October 30, 2021 / VOLUME NO. 181
A Frightening Twist on Risk

It’s common wisdom in the industry that larger banks need a risk committee. For one, regulators expect it. The Dodd-Frank Act of 2010, passed in the wake of the last financial crisis, codified the rule that banks above $10 billion in assets need a board-level risk committee.

But does such a committee reduce risk? An academic paper published in July, called “Why Do Bank Boards Have Risk Committees?” suggests that the answer is no. A team of professors from The Ohio State University, Kennesaw State University, Georgetown University and The University of Texas at San Antonio analyzed the various reasons a board might have a risk committee. But the most interesting finding, in my view, is that there’s no evidence that banks with risk committees perform better or have less risk. 

The professors analyzed bank performance during the global financial crisis based on whether a bank had a board-level risk committee in 2006, along with the performance of banks that adopted a risk committee between 2003 and 2018. They found no correlation between risk committees and risk-taking or performance. 

Banks are risk-taking enterprises. The core of most bank business models is to “borrow” short-term deposits and lend them for a set period for a profit — one of the riskiest business models there is. Establishing the balance between risk and reward is the job of seasoned management teams overseen by boards. Perhaps it’s not surprising that risk committees don’t reduce risk. Their job is to oversee management’s efforts to maximize sustainable returns for shareholders.  

Record low net interest margins have increased the pressure to grow. Banks are challenged to seek better yields on their investments, to change their credit standards and to take on risky acquisitions. 

But think of the scenarios where a risk committee could add to the confusion. Assigning risk to a separate committee could worsen the level of communication and engagement on a bank’s board. The board becomes less informed about risk but feels more confident in the bank’s risk-taking abilities, leading the bank to theoretically take on more risk. 

In a blog post, Rene Stulz, a co-author of the paper, concludes that “having a risk committee only makes sense for banks where risk-taking is sufficiently complex that risk metrics have to be monitored by a specialized committee.” 

It’s important to question the prevailing wisdom. Unless the regulators require it, having a risk committee may simply make no sense. 

• Naomi Snyder, editor-in-chief at Bank Director
Presenters at Bank Director’s Audit & Risk Committees Conference shared what banks need to know about three pressing and controversial regulatory issues.

“Banks must stay on top of regulatory updates and potential risks, even as they contend with a challenging operating environment of low loan demand and high liquidity.”

• Kiah Lau Haslett, managing editor for Bank Director
Banks need a way to effectively and empathetically listen to customers and respond with information or options that are relevant and timely.
Banks can manage third-party vendor risk through interbank collaboration, thorough due diligence and periodic reviews of the vendor’s performance.
Bankers may be underreacting to embedded and emerging credit risks as the economy normalizes, according to presenters at Bank Director’s Bank Audit & Risk Committees Conference, held Oct. 25 to 27.
When it comes to live chat and mobile messaging, one is clearly better than the other, but they’re often confused by community bankers.