Risk is always a prominent factor for banks, but during a year in which financial institutions faced unprecedented challenges driven by the COVID-19 pandemic, organizations’ ability to strategically navigate change proved crucial.
Moss Adams partnered with Bank Director to conduct the 2021 Risk Survey and explore key risks facing the industry—and forecast how banks will emerge from the pandemic.
A summary of top insights uncovered in the survey follows, as well as considerations for bank leadership to keep front of mind into the second half of the year.
Rising Credit Risk Concerns
Unsurprisingly, concerns around credit risk increased in 2020.
Two-thirds of bank respondents worry about concentrations in their loan portfolio, particularly around industries significantly strained during the pandemic, including commercial real estate and hospitality.
Almost all respondents modified loans in Q2 and Q3 of 2020 to aid their customers during the initial wave; some of these modifications extended into Q4.
Evaluation Metrics and Portfolio Concerns
Two separate metrics are now in play for regulators’ evaluations. As a result, it’s important to note that just because your portfolio doesn’t receive a favorable rating, doesn’t mean your bank or management won’t be evaluated favorably.
With some loans going into deferrals as businesses shut down and were unable to make payments, regulators might downgrade a portfolio rating. However, bank management could receive a strong rating because of actions they took to keep the bank running and support customers.
While this modification accommodates the current realities, it doesn’t diminish the fact that portfolios are degrading from a stability standpoint.
43% of respondents tightened underwriting standards during the pandemic, while roughly half are unsure if they’ll adjust standards in 2021 and 2022.
Banks that have good governance will increase their underwriting standards and will be strategic about to whom they lend money. In addition, they’ll have to assess which loans they’ll allow to be in delinquent status without taking action, and which they’ll defer.
Increases in Stress Testing
While annual stress tests are common for banks, 60% of respondents expanded the quantity or depth of economic scenarios in response to the pandemic—even though asset limits for stress testing already previously increased.
Most institutions now focus on not just interest rate stress testing, but also the whole portfolio. This is driving more stress testing on the viability of collateral for loans and liquidity.
Institutions comprehend that they’ll face increased allowance provisions and write-offs, so they’re stress testing the capital side of their organization to see how they can shoulder that burden.
Future Alternative Criteria
Looking forward, banks could perhaps focus on concentrated risks within the portfolio and potentially apply different, more specific stress testing criteria to various segments such as multifamily real estate, hospitality, and mortgages—knowing certain areas may pose greater risk.
Improved Plans for Continuity and Disaster Recovery
The pandemic placed a renewed focus on continuity and disaster recovery.
While most organizations had a pandemic provision in their plans following guidance from the Federal Financial Institutions Examination Council (FFIEC), these only materialized as hypothetical exercises. When an actual pandemic hit, many organizations had to react quickly, focus, and learn how to adapt during the experience.
Key Improvement Areas
Most banks will enhance their business continuity plans as a result of the pandemic—84% of respondents say they’ve made or plan to make changes to their plans.
Key improvement areas include plans to:
- Formalize remote work procedures
- Educate and train employees
- Provide the right tools to staff
- Ensure the bank’s IT infrastructure can adapt in a crisis
For more information on how to build or improve your disaster recovery and business continuity plans, visit our Financial Services Consulting page.
Cybersecurity and Remote Work Setups
Three-quarters of respondents plan for at least some employees to work remotely after the pandemic abates.
This makes cybersecurity a significant concern that boards need to further explore and implement additional precautions around.
Increased Vulnerabilities
Previously, with employees working under one roof, there was only one entry point of attack for cybercriminals. Suddenly, with employees working from potentially hundreds of different locations, hundreds of entry points could exist.
Support for Your Professionals
Factoring in employees’ mental states is also a crucial vulnerability. With employees navigating the difficulties of work from home life and general stresses of the pandemic, it’s easier for cybercriminals to take advantage of or deceive people.
Increased staff training, as well as technology improvements, can help better detect and deter cyberthreats and intrusions.
For more information on how to protect your valuable data and assets, view 3 Steps to Protect Company Data While Working Remotely or our Cybersecurity Checklist for Remote Work.
Looking Forward
Though many respondents noted the resilience of the industry, it’s important to not get complacent.
Organizations certainly weathered the hard times, but the biggest impacts of the past year likely won’t be fully visible until the pandemic subsides.
Once that occurs, some businesses will reopen but may need more capital; others may still close permanently, leaving banks to determine which loans won’t get repaid, engage bankruptcy courts, take cents on the dollars for the loan, and have write-offs.
While this past year has been a major learning experience, the lesson likely won’t be wrapped until early 2022.
We’re Here to Help
For additional guidance to help manage your bank’s risk read 2021 Risks and Opportunities for Financial Institutions, visit our COVID-19 content page for financial services organizations, or contact your Moss Adams professional.