Agencies Release Reports Detailing Supervision and Regulation of Silicon Valley Bank and Signature Bank

May 16, 2023

What Comes Next? Looking Forward By Looking Back

Click for PDF

On April 28, 2023:

The reports in part assign, and in part accept, blame for the failures of SVB and Signature to the institutions’ boards of directors and management and the agencies’ own missteps in their oversight of the institutions through their supervisory and regulatory authorities. The Federal Reserve’s report is also critical of its own tailoring approach in response to the 2018 Economic Growth, Regulatory Relief, and Consumer Protection Act (“EGRRCPA”).

Rather than summarize the reports’ details of the events leading up to the failures of SVB and Signature, which have been extensively covered, we examine the federal banking agencies’ expected collective response to the recent failures of SVB, Signature, and First Republic Bank, self-liquidation of Silvergate Bank, resulting financial distress across the financial markets broadly, and volatility experienced by similarly sized regional banks acutely. We also examine relevant considerations for FinTechs or other financial services or technology companies that partner with banks for the delivery of innovative financial products and services.

The expected response will shape and shift the regulatory landscape going forward for institutions of all sizes and their partners, and could result in significant changes to the regulatory and supervisory oversight of those institutions and related supervisory expectations and processes. In that regard, there are two takeaways from the reports:

  1. We can look forward to the expected regulatory response by looking back at the fundamental risk management principles codified in the Dodd-Frank Act and the changes made to the alignment of those principles under EGRRCPA. The more immediate impact will be felt through the supervisory process and quickly evolving supervisory expectations because proposed rulemakings could take “several years” to effect (as Vice Chair for Supervision Barr acknowledges in his cover letter).
  2. All relevant stakeholders should be actively engaged in the rulemaking process, both to facilitate a thoughtful approach to proposed regulation that weighs the costs and benefits of proposed actions, and to help design an adjusted and balanced framework that promotes safety and soundness and resolvability, provides clarity, reduces complexity and, equally as important, does not diminish banks’ critical role as financial intermediaries or create unintended harmful consequences to the broader economy.

I. Background: Dodd-Frank and EGRRCPA

The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank Act”) established enhanced prudential standards for bank holding companies and foreign banking organizations with total consolidated assets of $50 billion or more and nonbank financial companies designated by the Financial Stability Oversight Council for supervision by the Federal Reserve. Under the Dodd-Frank Act, those enhanced prudential standards include enhanced risk-based and leverage capital, liquidity, risk management and risk committee requirements, a requirement to submit a resolution plan, single-counterparty credit limits, supervisory and company-run stress testing requirements, and other prudential standards that the Federal Reserve determines are appropriate.

However, EGRRCPA subsequently raised the minimum asset threshold for application of enhanced prudential standards from $50 billion to $250 billion in total consolidated assets, while (i) providing the Federal Reserve discretion in determining whether an institution with assets of $100 billion or more must be subject to such standards and (ii) enabling a more “tiered” and “tailored” enhanced prudential standards regime for large banks. In 2019, the Federal Reserve issued a final rule establishing four categories for determining the applicability and stringency of prudential standards:

  1. Category I (U.S. global systemically important bank holding companies (“U.S. G-SIBs”));
  2. Category II (banking organizations with $700 billion or more in total consolidated assets or $75 billion or more in cross-jurisdictional activity);
  3. Category III (banking organizations with $250 billion or more in total consolidated assets or $75 billion or more in weighted short-term wholesale funding, nonbank assets, or off-balance sheet exposure and that do not meet the criteria for Category I or II); and
  4. Category IV (banking organizations with at least $100 billion in total consolidated assets and that do not meet the criteria for Category I, II, or III).

The Federal Reserve’s visual depicting the current framework is available here.

II. A Return to Post-Dodd-Frank Act Principles of Oversight and Supervision (or More)?

Vice Chair for Supervision Barr’s cover letter, the Federal Reserve’s report, and the other agencies’ reports forecast expected adjustments to the regulatory framework to align it more closely with the fundamental risk management principles codified in the Dodd-Frank Act, to the extent not limited by or inconsistent with legislative changes made under EGRRCPA. The expected response echoes statements made by Vice Chair for Supervision Barr and other federal banking agency leaders in speeches and other settings, including Congressional testimony, some of which pre-date the most recent bank failures and disruptions in the markets and broader economy. The federal bank regulatory agencies under the Biden administration have signaled for some time their desire to re-align Dodd-Frank Act risk management principles of oversight and supervision—at least to the extent not limited by changes made under EGRRCPA—and the agencies’ reports reaffirm that. Large banks (i.e., banks with total assets of $100 billion or more) should expect an acceleration in the number and scope of proposals that modify the regulatory framework, including proposals that push down certain elements currently applicable only to U.S. G-SIBs.

Vice Chair for Supervision Barr’s cover letter to the Federal Reserve’s report highlights expected regulatory initiatives that are clearly put forth and of likely immediacy for institutions with $100 billion or more in total consolidated assets: capital, liquidity, resolvability, and stress testing. It will be important that any proposals not simply be reflexive but, instead, be thoughtfully designed, provide clarity, assess the costs and benefits, and minimize potential downside to the broader economy.

  • Capital. Vice Chair for Supervision Barr states in his cover letter to the report “this experience has emphasized why strong bank capital matters,” highlights the need “to bolster resiliency” and confirms the Federal Reserve is “going to evaluate how to improve [its] capital requirements in light of lessons learned from SVB.” He then adds that “[s]ome steps already in progress include the holistic review of our capital framework [and] implementation of the Basel III endgame rules.” These echo prior statements and remarks for the need to strengthen capital requirements by Barr, including as far back as his nomination hearing before the Senate Banking Committee, as well as similar statements made by Acting Comptroller Hsu and FDIC Chairman Gruenberg in different contexts. As Barr has previously noted, large institutions should expect those enhanced regulatory capital requirements to align with the final set of Basel III standards aimed at “further strengthen[ing] capital rules by reducing reliance on internal bank models and better reflect risks from a bank’s trading book and operational risks”[1] and any proposal should be expected to follow shortly. Barr’s cover letter also suggests the Federal Reserve “should require a broader set of firms to take into account unrealized gains or losses on available-for-sale securities, so that a firm’s capital requirements are better aligned with its financial positions and risk.” As with prior rulemakings, any proposal, if and when finalized, would be implemented with appropriate phase-in periods and likely would take “several years” to take effect, as noted by Barr himself.
  • Liquidity. Vice Chair for Supervision Barr’s cover letter indicates the Federal Reserve is “also going to evaluate how [the Federal Reserve] supervise[s] and regulate[s] liquidity risk, starting with the risks of uninsured deposits,” adding that “liquidity requirements and models should better capture the liquidity risk of a firm’s uninsured deposit base” and the Federal Reserve “should re-evaluate the stability of uninsured deposits and the treatment of held to maturity securities in … standardized liquidity rules and in a firm’s internal liquidity stress tests.” He then adds the Federal Reserve “should … consider applying standardized liquidity requirements to a broader set of firms.” He concludes that “[a]ny adjustments to [the] liquidity rules would … have appropriate transition rules, and thus would not be effective for several years.”
  • Resolvability. Vice Chair for Supervision Barr’s cover letter also indicates that, following on the October 14, 2022 Advance Notice of Proposed Rulemaking (“ANPR”) issued by the Federal Reserve and FDIC, the federal banking agencies will plan to propose a long-term debt requirement for large banks that are not U.S. G-SIBs. The earlier ANPR was issued to explore whether and how to strengthen resolution-related standards applicable to large banking organizations (i.e., Category II and Category III banking organizations under the tailoring rules). The ANPR considered whether large banking organizations should be subject to resolution requirements similar to those required of U.S. G-SIBs, including total loss-absorbing capacity, long-term debt, clean-holding company requirements, and related requirements.
  • Stress Testing. Vice Chair for Supervision Barr’s cover letter includes in the list of steps already in progress “the use of multiple scenarios in stress testing” and notes the Federal Reserve will be “revisiting” the “coverage and timeliness” (i.e., applicable transition periods) of stress tests for some firms.

III. A Shift in Supervisory Expectations and Processes

Changes to the regulatory framework will take a number of years to effect, taking into account sometimes lengthy notice and public comment periods and the implementation of final rules and phase-in periods accompanying their implementation. As a result, and as a natural response to criticisms leveled (by regulators) at the oversight and supervision (by regulators) of SVB and Signature, banks of all sizes should anticipate a noticeable and swift shift in supervisory expectations and the communication and enforcement of those expectations.

The reports signal several areas of concern that will (if not already) be areas of heightened supervisory focus that, if not properly managed from a risk perspective, could lead more quickly to ratings downgrades, formal or informal enforcement actions, or other supervisory actions. Such areas of focus include: governance and risk management functions, including internal audit; management challenge and accountability; liquidity risk management; interest rate risk management; reliance on uninsured deposits and concentrations in the deposit base; and rapid growth, concentrated business models, or novel activities (e.g., FinTech or crypto), regardless of asset size. Other areas of focus or expected change for immediate consideration include:

  • Developing a “culture that empowers supervisors to act in the face of uncertainty” and improves the “speed, force, and agility of supervision.” Vice Chair for Supervision Barr’s cover letter states this directly and the report highlights this in several instances, and the intent is clear: supervisory staff should be empowered to escalate issues and act more quickly and decisively—and not simply through the issuance of more matters requiring attention (“MRAs”) or matters requiring immediate attention (“MRIAs”). This could include empowering supervisory staff to escalate matters and move more quickly to downgrade component or composite ratings or to issue formal or informal enforcement actions or take other actions without the need for “consensus around supervisory judgments.” Institutions with MRAs or MRIAs that have remained open for a protracted period and where expected remediation dates have been extended should expect supervisory staff to act more quickly and decisively, including escalation to the level of enforcement actions, in the absence of meaningful progress or remediation. More frequent targeted exams should also be expected by institutions with open MRAs, MRIAs, or other unresolved findings.
    • Ratings downgrades and formal or informal enforcement actions may have a number of significant collateral consequences to banks and their holding companies and non-bank affiliates, including the ability to engage in financial activities under Section 4(k) of the Bank Holding Company Act, potential increases to deposit insurance assessments, eligibility for primary credit at the Discount Window, and the ability to expand through mergers and acquisitions, including interstate acquisitions or branching.
    • In addition, Vice Chair for Supervision Barr’s cover letter notes “the Federal Reserve generally does not require additional capital or liquidity beyond regulatory requirements for a firm with inadequate capital planning, liquidity risk management, or governance and controls. We need to change that in appropriate cases. … [L]imits on capital distributions or incentive compensation could be appropriate and effective in some cases.” Institutions should begin to assess and better understand these various collateral consequences as part of their routine examination preparation processes.
  • Consequences and impacts of a U.S. debt default. A U.S. debt default would be unprecedented and the macroeconomic effects of such a default are uncertain, but institutions should be preparing for such a scenario, including a prolonged default, and be ready to activate contingency plans if negotiations stall or deteriorate. There are several issues that immediately come to mind and, although there is no precedent, prior discussions included in the minutes of Federal Open Market Committee (“FOMC”) meetings from August 2011 and October 2013 should inform current expectations.
    • First, in August 2011 and October 2013, the FOMC suggested that Federal Reserve operations should treat defaulted Treasury securities or Treasury securities with delayed payments in the same manner as non-defaulted securities in open market operations and at the Discount Window, but with defaulted securities valued at their own potentially reduced market prices.
      • Compare that with the recently announced Bank Term Funding Program, under which collateral valuation is 100% of par value regardless of the current market value of the collateral. For Discount Window borrowings, collateral is traditionally valued at a fair market value estimate; however, as of March 15, 2023, the Federal Reserve Banks have been lending at par value for collateral that is eligible for the Bank Term Funding Program, including Treasury securities, agency debt, and agency mortgage-backed securities.[2]
      • Relatedly, institutions are reminded to test their Discount Window and Federal Home Loan Bank borrowing capacity and ensure that all collateral and related documentation are in order and technical processes in place (and tested) to ensure immediate and timely access to those contingent sources of funding. The Bank Term Funding Program also remains open and available to financial institutions that already have Discount Window borrowing documentation under the Federal Reserve Banks’ Operating Circular No. 10 (Lending). Although the Dodd-Frank Act requires the Federal Reserve to publish information on individual discount window borrowers and transactions, that information is published on a two-year lag.
    • Second, in August 2011 and October 2013, the federal financial regulatory agencies were prepared to issue interagency guidance covering certain regulatory and supervisory issues—which we expect could be refreshed in the coming weeks. The 2011 and 2013 draft interagency guidance intended to clarify that:
      • There would be no change in the risk-based capital treatment (i.e., no change in risk weighting) of Treasury securities or other securities issued or guaranteed by the U.S. government or its agencies, as well as U.S. government-sponsored enterprises, for which a payment had been missed. Examiners would not adversely classify or criticize those securities, and their treatment under other regulations (e.g., Regulation W) would be unaffected.
      • Institutions that experience balance sheet growth from unusually large deposit inflows driven primarily by money market funds moving out of Treasury securities into cash or holding additional cash as contingency, or draws on existing lines of credit, which could result in a temporary decline in regulatory capital ratios, were encouraged to contact their regulators to address the impacts to regulatory capital ratios. In 2023, the federal banking agencies should be expected to provide some relief around the supplementary leverage ratio and Tier 1 leverage ratio should institutions be at risk of breaching prompt corrective action.
    • Third, in August 2011 and October 2013, the Department of the Treasury was planning to prioritize interest and principal payments, which, if implemented in 2023, could eliminate the need to plan for scenarios in which defaulted securities are trading in the market.
  • Transition periods and “pulling forward” forward large bank standards by applying them to smaller banks. Institutions that are growing in size and transitioning supervisory categories tied to relevant asset thresholds (e.g., $100 billion or $250 billion in total consolidated assets) should be prepared to adhere to the enhanced prudential standards of the next supervisory category, including on a pro forma An inability to demonstrate adherence to the next supervisory category’s enhanced prudential standards could slow growth, either through prolonged merger application review and approval timelines or regulators throttling growth through other means. All institutions, regardless of size, should also expect regulators to carefully examine transition periods both for existing rules as well as proposed rules such that enhanced prudential standards, and required compliance therewith, could apply more quickly to any institution that transitions from one supervisory category to the next.
  • Credit risk and commercial real estate (“CRE”) loans. Commercial credit risk has been cited by the agencies as an area of supervisory focus beginning as early as the OCC’s Spring 2021 Semiannual Risk Perspective and was most recently cited in the Federal Reserve’s May 2023 Financial Stability Report survey of risks to financial stability. Institutions with concentrations in CRE loans should expect continued heightened scrutiny of their CRE portfolios, with a focus on risk management and capital levels. Institutions are reminded of the CRE interagency guidance from December 6, 2006, “Concentrations in CRE Lending, Sound Risk Management Practices,” and the October 3, 2009 “Policy Statement on Prudential Commercial Real Estate (CRE) Loan Accommodations and Workouts,” on which the federal banking agencies invited comment in August and September 2022.
  • Incentive compensation. Vice Chair for Supervision Barr’s cover letter notes that regulators “should consider setting tougher minimum standards for incentive compensation programs and ensure banks comply with the standards [regulators] already have.” The report highlights the various interagency guidance on executive compensation practices but only briefly notes that the Federal Reserve and five other federal financial regulatory agencies have not yet issued a final rule implementing Section 956 of the Dodd-Frank Act, which requires the regulators to issue rules prohibiting types and features of incentive compensation arrangements that encourage inappropriate risk-taking at covered financial institutions (i) by providing excessive compensation, fees, or benefits or (ii) that could lead to material financial loss. Although not highlighted by Barr in his cover letter as an initiative already in progress, incentive compensation arrangements may become an area of interest through the supervisory process and future proposed rulemakings remain a possibility.
  • Operational resilience and cybersecurity. Though unrelated to the reports and the expected response (and certainly never suggested as a root cause of any failure), cybersecurity remains a point that is always worthy of highlighting because the potential impact to operational risk from cybersecurity threats remains a supervisory focus in an increasingly digital world and an environment where cybersecurity risks are ever-increasing. Cybersecurity will always remain an area of supervisory focus and institutions should be mindful that any failures to address supervisory concerns related to cybersecurity may result more quickly in formal or informal supervisory responses.

IV. Implications for Bank Partners

FinTechs that partner with banks to deliver regulated financial services should expect additional scrutiny from both their bank partners and their bank partners’ regulators. Although these partnerships can take different forms—some with FinTechs positioned as clients of the bank and others with FinTechs acting as a program manager (i.e., third-party service provider) to the bank—FinTechs should be prepared for enhanced due diligence and, as importantly, potential disruptions.

  • Accounting for increasingly agile regulators. As federal or state supervisory functions are empowered to move more quickly to ratings downgrades or formal or informal enforcement or other actions to enforce supervisory expectations, any actions could have adverse effects on those FinTechs, which may create disruptions in the delivery of services to end-users. This dependence on bank partnerships reinforces the need for FinTechs to develop robust business continuity plans that provide for necessary diversification of bank partners and, in the course of negotiating such relationships, ensure sufficient contractual flexibility exists to adopt necessary redundancies. In addition, FinTechs must also remain cognizant of the federal and state bank regulatory agencies’ authority to examine and regulate bank service providers, which may give rise to regulatory criticism more tailored to the FinTech relationship.
  • Clear disclosure of bank services. To the extent that FinTechs are marketing products and services enabled by banks, regulators are more apt to scrutinize terms of service, marketing materials, and related disclosures to assess the allocation of roles and responsibilities between the bank and the FinTech. For those products that potentially implicate FDIC insurance, the FDIC will review for compliance with the FDIC’s 2022 final rule regarding advertising or other representations about FDIC deposit insurance (12 C.F.R. Part 328, Subpart B). To ensure compliance, banks and FinTechs should, at a minimum, ensure subject materials: (a) clearly disclose that the FinTech offering the service is not an insured bank; (b) identify the insured bank(s) where any customer funds may be held on deposit; and (c) communicate that non-deposit products are not FDIC-insured products and may lose value.
  • Qualifications for FDIC “pass-through” deposit insurance. FinTechs that partner with banks also should refresh on FDIC regulations (12 C.F.R. §§ 330.5 and 330.7) and related guidance for “pass-through” deposit insurance, including recordkeeping and other requirements, to ensure compliance therewith. This should include re-examining program agreements with bank partners to ensure the proper mechanics are in place to enable the respective parties to comply with those requirements. Requirements for pass-through deposit insurance coverage include:
    • Funds must be owned by the principal and not the third party who established the deposit account and placed the funds (i.e., the fiduciary, custodian, or agent who is placing the funds);
    • The bank’s account records must indicate the agency nature of the account;
    • The records of the bank, the fiduciary, custodian, or agent, or a third party must indicate both the principals’ identities as well as their ownership interest in the deposit; and
    • Deposit terms (i.e., the interest rate and maturity date) for accounts opened at the bank must match the terms the third-party agent offers the customer (if the terms do not match, the fiduciary, agent, or custodian might be deemed to be the legal owner of the funds by the FDIC; a fiduciary, custodian, or agent may retain a portion of the interest (as the third party’s fee) without precluding pass-through deposit insurance coverage).

Like banks, their partners find themselves navigating an increasingly complex regulatory environment. While the regulatory expectations are not new, the renewed focus of banking regulators requires both agility and vigilance of all concerned.

V. Conclusions

A key takeaway not expressly cited in the reports is that perceived complacency in upholding risk management obligations will result in the regulatory framework reverting to and aligning more closely with the fundamental risk management principles codified in the Dodd-Frank Act, to the extent not limited by or inconsistent with legislative changes made under EGRRCPA. Large banks should expect a number of proposed rulemakings to follow these events, as laid out in Vice Chair for Supervision Barr’s cover letter to the Federal Reserve’s report. Notwithstanding regulators’ desire to move quickly, because of the amount of time to effect proposed rule changes and to implement final rules, together with any applicable phase-in periods, large banks should anticipate certain proposals may not be effective for several years. On the other hand, banks of all sizes should expect that additional oversight and supervision will ratchet up quickly, with increased scrutiny on boards of directors’ and management’s ability to safely and soundly risk manage their organizations consistent with the fundamental risk management principles codified in the Dodd-Frank Act. Institutions of all sizes should be similarly prepared that any failure, or even perceived failure, to satisfy supervisory expectations may lead more quickly to formal or informal enforcement actions, ratings downgrades, or other consequences to the organization.

FinTechs that partner with banks for the delivery of innovative financial products and services should expect additional scrutiny from both their bank partners and from relevant regulators. Moreover, if regulators are empowered to move more quickly to ratings downgrades or formal or informal enforcement or other actions to reinforce supervisory expectations, these actions could adversely impact those partners and/or their ability to offer products and services with their existing bank partners.


[1]   Michael S. Barr, “Why Bank Capital Matters” (speech at the American Enterprise Institute, Washington D.C., Dec. 1, 2022, available at:

[2]   See “Collateral Valuation,” available at:

Gibson Dunn’s Distressed Banks Resource Center provides resources and regular updates to our clients. Please check the Resource Center for the latest developments.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please feel free to contact the Gibson Dunn lawyer with whom you usually work, any member of Gibson Dunn’s Global Financial Regulatory, Financial Institutions or FinTech and Digital Assets practice groups, or the firm’s *** Distressed Bank Working Group, or the following authors:

Jason J. Cabral – New York (+1 212-351-6267, [email protected])

Sara K. Weed – Washington, D.C. (+1 202-955-8507, [email protected])

Ed Batts – Palo Alto (+1 650-849-5392, [email protected])

Jin Hee Kim – New York (+1 212-351-5371, [email protected])

© 2023 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.