Customer risk assessments are a fact of life in banking. Banks must determine how a new customer will affect its overall risk profile. Most, in my experience, do it in the form of a Q&A form, to be filed with the rest of the customer paperwork. What I see as papering the file.
But let's think about how it could and should be.
It is prudent to determine the risk profile of a customer and how it will impact your bank. Taken alone, it is highly unlikely one customer will impact the bank in a significant way. But grouped together, customers with similar profiles that act similarly within the economy can elevate risk. Think loan concentrations. As a matter of course we measure loan concentrations by loan type, such as construction or non-owner occupied real estate.
And there are red-flag industries that elevate risk, such as check cashing or marijuana businesses.
I have written about banks determining their own well-capitalized by allocating capital to different balance sheet categories based on the bank's perceived risk of those categories. It is a top down approach. But what if this analysis starts at the most granular level... every customer? And the bank uses its customer risk assessment process to determine the amount of capital allocated to that customer?
If built appropriately, it could be a desktop app the lender, branch, or call center employee could complete in front of the customer. See a sample of what I am talking about in the accompanying table.
Multiply this times every customer and every account and you would be able to calculate the capital required to support your balance sheet from the bottom up.
You can integrate ROE hurdles to feed pricing models in order to meet or exceed the hurdle. You can calculate customer profitability in terms of ROE, and create actionable customer tiers, giving platinum service to top tier, active cross-sell to middle tier, and efficient service to lower tier. And when regulators review your customer risk assessment process, and see that it is integrated into your pricing and profit models, capital plan, and strategic plan, trumpets will sound.
Sure, there will be challenges. I'm no compliance or risk expert so I'm not sure what other risk information should be collected on the customer. And what if Joe's year over year profit picture changes, or reality determines that Joe is bringing in bags of cash twice per week. A well designed system could send ticklers to the relationship officer to revisit the customer risk assessment based on the new information.
A disciplined, yet simple design that is integrated into your systems and processes could yield more accurate capital needs based on the sum total risk by each of the bank's customers.
Do you think this is how it should be?