Digital Transactions Authoritative, insightful and timely information for payments professionals
The lesson innovators need to learn from recent industry turbulence is that fundamentals still matter.
The collapse of Silicon Valley Bank, the consent order against Cross River Bank, and other recent events show that companies and regulators must focus on business basics.
It is tempting to say SVB’s failure is evidence that social media and digital banking mean we are in a new age. But it really shows that factors like good analysis, having the right people, and paying attention to market changes make the difference between success and failure.
At the risk of over-simplifying a complex situation, SVB failed because bad risk management led to a liquidity crisis. According to the Federal Reserve’s report, the bank expected interest rates to fall and structured its portfolio accordingly. As rates kept rising, they had to raise capital. But once depositors got worried about its condition, the run on the bank began.
Of course, social media made it easier to share concerns, and digital banking made it easier to open accounts elsewhere. But there would have been no news to spread if the bank had managed its portfolio better. Also, even with digital banking, there were plenty of stories about depositors lining up at branches to get their money.
But it is not just bank failures that show the importance of fundamentals. Recent enforcement actions show what can happen when banks forget the basics in their excitement over new possibilities.
In March, the Federal Deposit Insurance Corp. issued a consent order against Cross River Bank requiring it to improve its third-party oversight and risk assessments and forbidding it to add any third-party relationships without approval. It also requires Cross River to monitor its external partners for Fair Lending Act compliance.
With so many banks acting as issuers, it is not surprising that other banks have been critiqued for their third-party management. In 2022, The Office of the Comptroller of the Currency called on Blue Ridge Bank to improve its oversight of partners, among other things.
But managing third-party risk is nothing new. The OCC put out guidance in 2013 on how to do it, and then updated that guidance in 2022.
Another business basic that shows up in all three of these instances is having the right people. SVB was critiqued for not having a chief risk officer for much of the time. And the consent orders mentioned above underscore the importance of having experienced directors and staff to manage risk.
At the same time, the industry is not the only one that needs to remember its basics. To their credit, both the Federal Reserve and the California Department of Financial Protection and Innovation released reports that said they could have done a better job in supervising SVB. They said they should have required faster remediation of risks and better coordination between the multiple regulators watching the bank.
At the same time, banks and payments companies cannot ignore how advances in technology will bring new challenges. The regulators have begun calling out these risks. For example, a recent joint statement by four agencies, including the Consumer Financial Protection Bureau and the U.S. Equal Employment Opportunity Commission, says they will monitor artificial intelligence and other systems to ensure that discrimination laws are not violated. The CFPB also released a statement last year charging that lenders hide behind algorithms to evade consumer-protection laws.
As payments companies integrate new technology and create innovations, they need to put those innovations into a context of sound business models, risk management, third-party oversight, and compliance. New technology does not make these factors obsolete.
—Ben Jackson bjackson@ipa.orgtr
