The recent collapse of the Silicon Valley Bank (SVB), a lender that dominated the venture capital industry for several decades, raises questions around risks and its mitigation. Beyond the obvious direct financial risk, every activity engaged in by an enterprise ultimately has financial consequences. The question, therefore, is do the CFOs need to go beyond their assigned roles and also act as a Chief Risk Mitigation Officer in order to gain oversight on all other functions within an enterprise?
Just to add some context to the recent events in the United States, SVB may have eventually collapsed on March 10, but the problem began much earlier. The bank had announced plans to raise billions of dollars in capital to offset major losses, a move that resulted in panic among investors and the tech founders they backed. Company shares fell by 60% in a single day (March 9) and another 20% in aftermarket business, at which point they were halted. With the bank struggling to find buyers, the government stepped in.
Now, if we look at the immediately preceding events, Laura Izurieta resigned as Chief Risk Officer (CRO) of SVB in April 2022 and formally left the company in October. The bank appointed Kim Olson as her successor in January 2023 and it is yet not clear whether or how the organization managed risks in the interregnum. In such a scenario where a CRO quits and is not available for a proper handover, who amongst the C-suite takes responsibility for any risk-related challenges.
Should the CRO-CFO roles converge?
Typically, a risk officer needs to anticipate and manage regulatory, operational, financial, competitive, and other risks of an enterprise. Organizations are recognizing the fact that the CRO is positioned on the same side of the battlefield as the CFO. Now, the question is how can this realization impact an enterprise’s value?
The SVB example shows clearly that operations in the banking industry and the capital markets are constructed around managing risks. While big risks could bring in bigger rewards, the harsh side of this equation is also undeniable as higher risks could also result in massive losses. Which is probably why the roles of CRO and CFO need to be better integrated. In fact, in a high unstable economic environment, where markets are volatile, defaults are significant and recession is round the corner leading to unpredictable consumer behavior, companies do require risk managers with considerable experience or work closely with the CFO. Maybe, even shift more responsibility to them to manage stakeholder expectations at the board level.
The money manager’s approach to risk management
Given the growing uncertainties, avoiding them could result in disaster and it could create risky blindspots within an organization’s functioning. Therefore, a balance between stability and tactical risk-taking becomes imperative. To mitigate risks and guard against unexpected disruptions, the CFO’s strategic nous around continuity management becomes critical. Deployment of enterprise-level risk management while fostering a culture in dealing with risks across divisions is something that the CFO can drive with a top-down approach. Such an approach could include some of the following best practices:
- Involving diverse viewpoints in the planning process – Silos kill agility. Therefore, involving finance teams into deliberations becomes critical and CFOs can communicate with all the key stakeholders such as operations, IT, HR, vendors, supply chain managers and customers to understand risk-related concerns. By casting the net wide and seeking opinions, CFOs can reduce blind spots and avoid unwelcome surprises.
- Constant watch on emerging risks – New risks could typically be associated with digital transformation, cyber threats, changing regulatory requirements, geopolitical tensions, and any public distrust. Keeping tabs and evaluating them continuously may appear overwhelming, but is inescapable. Moreover, increasing data volumes makes the task easier as the CFO can leverage technology to cut the clutter and uncover insights on specific risks.
- Analyze interdependent and cascading risks – While a single challenge may not be a cause for concern, when they combine, the cumulative impact could be staggering. CFOs are positioned well to manage interdependencies, given their comprehensive understanding of the organizational functions as well as the market they operate in. Given their knowledge of the value chain, these financial officers can ascertain value creation and damage as well as the vulnerabilities that cause them.
It is a question of wearing two hats
However, to become effective risk-managers, the CFOs need to take some steps that clearly differentiates their roles as wealth creators of an organization and the risks that the enterprise could be taking to do. For starters, awareness of confirmation-bias and over-reliance on numbers could be traps. While it is tempting to trust data and its use to justify theories and predictions, CFOs acting as risk managers would always keep a watch for the intangible but real risk factors. They would recognize that accounting as a yardstick for evaluating business performance is a black art, masquerading as science. Therefore, instead of taking management reports as final documents, they could collate data from these sources to start cross-functional discussions to identify potential risks. The focus shifts from citing answers from reports to asking new questions.
Finally, there is the question of tackling disasters such as product recalls ro data breaches. Corporate reputations built over years turn to dust if such situations are not handled carefully. The CFOs are once again equipped to tackle communication around such mishaps and can proactively take action – corrective ones when needed. Once again, the cross-functional knowledge makes it easier for the CFO to set up a reliable process to assess and control such risks.
In conclusion, we can safely infer that risk management is way more than handling operational risks. It calls for risk intelligence, which is where the CFO steps in. Their knowledge of balance sheets, corporate deals, and operations makes the finance managers well positioned to function as CROs, when the situation demands. The SVB incident points us to a future where the two rolls could merge.