The assessment of safety and soundness is among the most fundamental elements of bank supervision. But what does safety and soundness mean in practice? And what makes certain aspects of a bank’s condition or management unsafe or unsound? Some have suggested revisions to current safety and soundness regulations to base them more on objective risk measures and rooted in financial risk. How would this work in practice and what are the pitfalls and limitations of such an approach?
Filling the Gap
Banks are subject to a series of regulations meant to address specific issues. Capital, liquidity (for larger banks), investment powers, as well as consumer protection and other compliance regulations. With thousands of banks with varying balance sheets and strategies, that still can leave considerable gaps. It’s not as though there’s a regulation against doing dumb or reckless things.
But wait, there is one. 12 CFR Part 30 (for national banks) establishes safety and soundness standards. FDIC and the Federal Reserve have similar regulations. Failing to live up to these standards is a potentially unsafe and unsound practice. Violation of another regulation is neither a necessary nor sufficient condition to deem a practice as unsafe and unsound. Some unsafe and unsound practices also violate other regulations but need not. Safety and soundness standards function as a sort of elastic clause that can rein in imprudent activity.
While these safety and soundness standards afford supervisors additional flexibility, they are not invoked lightly. Calling a bank’s activities or practices unsafe or unsound is a big deal. You can expect a lot of pushback from the bank and need to ensure you are on firm ground. That usually means linking the activity to the standards and demonstrating where the bank fell short. The standards themselves could be vague, so you need to show how the practice departs from industry practice and particularly how it could lead to significant losses.
More Objective Measures?
Last year’s Loper Bright decision made regulations more vulnerable to legal challenge by deciding that judges rather than regulators should determine the will of Congress if that intent is unclear. The safety and soundness regulations should be less vulnerable since Congress explicitly authorized regulators to determine safety and soundness standards. However, as I noted in an earlier post, Part 30 uses the word “appropriate” 73 times. That leaves plenty of room for interpretation. Neither the statute nor the regulation explicitly defines “unsafe and unsound.” Rather, the regulation describes standards for safe and sound operations and notes that failure to meet these standards may represent an unsafe and unsound practice.
In an April 9, 2025 speech to the American Bankers Association, Treasury Secretary Scott Bessant included a desire “to define ‘unsafe and unsound’ by rule using more objective measures rooted in financial risk.” This is an intriguing idea. The current safety and soundness regulation focuses less on on risk per se but is more concerned that “you’re doing it wrong.” Part 30 doesn’t define a particular level of interest rate risk as “excessive,” rather requires banks to “manage interest rate risk in a manner that is appropriate to the size of the institution and the complexity of its assets and liabilities” and that management report IRR exposure to the board. Likewise, an institution’s asset growth should be “prudent.”
Risk vs. Risk Processes
Bank supervisors are often more willing to criticize a process than a risk exposure. Nearly 94% of Silicon Valley Bank’s deposits were uninsured. There was also a concentration within that concentration in that most of the large depositors were venture capital and tech firms. Those concentration levels made the bank especially vulnerable to a deposit run and received too little attention.
But suggestions that the Fed’s focus on liquidity processes was a triumph of form over substance also miss the mark. SVB not only had a deposit concentration but also needed better 1) stress testing to measure its risk: 2) contingency funding planning to identify and operationalize secondary and tertiary sources of funds; and 3) an independent risk function commensurate with the bank’s complexity and risk. These processes were necessary to mitigate the bank’s sky-high liquidity risk. The problem wasn’t that remediating weaknesses in these areas was somehow distracting but that both bank management and its supervisors approached the problems with an insufficient sense of urgency.
Some Roadblocks and Limitations
Bessent didn’t provide any details on how regulators might redefine “unsafe and unsound,” but a review of the regulation and its enabling legislation indicates some legal roadblocks. The legislation doesn’t merely require regulators to develop safety and soundness standards. The statute specifically requires those standards to address:
“(A) internal controls, information systems, and internal audit systems; (B) loan documentation; (C) credit underwriting; (D) interest rate exposure; (E) asset growth; and (F) compensation, fees, and benefits; and (2) such other operational and managerial standards as the agency determines to be appropriate.”
Replacing the current standards with a few key financial ratios won’t cut it. Of course, the current administration has shown little interest in adhering to the law. And who would bring the challenge? The banking industry won’t litigate if the regulators loosen standards. Others might be concerned that these actions increase the probability of a banking crisis but wouldn’t have the deep-pocket backing to bring a case. And would they even have standing? Probably not.
There’s also the issue of credibility. Bessent’s position that supervisors should move away from supposedly subjective assessments of non-core non-financial risks echoes the sentiment of other incoming regulators. But none of them have proposed specific alternatives. The Bank Policy Institute has some suggestions, but they don’t stand up to scrutiny. Most importantly, Bessent supports weakening the quantitative standards that do exist. He not only opposes the Basel Endgame proposal but also wants to reduce current risk-based capital requirements. And the capital leverage requirement. Plus the capital buffer. And liquidity stress testing. And he wants higher deposit insurance limits. It’s hard to see the new team of regulators coming up with credible objective standards for safety and soundness when they also favor watering down what’s already in place.
Leave a Reply