What the recent banking crisis proves — 4 risk management lessons
The calm before the storm — That’s one way to describe the five years before March 2023. Between 2018 and 2022, the US experienced an average of only 1.6 bank failures per year. That number nearly tripled in the spring of 2023. It began with the liquidation of Silvergate Bank, a California-based crypto service provider. This was followed by the more high-profile, back-to-back collapses of Silicon Valley Bank (SVB), Signature Bank, and First Republic Bank — the 3rd, 4th, and 2nd largest bank failures in US history respectively. All of this happened within a few weeks triggering a sharp decline in global bank stock prices and rekindling fears of a recession. And while the crisis seems to be behind us for now, it has raised some serious questions about the suddenness and preventability of it all. Here are some of the lessons we can learn from it.
1. Credit ratings do not always reflect true business health
Credit rating agencies have played a pivotal role in developing capital markets since the early 1900s. Yet despite their stalwart-like status, they are far from infallible as the recent banking crisis proves. Just two days before it crashed, SVB had an issuer rating of A3 from Moody’s. This got downgraded into junk territory only on the day of the collapse. Similarly, Signature Bank had respectable investment-grade ratings from Moody’s, Fitch Ratings, and Kroll Bond Rating Agency when it failed. This has happened before (Lehman Brothers enjoyed credible credit ratings until days before its collapse) and will probably happen again.
Financial statements have been and will continue to be the bedrock of credit risk evaluations. They form the basis on which rating agencies assign grades. However, such quantitative data comes with a few disadvantages. For one thing, it is available for analysis only on a quarterly or annual basis. For another, it gives backward-looking risk monitoring — making it ill-suited for detecting risks when the status quo changes. And in today’s dynamic business environment, a company’s status quo can change rapidly.
Therefore, it is a good idea to augment time-lagged financial analysis with real-time business information and unstructured data analysis. For example, SVB distinguished itself by providing loans to early-stage companies, a risk that was compounded by the recent slump in venture funding. All of this information could be found aplenty on social media sites, news channels, and other online portals. In hindsight, these supplemental insights could have helped correct the bank’s credit rating sooner rather than later, had they been quantified and incorporated into the risk analysis.
2. Risk management needs to be holistic
In their February 2023 report titled ‘America’s Best Banks’, Forbes featured SVB and First Republic Bank in its power list. While SVB was listed as the 20th-best bank in the US, First Republic Bank bagged the 44th spot. It is a true testament to the tumultuous times that we live in that both these celebrated banks collapsed just a few weeks later. According to its website, the Forbes list is formed by looking at a bank’s growth, credit quality, and profitability. These 3 metrics, though important, do not always provide a complete analysis of business health. This is especially true in a post-Covid world buffeted by macroeconomic headwinds and uncertainty. Today, everything from supply chain disruptions to a crisis in confidence can affect a company’s future growth potential.
To better manage risks in this ever-changing landscape, financiers must adopt a more holistic approach to risk management where every internal and external risk scenario is considered. There is an abundance of data available today. Financiers should leverage this by incorporating alternate information such as deposit drawdowns or cash flow records to make more informed business decisions. This takes into account more risk variables and fills in the gaps left by traditional data. Similarly, including real-time information and non-financial data points ensures there are fewer blind spots and surprises. In SVB’s case, a clear lack of such additional risk guardrails and a fatal delay in responding to current inflationary scenarios (despite a clear shift in the market) caused an alarming exposure. All of which could easily have been hedged against had they been more proactive.
3. Reactive risk management is risky
In a post-mortem analysis of Signature Bank’s failure, the FDIC (Federal Deposit Insurance Corporation) concluded that the bank’s risk management practices were, among other things, reactive rather than proactive. Given shifting economic conditions, taking a wait-and-watch approach to risk management and blindly trusting previously successful investment strategies was indeed a risky tactic. What makes it more shocking is that on the surface, both SVB and Signature Bank were financially healthy. So much so that even auditing giant KPMG missed red flags and signed off on both the company’s financial statements less than 2 weeks before they collapsed.
The audit group’s inability to detect underlying issues calls into question the utility of current audit and rating systems as practical Early Warning Systems. What KPMG failed to take into consideration were future risk scenarios. The same applies to the risk management systems that the failed banks used. These were rooted in past performance and had yawning gaps in risk oversight. To be proactive, risk managers need to look at a company’s future business health using leading indicator data. This not only helps them uncover any hidden risks early but also provides a second line of defense, especially when circumstances render historical data redundant.
4. Constant risks need constant monitoring
The term VUCA (volatility, uncertainty, complexity, ambiguity) coined during the Cold War era is an apt descriptor of our current economic environment where new risks emerge daily. A social-media-fueled bank run would have seemed improbable two decades ago. Today, it is a very real possibility. Global interconnectedness has also amplified risks and blurred the lines between systemic and non-systemic institutions. Now, any crisis has the potential to precipitate a financial contagion that can infect other counterparties. With such unpredictability in the air, legacy risk monitoring processes that depend on time-lagged data and occasional review schedules just aren’t sufficient anymore.
Modern problems require modern solutions. So, manual-led annual/bi-annual/quarterly monitoring processes need to be replaced by tech-backed solutions that can monitor businesses daily. In addition, unstructured data monitoring needs to become a mandatory addition to the risk monitoring process as it contains the latest business information. It can also unearth salient early warnings that financial statements miss.
For example, a social-media scan of SVB would have revealed this Twitter thread by short seller William Martin warning his followers about the bank in January 2023, two months before its collapse. Such data can often prove critical in helping companies save millions in loan defaults. Unstructured data is often overlooked due to the difficulty in tracking and processing it. However, modern solutions such as TRaiCE help risk teams overcome this by using AI-augmented processes that do all the heavy lifting of analyzing and quantifying megatons of data.
Conclusion
Most experts agree that the recent bank failures could have been avoided had the institutions, auditors, and other authorities involved been more diligent and proactive in their risk assessments. With rampant unpredictability a given today, such failures are bound to happen again. To avoid and minimize the impact of such events, risk management needs to evolve to become a more holistic and proactive version of itself. This involves continuously monitoring for all kinds of risks, augmenting financial data monitoring with non-financial data analysis, and finding ways to detect risks early. Need help with daily portfolio monitoring and early risk detection? Get in touch or schedule a demo with us to see how TRaiCE can help you do all that and more!
Originally published at https://www.traice.io on June 26, 2023.