Lessons from the spring 2023 banking turmoil: five areas for banks to focus their attention

The Basel Committee on Banking Supervision (BCBS) and Financial Stability Board (FSB) published reports in October 2023 on the causes and lessons learnt from the Spring 2023 banking turmoil. The BCBS report provides an assessment of the causes of the banking turmoil, the regulatory and supervisory responses, and the initial lessons learnt. The FSB report draws on the evidence from authorities’ actions to resolve the failed banks to assess the operation of the international resolution framework.

This article presents five key points from those reports for banks to take on board. The points focus on:

  1. areas where the failed banks were shown to have significant weaknesses and so banks should be looking to review procedures/controls; and
  2. supervisory and regulatory lessons from the turmoil, which we expect will result in heightened scrutiny by supervisors.

Backdrop

Spring 2023 saw the largest banking turmoil since the Great Financial Crisis. There were the failures of Silicon Valley Bank, Signature Bank of New York and First Republic Bank, and the rescue of Credit Suisse, coupled with significant actions taken by authorities to mitigate wider impacts on the banking system.

While the distress and failure of each bank reflects idiosyncratic factors, the BCBS report highlights several recurring themes in those failures that all banks should reflect on and assess within their own organisation.

1. Strong governance arrangements enabling robust risk management – it’s all about the risk culture

The primary source for operating a bank effectively comes from having strong governance arrangements and robust risk management practices to identify, monitor and manage bank risks.

The banking turmoil highlighted fundamental shortcomings in core risk management practices and governance failures, which if operating effectively should have challenged a bank’s strategy and direction.

Shortcomings mentioned in the report are:

  • ineffective senior management and board oversight;
  • banks having difficulties in keeping up with necessary enhancements in governance, risk management and controls as they grew;
  • inadequate and unsustainable business models, that had an excessive focus on growth and short-term profitability; and
  • poor risk culture.

A core element of supervisory work that banks should imagine will re-emerge from the lessons of the crisis is that banks have effective and robust governance structures. This supervisory work should include how those governance arrangements enhance banks oversight and management of risks and provide sustainable strategic direction. So expect supervisors to be interested in:

  • the composition of the board and the extent to which its members have relevant experience, including banking and financial expertise;
  • the board’s ability to effectively challenge the bank’s management, and oversee the bank’s risk profile and strategy;
  • the independence, empowerment and resources of the risk management and internal audit functions; and
  • the enterprise-wide risk culture, including how embedded it is in corporate and business processes; and the incentives provided by senior management compensation schemes.[1]

2. Better risk management per se – doing the fundamentals well

Beyond the broader association between good governance facilitating robust and effective risk management practices in banks, the BCBS report highlighted more specific risk management shortcomings in the failed banks. Management of traditional banking risks (such as interest rate risk, liquidity risk and various forms of concentration risk) was poor.

There was also a failure to appreciate how the build-up of various individual bank risks could be interrelated and compound/accentuate one another (for example concentrated exposures on the lending and asset sides of the balance sheet coupled with liquidity risk).

The sustainability of business models is also a common feature in the BCBS report. As part of robust risk management, it’s essential to contextualise a bank’s business model to banking risks both individually and cumulatively, and to the economic environment (current and future). Different business models and business strategies create specific vulnerabilities and potential impacts to bank viability. Business models need to be tested and analysed (through for example stress testing and sensitivity analysis) to examine how risks may manifest themselves in different economic scenarios (e.g. material changes in the interest rate environment). This enables banks to assess and maintain capital and liquidity adequacy in light of the banks’ risk profile and determine whether strategic changes/mitigating actions are necessary.

The BCBS report emphasises supervisors assessing the sustainability of banks’ business models in a holistic manner, an approach that extends beyond basic regulatory ratios. This approach also embraces forward-looking assessments of business models and their capital/liquidity impacts.

Expect supervisory authorities to deepen their understanding of banks’ business models to better understand and challenge banks on their strategies, risk profile and capital/liquidity adequacy. This should include an assessment of how well banks are conducting their own oversight, approaches and challenge functions to interrogate core banking risks and business model viability. 

Banks should pre-empt such supervisory investigation by reviewing their risk management practices and processes. Key points to consider in that review:

  • Are business models and capital/liquidity adequacy being robustly assessed to forward looking environments and specific business model features?
  • Are risks being assessed/modelled on a cumulative basis?
  • Are risk assessments/maps covering all core bank risk types?
  • Do risk management functions have the requisite skills and resources to perform such assessments?
  • Do risk appetite statements reflect business model/strategic specificities?
  • Are risk committees seeing the outcomes of such analysis?
  • Are actions being taken from the outcomes of those assessments to mitigate possible risks, e.g. having credible contingency funding plans in the event of liquidity challenges materialising.

3. Liquidity, liquidity, liquidity

A particular feature of the events during the spring banking turmoil was the unprecedented speed of deposit withdrawals particularly among uninsured (high-value) depositors who feared incurring losses in the event of bank failure (Silicon Valley Bank saw deposit outflows of 85% in the space of 2 days compared to Northern Rock where there were 20% deposit outflows over 4 days in 2008).[2]

This new situation has been ascribed to a combination of digital innovation in banking services such as 24/7 faster payments services and on-demand access to banking services through apps, and the prevalence of a wide range of social media channels.

Silicon Valley, Signature Bank and First Republic Bank were all reliant on uninsured deposits, which served to compound liquidity stresses from the speed and volume of deposit outflows.

The lesson for all banks is that high-quality liquidity risk management (including managing the potential for digitisation to increase deposit flightiness) is becoming ever more critical. Banks must ensure specific features of a bank’s business model and/or asset/liability structure are understood, regularly monitored and managed for liquidity concerns. Stress testing should be implemented to identify causes of potential liquidity stress and quantifying the impact on the bank’s liquidity profile. Another outcome of testing is to put in place appropriate contingency funding tools to mitigate concerns/risk identified. Finally, ensure such contingency funding is robust and can genuinely be deployed quickly.

4. Being a small bank doesn’t make you immune from contagion

The failures of the three US banks indicated that non-GSIB banks are not immune from creating bank contagion – the demise of one bank giving rise to customer behaviour that impacts other banks. In this instance banks were perceived as peers because of similar business models and/or funding strategies (such as high reliance on uninsured deposits). There is understandable concern that digitisation may have accelerated contagion compared to non-GSIB failures in the past.

The domino effect witnessed in Spring 2023 is likely to lead to supervisory authorities deepening their analysis of smaller and medium sized-banks to identify those with similar profiles. Through scenario modelling authorities can then explore possible situations where groups of small and medium sized banks have to close, and importantly understand the root causes why. It is also probable that the events of Spring 2023 among smaller banks mean there’ll be greater supervisory attention on the adequacy of banks’ resolution plans – the next key point in this article.  

5. Having resolution plans that enable informed, successful failure

The banking turmoil constituted the first real test on a large scale of the international resolution framework that was established in the aftermath of the Global Financial Crisis.

In the Credit Suisse case, although resolution was ultimately not applied to resolve the bank, substantial resolution planning work in the preceding years (including through the Crisis Management Group) was viewed as being incredibly beneficial to inform a bespoke resolution strategy. This is not to say that there weren’t still some important lessons learnt from the Credit Suisse rescue for the effective operationalisation and implementation of the G-SIB resolution framework. For example, the need for an effective temporary public sector liquidity backstop that banks are ready to access as a last resort. 

In the case of the US Banks there was relatively limited resolution planning information available and little time to develop and implement such plans. The events demonstrated that resolution-related capabilities, such as the ability to quickly produce information needed to market an institution or to operationalise key staff retention plans, are of critical importance (even for non-GSIBs); and when such capabilities lack maturity, it can be a hindrance to an efficient resolution process.[3]

It goes without saying that there is immense value to supervisory authorities where banks have ex ante clear resolution plans that determine a bank’s critical functions, address any impediments to a bank’s resolvability, and detail which resolution tools to apply.

As Sam Woods, CEO of the Prudential Regulation Authority states: “In both of the resolutions I was recently involved with (Silicon Valley Bank UK and Credit Suisse) the authorities had fully-worked-up plans which allowed for more than one option to be executed at the point when the firm failed.  None of these plans or options were perfect. All had costs. But all were significantly better than the choices we faced in the 2008 crisis.”[4]

Expect supervisory authorities to work further with banks of all sizes to critically assess the adequacy of their resolution plans. So it’s not too early to revisit, assess and refresh your resolution planning documentation.

This is all the more important as resolution authorities will need to be even better prepared for the possibility of quicker bank runs due to aforementioned challenges posed by digital banking and social media.

Concluding remarks

Banking is founded on liquidity, risk and maturity transformation, which means banks are vulnerable to runs that can cause bank failure. The banking turmoil in spring 2023 reminded us that at the heart of safe banking is the effective management of risks. Expect supervisory authorities to learn from the lessons of the turmoil and heighten their oversight and assessment of:

  • Bank governance to evaluate if it is instilling a positive risk management culture throughout the bank.
  • The quality of a bank’s risk management to identify, monitor and manage risks. There is likely to be additional focus on: i) whether risks associated with a bank’s business model are adequately included in risk metrics; and ii) how well banks are incorporating forward-looking risk perspectives and the banking environment into risk projections and risk modelling.
  • Bank’s liquidity risk identification and management.
  • The wider bank risk environment to identify any potential pockets of concern that may generate contagion-style impacts.

The spring banking turmoil has taught us that digital innovation in banking (e.g. 24/7 access to payments facilities) and the rise of social media are creating fresh challenges for banks and regulators. The unprecedented speed of deposit withdrawals at the first sign of bank problems means that banks and regulators have to be even more on top of their game.

Banks have to double-down on their risk management capabilities (especially liquidity risk) to prevent signs of difficulty emerging in the first place. Were problems to arise banks must have genuinely robust and available contingency liquidity facilities.

Supervisory authorities must re-examine their tools for managing banks that are in difficulty. This could include: i) banks having access to central bank liquidity via pre-positioned collateral; and ii) supervisors re-assessing the adequacy and comprehensiveness of banks’ resolution plans to deal with an extremely rapid deposit withdrawal scenario.


[1] BCBS Committee on Banking Supervision – Report on the 2023 banking turmoil, October 2023, p.19

[2] BCBS Committee on Banking Supervision, Report on the 2023 banking turmoil, Table A.1, p.9

[3] Financial Stability Board, 2023 Bank Failures: Preliminary lessons learnt for resolution, October 2023, p.2

[4] Bank failures – speech by Sam Woods, Mansion House, 16 October 2023, available at : https://www.bankofengland.co.uk/speech/2023/october/sam-woods-speech-at-the-city-banquet-mansion-house ,p.9