Stressful Times Call for Renewed Stress Testing

Introduction

With the collapse of Silicon Valley Bank (SVB), there has been the expected cry for greater regulation and the urging as to why the Comprehensive Capital Analysis and Review (CCAR) and Dodd-Frank Act Stress Test (DFAST) did not apply. The purpose of this article is not to argue that it should not have been considered under these important supervisory tools, but rather to articulate that neither of these programs would have prevented the bank’s downfall. They may have helped by requiring the bank to ask questions of some of its strategic decisions and providing some level of governance around the risk it was taking, but they would not have prevented the collapse.

We should remember that the purpose of CCAR and DFAST post the 2008-2009 crisis was to provide transparency, clarity, and comparability across the banking sector given similar economic scenarios and conditions. These regimes have generally been doing their jobs. Most banks included in these programs have demonstrated that they have sufficient capital to withstand an economic downturn similar to the experience we all lived through in 2008. Capital levels at the country’s largest institutions have increased significantly since those days. In addition, the oversight and management of risk have become a common place discussion and activity throughout levels of bank management and in the Board room.

However, the world keeps changing and bank stress testing needs to be, in a word – dynamic – to make sure the stress testing is considering the economic and market conditions in which a bank must operate.

Stress Testing – useful, strategic imperative

In its current form, stress testing in the United States is very focused on the regulatory-run CCAR and DFAST activities. These are useful stress tests for bank stakeholders to demonstrate that U.S. banks can withstand a capital event and have the framework and tools to manage a stressed event.  However, they are siloed exercises that solely focus on economic events and the impact on capital. While banks are required to forecast a balance sheet, including liquidity, the stresses do not specifically look at what we believe ultimately took down SVB – market reaction and impact to liquidity.

As we have seen over the last several weeks, the primary impacts of a stress event are interesting and real, but what will really take a bank down are the ripple effects. The secondary and tertiary effects of stress are ultimately those that drain capital and liquidity.

Take the SVB failure as the example here:

• Bank assesses the impact of duration risk
• Bank analyzes the impact of the interest rate increases on its held-to-maturity (HTM) portfolio
• Bank takes little to no action relative to the mismatch of its portfolio and the rebalancing of their portfolio
• Bank realizes they have a loss and looks to raise capital
• Bank attempts to raise capital, as would be the standard contingency in this context
• Bank has a concentration in depositors that would have been highlighted during ALCO and Board meetings and during regulatory exams^[1] and simple scenario analysis would have shown a distinct issue with the concentration, but nothing was done to address the issue

THESE DID NOT TAKE DOWN THE BANK ALONE – ADDITIONAL EVENTS NEEDED TO OCCUR

• Market starts to get jittery about the bank’s inability to raise capital and starts discussions about the bank’s viability
• Depositors then start taking their deposits out – see concentration issue above
• Bank is put into receivership

These knock-on effects need to be considered to make stress testing a useful, strategic tool rather than a regulatory compliance exercise.

So many resources have been invested in the current regulatory stress testing regime that it limits the creativity that makes stress testing a meaningful analytical tool for banks and supervisors to discuss the risks the banking system faces.

Banks have assumptions for the various stress tests they conduct. These tend to be siloed based on the purpose of the stress test. Interest rate risk scenarios are managed by an asset liability management function and reviewed in light of the makeup of the bank’s specific book of business. However, if those scenarios were more frequently aligned with a myriad of other issues impacting the bank, and the industry at large, would the bank yield the same result?  Likely not. And it wouldn’t look at the results in the same light. In addition, the scenarios that banks use need to have different paths and different assumptions. The actual conditions that occur in the future will never be exactly the same as what a forecast “predicted”.  Therefore, management should make multiple sets of assumptions to assess the impact these various scenarios would have on the bank’s positions.

Bill Dudley, former President of the Federal Reserve Bank of New York and a current member of the Boards of Directors of UBS and Treliant, commented during a recent working session, “I think it’s really important to stress your institution in many different ways. This is why I think it’s really important to have a strong Board that challenges the Chief Executive Officer and the C-Suite and says, hey, you know what happens if this occurs? Are we going to be OK?”

Banks need to ensure that their stress testing frameworks provide a level of dynamism and flexibility which is currently lacking in the existing program. Bank management should have a framework that allows them to posit what-if questions and allow the analysis to direct them to a variety of outcomes and require the articulation of a variety of potential solutions to address what-if questions.

Boards of directors have specific responsibility to challenge management on their assumptions, decisions, and strategic ventures. Boards should be requiring bank management to submit a variety of analyses to not only show how a strategy will work, but how it could also not work. Members of the Board need to consider these analyses and ask management tough questions during their meetings and think beyond what is in a “standard” scenario. Each analysis should provide playbook/decision trees that the Board may also challenge and amend based on their collective experience. The playbook should include alert and trigger levels to draw the Board’s attention and require specific action at the various levels of concern (e.g. green – standard reporting, yellow – Board is notified, red – Board/management is required to take an action).

Bill Dudley, posits this question for Boards and management to ask themselves: “Ask what is the commonly held belief that people have, and if it turns out to be wrong, will we be OK?” Boards should be asking this question to management on a regular basis as they are reviewing standard reporting and stress tests.

This will certainly require additional work from management and the Board. However, if done thoughtfully and with a purposeful framework, the additional work will pay off by providing structure to an otherwise chaotic process and hopefully avoid the issues that the industry has experienced over the last several weeks.

In 2012, the regulators jointly issued Supervisory Guidance on Stress Testing for Banking Organizations with More than $10 Billion in Total Consolidated Assets^[2], which lays out principles by which a stress testing framework is built. Principle 3 specifically states: “An effective stress testing framework is forward-looking and flexible.”

Further under Principle 3, the agencies provide additional context of their expectations:

In addition to conducting formal, routine stress tests, a banking organization should have the flexibility to conduct new or ad hoc stress tests in a timely manner to address rapidly emerging risks. These less routine tests usually can be conducted in a short amount of time and may be simpler and less extensive than a banking organization’s more formal, regular tests.

Clearly, these stress tests will be less robust than submissions for regulatory purpose and the analytics may be less defined or scientific than a robust model-based approach. This should not discount the stress test’s validity or power to give bank management and Boards important insight into the risks facing their portfolios.

Perhaps most importantly from the regulatory guidance:

Principle 4: Stress test results should be clear, actionable, well supported, and inform decision-making.

Banks should develop a way to look at stress test results and provide meaningful actions to take before the issues manifest themselves. Clearly, not all stress tests will yield meaningful results that require immediate action, but each stress test should be accompanied by a playbook and early warning indicators that the bank will monitor prior to an issue arising.

Many banks already have existing playbooks that they can leverage and update based on the outcome of the stress test. Contingency funding plans exist at nearly every financial institution. Generally, these are updated on an annual basis and focus on the funding of the balance sheet; appropriate given the structure of bank balance sheets and the relative benign environment we have seen in recent years. However, playbooks should be robust, living documents that align across a variety of assumptions and scenario sets that provide management with a way to act decisively when the need arises. Playbooks should include communication plans, financial and operational actions to be taken, and early warning indicators to monitor.  The playbooks should be detailed documents that outline how management would respond to specific instances, such as a major outflow of depositors and fund excessive outflows.

We think of the playbooks as decision trees that provide a schematic of ‘if this event occurs then the bank would do this, but if the event shifts, then the bank would take a different action’.

Conclusion

While the dust will take a long time to settle on the events of the last few weeks, all banks should be thinking about their response to these events. A renewed focus on stress testing and its application will be a key policy response from the supervisory community. Banks should be putting plans in place now on how they will leverage their existing stress testing capabilities to get strategic, risk management value, rather than just meeting regulatory hurdles.

Bank management and the Board also need to ensure they are responsive to results of stress tests, regulatory feedback, and risk management/compliance/audit issues.  Without prioritizing the response to these items, seemingly benign issues can very quickly turn into crises.

^[1] https://www.foxbusiness.com/politics/federal-reserve-sounded-alarm-silicon-valley-banks-risk-management-2019-report

^[2] https://www.federalreserve.gov/supervisionreg/srletters/sr1207.htm

This article was co-authored by: Paul Kalamaras

Paul Kalamaras served as Senior Executive Vice President and Chief Risk Officer at Investors Bank, a $25 billion asset commercial bank headquartered in Short Hills, New Jersey with banking offices throughout New Jersey and New York through the sale of the company to Citizens Bank in 2022. He was responsible for the overall risk management of the company, including the credit, compliance, information security, BSA/AML and enterprise risk functions and was a member of the bank’s Executive Committee. Prior to joining Investors, Paul served in a number of executive leadership positions in middle market, retail and business banking lines of business in several regional and community banking organizations.