitalists love. If it’s obviously a good idea there’s too much competition, and if it’s not obviously a bad idea there’s too little to gain. But, if it’s not obviously a good idea, the upside is big and the competition is scarce. It’s hard to semi-bluff a cynic, so you end up spending a lot of energy emphasizing both how risk averse you are (my hand must be strong) and paradoxically talking up how little a loss would affect you (and even if I lose, I’ll be fine).
Difficult to say where we go from here. Brunson had to change his style of play and so have risk managers. When rational risk seeking becomes normal, one has to escalate the aggression, just to employ the same strategy. This results in a performative culture of risk, but if acting over-the-top can achieve the same results as taking risk, there is no need to take real risk in the first place. This is the world of meme stocks, cryptocurrency bubbles, hype and performative risk management.
Fintechs continue to commoditize retail banking, challenging money center banks, but not at scale in key markets. What could threaten the large retail banks would be an incumbent in an adjacent space who benefits from commodifying the compliment. Visa is launching just such a digital first partnership.
In related, but not directly connected news, HSBC is getting out of U.S. retail banking and pivoting to its core Asian business. I don’t want to make too much of this news, after all, HSBC is probably making this decision in reaction to the strength of the money center banks, not their weakness vis-à-vis fintech. The bigger risk to HSBC is regulatory risk at home as China tightens its grip on Hong Kong, putting Citi and HSBC on notice for doing business with democracy supporters. The calculus to defend home turf instead of funding foreign excursions is a decision all banks are having to evaluate one way or another.
The corollary for U.S. based banks is in cryptocurrency. A grey area in terms of regulatory jurisdiction makes cryptocurrency an interesting case study. JP Morgan’s CEO is again sounding his concern over bitcoin, while BNY has opted to launch crypto custody services, but in Ireland. It is an interesting hedge to get exposure to the cryptocurrency market, while putting it outside of BNY’s home market.
Bruson warns against taking insurance in poker. If you have ten-to-one odds on a 50-50 bet, you don’t want to give up that upside, unless it would be existential. Brunson isn’t risk averse and figures even if he loses a million, he’ll find a way to bounce back, but if you’re the oldest bank in the U.S., maybe you don’t want an aggressive reputation.
Ok, let’s talk crypto and regulatory risk. Fidelity, one of the four biggest money managers, has put up some impressive numbers, attracting $102M to it’s bitcoin index fund in just nine months. Vanguard, one of the other four mega money managers has been the most reluctant to embrace cryptocurrency. BlackRock is somewhere in between, and surely Fidelity’s success is creating some envy, so BlackRock is looking more closely at crypto. There are certain advantages to being the first mover, but there are also drawbacks.
Fidelity’s bitcoin ETF is now on hold in response to increased regulatory warnings. A bitcoin index is apparently one thing, but a tradable security that tracks bitcoin is a step further. The SEC is taking more action to keep cryptocurrency markets in check by suing a ponzi scheme promoter that raised two billion dollars.
This sort of action is actually a boon for the cryptocurrency ecosystem that has long been plagued by these kind of scams, but there is some reputational spillover that may keep more trustworthy players from wanting to appear too aggressive. In an inversion of Bruson’s strategy, the mere appearance of risk seeking behavior is sometimes enough to prevent reasonable risk taking.
One such example of reasonable risk taking is the interplay between cryptocurrencies and renewable energy, which we discussed at length here before. Plans to build out a massive solar farm in Montana to mine ethereum are underway and could be signs that the cryptocurrency bubble might fund energy infrastructure projects that would only work at scale in the absence of cryptocurrency.
Byrne Hobart nails the paradox of massive parallelized innovation in his post here. There are precedents in railroads, telecommunications, the internet and other public good network effect technologies, but it’s not just a question of whether there is enough risk seeking capital to get to scale. The other side of the equation are the legacy incumbents.
The shale oil and gas revolution has undercut the renewables market for the last decade, but now legacy oil and gas companies are under assault from within. Dutch Shell is on the receiving end of an unfavorable ruling in the Netherlands and Exxon shareholders managed to stage a surprisingly effective mini-coup, which Matt Levine covered in depth here.
Speaking of parallelized innovations, the supercomputer arms race continues apace. The Department of Energy launched its newest and most powerful standard supercomputer. Meanwhile, the private sector is piling into quantum computing R&D. The question, when it comes to whether the latest wave of enthusiasm for quantum computing, is whether its actual risk taking or performative risk taking.
Past cycles of parallelized innovation have employed Bruson’s self reinforcing strategy of playing aggressively to pick up free money that funds marginal bets with big payoffs, but in a crazy meme stock world, are there too many aggressive players at the table for the cheap pots to be easy money?
In the early days of cyber insurance there was a lot of “free” premium to pick up. Companies weren’t hacked all that often, and even if they were, they might not know it. Now the hackers are global, the tools are widely available and the skill threshold is lower. Premiums have responded accordingly.
Normally an increase in risk could be offset by an increase in premiums, but all of the noise around hacking may create a positive feedback loop that increases risk faster than the market will bear premium increases. The historical solution for flood or terrorism insurance has been a federal backstop, and it was just a matter of time until the question was raised for cyber insurance too. That time is now.
The continued epidemic of ransomware hit the food supply chain as JBS, one of the world’s biggest meat packing companies, was taken offline last week. It appears that they recovered quickly, but no word yet on whether they paid the ransom or whether insurance was involved.
In other cyber news, Fireeye is selling their product unit for $1.2B to focus on their core services business:
Joking aside, it’s tough to run a combined services and products business because one side of the business is always trying to commoditize the other. It may turn out that Symphony, the private equity buyer of the product unit, can realize value by combining FireEye’s products with their previous acquisitions, RSA and McAfee.
Another Brunsonism is that he always plays the man, not the cards. Unless he’s sure that he or his opponent has an unbeatable hand, he’ll get aggressive, pushing out a risk averse player or making a risk seeking player pay up for their gamble. If you have the best unique software solution for a cybersecurity problem, you’re better off just playing your cards, but in all other cases, humanity is the area to focus on. There’s a lesson in there somewhere about humans and computers in cybersecurity.
Lastly, software continues to eat the defense industry as AT&T wins four DHS networking contracts worth $306M. It’s not so much their physical infrastructure or labor that won the deal, but zero-trust software, a big theme in Biden’s recent cybersecurity executive order.
In related news, the deal to be Boeing’s cloud computing provider is said to be worth $1B dollars and has all the big cloud service providers vying for a win. Given Boeing’s recent trouble with software, it’s likely that the winner will put together an attractive bundle of not just highly-reliable, low-cost infrastructure, but a suite of security and productivity software too.
In other aerospace meets software news, the first report of an attack by a weaponized autonomous drone engaging with a human target was published last week. Whether we like it or not (we don’t) software is going to be playing a bigger role in who lives and dies on the battlefield. That’s one place a reputation for risk aversion might be a good thing.