Heed SVB’s risk lessons
WHEN the CEO of Silicon Valley Bank (SVB) issued a letter to investors on 8 March explaining the need for an emergency injection of liquidity due to elevated levels of cash burn, catastrophe struck with shocking speed. The letter had been prompted by the bank’s loss of US$1.8 billon on a forced sale of US$21 billion worth of US Treasury bonds. And just two days later, following the withdrawal of US$42 billion by panic-stricken depositors, SVB failed.
A bank that had generally been considered financially sound just days before was now insolvent. Fear of contagion and systemic risk subsequently swept through the market, raising many questions about how such a failure could have been prevented or detected before it was too late.
Risk concentration
A bank that is overly concentrated in any type of asset or liability is invariably vulnerable to unexpected movements in market rates and prices. As the chart below illustrates, SVB’s assets had unusually heavy concentrations in fixed-rate, long-dated US Treasury securities on top of liabilities that were made up mostly of deposits from tech start-ups.
It goes without saying that any significant unexpected loss must have previously existed as a material exposure to non-financial risk. In other words, there is a positive correlation between increasing exposure to non-financial risks and resultant unexpected financial losses.
It follows the adage all accountancy professionals can attest to: If an organisation accepts a risk, it also accepts a probability of loss. The question is, how do we define accepted best practice when it comes to identifying and accounting for accumulating non-financial risks in the form of expected losses?
Accepted risks
Is accepted risk about disclosure or accounting? SVB’s 2022 annual report lists 38 risk factors accompanied by a health warning: “If any of the events or circumstances described in the following factors occurs, our business, financial condition and/or results of operations could be materially and adversely affected.”
Backward-looking financial statements that require only the disclosure of accepted risks without accounting for them are obviously of little use or relevance. The consequent ‘risk and profit taking now, losses later’ is of particular concern from the audit perspective as it invites less-principled businesses and staff to play irresponsibly with investors, clients, the environment, and even public health and safety.
Some would claim that a non-financial risk is intrinsically impossible to observe and that you cannot account for the unobservable as only financial outcomes are observable. However, as the recent banking sector turmoil continues to prove, this simply does not make sense. Accounting standards for accepted non-financial risks must be established.
Under the direction of the Risk Accounting Standards Board (RASB) and the Durham University Business School, a research partnership between ACCA and the Professional Risk Managers’ International Association (PRMIA) has codified a next-generation accounting method and system called risk accounting which is intended to accomplish just that.
Risk accounting
Risk accounting brings about a new metric called a risk unit (RU), which is used to express all forms of non-financial risk. Each product’s maximum possible exposure is expressed as inherent RUs, while the organisation’s risk mitigation effectiveness is measured through a risk mitigation index (RMI). The residual RUs that result from applying the RMI to inherent RUs represent the infamous accepted non-financial risks.
Using the model of liquidity risk measurement, it is possible to identify and weigh the risk characteristics of each product, as well as the daily values traded, representing the respective probability and likely severity of incurring future losses.
With these two factors an algorithm determines products’ inherent risk in RUs. The actual procedures used by banks to control liquidity risk are then compared to ‘predefined consensus risk management best practices’ in the industry. The gaps are impact-weighted and applied to the products’ inherent RUs in an algorithm that computes the RMI and residual RUs.
The monetary value of an RU is determined over time by statistically modelling historic product-related losses, and the respective context data appended to each loss in the form of residual RUs.
To return to SVB, the large holdings of fixed-income instruments on its balance sheet would have resulted in high inherent RUs and a low RMI, producing elevated residual RUs that would have required an immediate response.
Question of trust
Accounting professionals are crucial to restoring confidence in the global banking system. Risk accounting can help achieve this by:
• risk-adjusting accounting profit and shareholders’ equity with the expected losses associated with accepted non-financial risks
• replacing weak, non-comparable, and non-aggregatable colour-coded (red, amber, green) reporting of risk exposures with explicit quantification in RUs and valid aggregation
• publishing audited risk accounts in RUs, including divisional and group RMIs
• tokenising banks’ audited residual RUs, which can be traded on the open market.
The last point is the object of ongoing research and progressive prospects of what modern-day risk accounting could bring to the table. By selling their residual RU tokens on the open market banks will be able to collateralise accepted risks because the higher the group RMI, the more attractive and greater intrinsic value of their residual RUs. It is precisely the kind of transparency needed to incentivise better risk management.
Author: Peter Hughes is chair of the Risk Accounting Standards Board and a member of ACCA’s Global Forum for Governance, Risk and Performance. Source: ACCA’s Accounting and Business magazine.