Silicon Valley Bank’s collapse: a wake-up call for risk managers

The recent collapse of Silicon Valley Bank (SVB) has sent shockwaves through the financial industry and raised important questions about the role of risk management in ensuring the safety and stability of organisations.

Resilience in today’s rapidly changing risk landscape requires dynamic, agile, and up-to-the-minute intelligence and awareness.

What went wrong?

According to reports, SVB’s bank executives allegedly changed their risk model to downplay the potential impact of increasing interest rates on the bank’s future earnings.

This decision appeared to be driven by a desire to maintain the bank’s growth trajectory and profitability, in spite of the increased risk.

Another major issue was the lack of a Chief Risk Officer (CRO) from April 2022 through late December 2022. This absence appears to have contributed to inadequate risk management oversight, leading to increased compliance risk exposure.

What can risk managers learn?

One of the key takeaways from this crisis should be the criticality of strong and independent governance in accurate risk modelling. A well-designed risk model is a valuable tool to identify, analyse, and mitigate risk when making financial, strategic, and operational decisions.

In this case, the SVB executives allegedly manipulated the risk model to support unacceptably risky strategic decisions. While risk models aren’t intended to be static, strong governance should ensure that any and all changes are appropriately reviewed and approved.

A culture of transparency and accountability should ensure that risk managers are empowered to raise their concerns and challenge assumptions all the way to the board level.

”A well-designed risk model is a valuable tool to identify, analyse, and mitigate risk when making financial, strategic, and operational decisions.”

In addition, SVB’s incident highlights the critical role of boards in driving risk management prioritisation. Not only must boards prioritise the risk management function and create a culture of transparency and accountability, but they also need to allocate sufficient resources to ensure that risk programs are modernised beyond the industry standard point-in-time assessments.

The data from assessment-reliant programs is quickly stale and fails to provide the real-time risk intelligence risk managers need to effectively respond to rapidly developing risk scenarios like this one.

Today, enterprises must prioritise resiliency. In an increasingly complex and interconnected global economy, no organisation can afford to be caught off guard by a sudden shock or crisis.

Risk functions must work to build resiliency into their organisations by stress-testing their risk models, investing in training and development, ensuring that they have a robust crisis management plan in place, and modernising risk management practices.

”In an increasingly complex and interconnected global economy, no organisation can afford to be caught off guard by a sudden shock or crisis.”

This requires a culture of continuous improvement, where organisations are constantly striving to improve their risk management practices and build greater resiliency.

Today’s modern risk management solutions leverage AI, machine learning, and data science to continuously monitor a broad spectrum of risk – financial, cyber, operations, compliance, ESG, Nth party, and location-specific risks – and provide not only real-time risk intelligence and alerting when the risk landscape shifts, but also can be programmed to initiate automated risk actions for truly 24/7 risk mitigation response.

These types of program-wide improvements happen more quickly with board-level support. When this modernisation is prioritised, Boards and C-suite executives benefit from executive reporting functionality that is built on real-time intelligence. Such reporting enables them to meet their fiduciary responsibilities to ensure effective risk management oversight.

Another important consideration of this crisis was the potential it had to impact enterprises beyond the financial services industry. Consider that the bailout prevented a catastrophic impact on the innovative companies that banked with SVB.

“It’s important that enterprises not only get an early warning of trouble with their third parties but that risk managers also have a deep and clear visibility that includes their critical sub-tier parties.”

In many cases, these technology service providers manage critical business functions and processes across industries. Their failure could have cascaded across multiple supply chains, resulting in severe disruptions.

For this reason, it’s important that enterprises not only get an early warning of trouble with their third parties but that risk managers also have a deep and clear visibility that includes their critical sub-tier parties (Nth parties). Enterprises that have enabled this radical transparency can pivot before their competition for improved resiliency response.

What next?

The collapse of Silicon Valley Bank should serve as a wake-up call for risk managers, executives, and boards across all industries, not just financial services.

Risk management is a critical part of any successful business strategy, and organisations must prioritise it at all levels. Accurate risk modelling, early risk identification, executive and board-level leadership, and appropriate oversight must be key components of resiliency plans in the years ahead.

By taking these steps, organisations can be better prepared to respond and mitigate risks, improve resiliency, and ensure the safety and stability of their organisations.