The Rising Tide of Supervisory Oversight

I’ve been closely following the congressional response to the collapse of Silicon Valley Bank including the first round of hearings where Bank supervisors provided testimony on what they did/didn’t know and committed to an internal review that culminated in a report issued in late April (see link below).  The report was an interesting read with some level of blame for all involved. https://www.federalreserve.gov/publications/files/svb-review-20230428.pdf

Today I watched the Senate Committee on Banking, Housing & Urban Affairs hearing. This time, Bank executives answered detailed questions related to risk management practices and their accountability for the collapse of their respective banks.

It’s clear we can expect supervisory patience around resolving material issues to severely diminish, likely translating into a greater number of public enforcement actions and much tighter oversight.

Regulated firms may want to consider some proactive steps to minimize the impact of this emerging trend on their organizations:

Conduct a detailed assessment of the issue portfolio to:

o   provide a view into the most pressing issues/actions/target dates.

o   understand how committed actions fit into the strategic plan (funding, people, technology needs, etc.).

o   identify roadblocks to delivering on the actions needed to close the issues.

Review governance routines & practices:

o   Are escalation paths effective at providing transparency into material risks?

o   Does reporting provide the right level of visibility and detail (context and metrics) for executive management and the Board to adequately fulfill oversight responsibilities?

o   Is there an appropriate amount of time and space dedicated to surfacing and monitoring material self-identified and supervisory issues/actions?

o   Do meeting minutes include enough detail to demonstrate robust review and challenge?

Assess risk talent

o   Identify the top performers.  Look for ways to retain them using recognition, reward, and development opportunities.

o   Understand the team’s tenure with the organization. There should be a mix along the spectrum to ensure a high level of experience and a pipeline for the future.

o   Set a baseline for turnover and measure against it regularly.  High turnover could be a sign of a larger underlying problem in your risk organization that can have negative impacts on performance and action plan delivery.

o   Measure the rate of internally identified issues vs. internal audit/supervisory issues.  A low rate of self-identified issues is an indicator that proactive risk activities need a boost.

o   Seek to strike the balance between proactive risk management (RCSA, process walkthroughs, control development, etc.) and risk remediation. Over indexing on one over the other further perpetuates the problem inviting increased regulatory scrutiny and/or action.

If your organization needs help assessing or addressing your risk portfolio, click the “Get in Touch” button at our website.  We exist to assist you with your risk management needs.