Responding to Silicon Valley Bank’s Collapse & Business Continuity

In this blog, we will explore six actionable next steps TPRM, Business Continuity, Procurement, and Resiliency professionals can take in response to the recent bank failures of SVB, Signature Bank, and Silvergate Capital in March 2023.

What caused the collapse of Silicon Valley Bank?

In recent days, the US banking industry has been rocked by the collapse of three major banks: Silicon Valley Bank, Signature Bank, and Silvergate Capital. While each of these banks had unique circumstances that contributed to their collapse, there were common reasons behind the downfall.

Silvergate Capital was the first to fail, as the bank had invested heavily in the cryptocurrency market through FTX, a cryptocurrency exchange and venture fund firm. Unfortunately, the crypto market experienced a downturn, leading to a decline in the banks’ investments and ultimately contributing to their collapse. In addition, the bank had also invested in the treasury bond market, which was negatively impacted by the Fed’s rate hikes. As the interest rates of treasuries, their value decreased, further contributing to Silvergate’s collapse.

The second bank to fail after Silvergate was Silicon Valley Bank (SVB), and this was one of the biggest bank failures since the 2008 global financial crisis. SVB had roughly $209 billion in total assets and $174.5 billion in deposits at the end of Q4 2022. However, more than 85% of their deposits were uninsured. In addition, SVB had invested heavily in long-term treasury papers, some of which they had to sell to honor withdrawals. When SVB announced the losses and their intention to raise capital of $2.25 billion by selling new shares, the bank's share price collapsed. The California DFPI stepped in and placed the bank under the receivership of FDIC.

Assets at US Banks at the time of collapse. (Source: Quartz)

Following the SVB incident, NY regulators shuttered Signature Bank placed the bank under the receivership of FDIC. Signature Bank had invested heavily in the cryptocurrency market. The collapse of both Silvergate and Signature, to varying degrees, can be attributed to their involvement in the crypto market and the negative effects it had on their investments.

In 2018, the Economic Growth, Regulatory Relief and Consumer Protection Act (EGRRCPA) was signed into law. The law made several changes to the regulations governing banks and financial institutions. One of the changes was raising the asset threshold for banks to be subject to stress testing requirements under the Dodd-Frank Act. Under EGRRCPA, banks with less than $250 billion in assets are exempt from annual stress testing, and those with between $100 billion and $250 billion are subject to stress testing every other year. SVB fell within this threshold, so the bank was subject to less frequent stress tests under EGRRCPA. Relaxing these requirements made it easier for banks like SVB to take on excessive risks without being subject to strict regulatory oversight.

The collapse of these three banks, including the 40-year-old SVB, the nation's 16th-largest bank, has created an atmosphere of panic in the US, with many fearing a repeat of the 2008 crisis. But the FDIC has announced that all deposits, irrespective of the $250,000 limit, at SVB and Signature Bank would be honored.

In the next section, we will share lessons learned from the SVB collapse and review six actionable steps for TPRM, Procurement, Business Continuity, and Resilience professionals to protect their operations from similar scenarios.

Lessons Learned: Six Actionable Next Steps to Ensure Resiliency/Business Continuity

In order to mitigate risks and protect against severe business disruptions from such collapses, businesses need to monitor different risk metrics associated with their banks. Here are actionable next steps to ensure resiliency/business continuity.

1. Review third-party financial risks and diversify banking relationships: The collapse of SVB serves as a cautionary tale of how financial risk can result in a catastrophic event. Insufficient monitoring of SVB’s financial statements and liquidity, as well as inadequate debt management, played a significant role in the bank’s downfall and led to severe financial losses for numerous businesses and individuals. So, businesses should regularly monitor third-party financial risks including financial health, credit ratings, and liquidity to confirm they have adequate resources to support their operations and manage their debts. One way for businesses to mitigate risks is to spread banking relationships across different banks. By doing so, businesses can avoid having all their funds tied up in a single bank, reducing the impact of potential future bank failures. However, businesses should carefully evaluate each bank’s risk profile.

2. Monitor compliance risk: In the SVB crisis, one major issue was the absence of a Chief Risk Officer (CRO) from April 2022 to January 2023, which allowed the bank to operate without adequate risk management measures, leading to increased compliance risk exposure. In addition, the risk committee had six members with no chairperson in 2022 and held 2.5 times more meetings as opposed to 2021, which suggested growing concern. Businesses should monitor the compliance posture of their third-party vendors to ensure that they remain compliant with industry-specific and jurisdictional regulations on financial and operational risk management for banks, such as Basel Accords II and III ,Federal Reserve System Supervision and Regulation Letter (SR) 95-51 ,Office of the Comptroller of the Currency (OCC) Bulletin 2017-43, European Banking Authority (EBA) Guidelines ,Financial Stability Board (FSB) Principles, etc. Identifying vendors with a history of non-compliance or ethical issues is critical to avoid reputational damage and legal liability. In the case of banks, continuously monitoring them for compliance is crucial to identify and mitigate potential compliance risks.

3. Assess operational risks, including internal controls, IT systems, and BCPs: The lack of appropriate operational risk assessments contributed significantly to SVB’s downfall. The absence of a Chief Risk Officer (CRO) was only one of the critical operational risks. Businesses must thoroughly evaluate their third-party vendors’ risk management practices, including internal controls, IT systems, and business continuity plans. This helps identify and mitigate potential operational risks and business operations disruptions like SVB’s case. By conducting regular assessments of third-party vendors’ operational risks, businesses can ensure they have adequate risk management practices in place, ultimately protecting themselves from potentially catastrophic events.

4. Monitor reputational risks and negative news: In the age of social media, negative news can massively impact reputation and even drive bank runs. By closely monitoring factors such as their third parties’ ESG posture and negative news, businesses can prevent reputational risks associated with third-party vendors and identify potential risks early to protect funds and prevent significant losses. First, they should ensure that the vendors have a positive reputation and are viewed as trustworthy by customers and stakeholders. By regularly monitoring reputational risks and negative news associated with third-party vendors, businesses can minimize the potential impact of third-party risks on their own reputation.

5. Review insurance coverage: Reviewing your third parties' insurance coverage can help businesses identify gaps and ensure adequate protection in case of a crisis or other risks such as cyber-attack on your third parties. Review your third parties' business interruption insurance and cyber insurance while assessing their coverage limits, deductibles, exclusions, and other policy terms. Additionally, review your third parties' financial statements for cash flow and ascertaining cash reserves to weather potential disruptions or crises. Cash reserves help ensure businesses have the necessary resources to cover operating costs and meet their financial obligations to vendors, suppliers, and customers, even if they experience a temporary cash flow shortfall.

6. Stay informed and update business continuity plans as needed: To ensure that businesses can respond quickly and effectively to a crisis or disruption, developing a business continuity plan is essential. A business continuity plan outlines the steps that the businesses will take in the event of a crisis and minimizes the impact on the business’ operations and customers. In this instance, stay informed about the latest developments related to SVB and potential risks from other banking partners and the overall banking system in the countries that are essential for your operations.

Conclusion

Overall, reviewing these actionable steps can help businesses identify potential risks and proactively mitigate them before they become major issues that could lead to a crisis like the Silicon Valley Bank collapse. By staying vigilant and implementing risk management practices, businesses can better protect themselves and their stakeholders from the potential fallout of a major financial crisis.

While the collapse of these three major US banks has caused panic in the industry, they also serve as a reminder of the importance of diversifying investments as well as monitoring and minimizing risk in order to avoid such collapses in the future.

Contact Supply Wisdom today to continuously monitor your third-party risks and stay ahead of disruptions from similar events.

Download Supply Wisdom's in-depth analysis of the Silicon Valley Bank collapse to review all indicators across a full spectrum of risks, the warning signs that SVB overlooked, implications on financial and banking domain, impact on economy, impact on vendors, comparison with 2008 financial crisis and precautionary steps for banks in response to the SVB collapse.