In March 2023, Silicon Valley Bank collapsed in approximately 36 hours. It was the third-largest bank failure in American history: $209 billion in assets, gone. The post-mortem revealed something that should trouble every risk professional. Interest rate risk had been on SVB's risk register for years. The $91 billion held-to-maturity portfolio was visible to anyone who read the balance sheet. Unrealised losses of $15.2 billion — nearly equal to the bank's $16 billion in total equity — had been building for over a year. The CRO position sat vacant for eight months during the sharpest monetary policy tightening cycle in a generation.[1]

The risk was identified. It was documented. It was on the register. And it still killed the bank.

SVB is not an outlier. It is the pattern. I have spent two decades studying how banks fail, and I have compiled an Industry Loss Database of 179 major bank loss events spanning 30 countries and six decades. The aggregate losses exceed $2.3 trillion. The database covers everything from the S&L crisis through the GFC to SVB and Credit Suisse. And the single most important finding is this: the vast majority of these failures are not failures of risk measurement, hedging, or capital modelling. They are failures of risk identification — the process that is supposed to discover what risks exist, assess whether they are existential, and connect that assessment to governance action.

The same 10 failure modes recur with remarkable consistency across decades, geographies, and institution types. Each generation of bankers discovers them in new asset classes.

The 10 Failure Modes

Not all failure modes are equal. The first five — what I call the lethal five — appear in the overwhelming majority of the largest failures. The remaining five are amplifiers: they rarely destroy a bank alone, but they make everything worse when combined with the first five.

The Lethal Five

1. Concentration Blindness

The failure to identify or act on dangerous concentrations in asset classes, counterparties, funding sources, or business models. Present in 60–70% of the largest failures in the database. This is the single most common precursor to catastrophic bank failure. SVB had $91 billion concentrated in long-duration securities. Anglo Irish Bank had extreme concentration in commercial real estate lending to a small number of developers — costing Irish taxpayers €29.3 billion.[2] Credit Suisse had $20 billion in single-counterparty exposure to Archegos, a family office using total return swaps at 5–8x leverage — resulting in a $5.5 billion loss.[3] Bankia merged seven Spanish savings banks, each with property concentration, and treated the merger as diversification. It was not. It was a larger concentration. The bailout cost €22.4 billion. Northern Rock funded 75% of its balance sheet through wholesale markets — a funding concentration that caused the first UK bank run in 150 years when those markets froze.[4] In every case, the concentration was visible in the data. In no case did the risk identification process surface it as existential.

2. Model Overreliance

Excessive dependence on quantitative models — VaR, credit ratings, stress tests — that systematically underestimate tail risk, creating false confidence that displaces qualitative judgement. LTCM's models estimated $35 million in daily VaR. Its actual single-day loss was $553 million — more than 15 times the model output — because the models assumed stable correlations that collapsed during the Russian crisis.[5] UBS took $37.4 billion in write-downs on structured credit positions where the risk function relied on the same models as the front office, treating super-senior CDO tranches rated AAA as effectively risk-free. AIG wrote $527 billion in credit default swaps priced using models that did not contemplate a national housing decline — the subsequent bailout exceeded $180 billion.[6] When the model becomes the risk identification process, the institution loses the ability to identify risks the model cannot see.

3. Governance Bypass

The circumvention, weakening, or overriding of risk governance structures by commercial interests or senior management. At JPMorgan, the Chief Investment Office was exempted from standard VaR limits. When the VaR model showed breaches, the model was changed — not the position. Loss: $6.2 billion.[7] At Barings, internal audit identified that Nick Leeson controlled both trading and settlement in Singapore. Management did not act. Loss: GBP 827 million. At Credit Suisse, risk managers sought to impose additional margin on Archegos in February 2021 — one month before default. They were prevented from doing so because dynamic margining was deemed against the client relationship's commercial interests. At Lehman Brothers, the CRO was marginalised for raising concerns about leverage, and Repo 105 transactions were used to temporarily remove $50 billion from the balance sheet at quarter-end. The largest bankruptcy in US history followed: $639 billion in assets.

4. Liquidity Illusion

The assumption that assets can be liquidated, funding can be rolled, and markets will remain functional — when liquidity is in fact a fair-weather phenomenon. Northern Rock, Hypo Real Estate (€102 billion in German government guarantees), Dexia (failed twice, 2008 and 2011), the Icelandic banks (combined assets 10x GDP, all three failed in one week), Bear Stearns (collapsed in days as counterparties pulled funding) — all built business models predicated on continuous access to wholesale markets. SVB demonstrated a twenty-first-century variant: $42 billion in deposits withdrawn in a single day, the largest bank run in history, driven by social media and mobile banking at a speed no liquidity stress test had contemplated.

5. Complacency and Normalisation of Deviance

The gradual acceptance of deteriorating conditions as normal, because no losses have occurred recently. This is the enabling condition behind nearly every catastrophic failure. SVB's HTM portfolio grew from manageable to $91 billion without triggering governance intervention — each quarter the risk was present, documented, and not acted upon. Countrywide Financial loosened its underwriting standards incrementally throughout the early 2000s. Each year of rising house prices validated the strategy. Each loosening step was marginal. The cumulative result: over $40 billion in losses for Bank of America after acquisition. At HBOS, Peter Cummings's corporate banking division generated strong returns year after year. When Paul Moore raised concerns in 2004–2005, the business was profitable. His warnings were dismissed as alarmist. He was fired. Losses exceeded GBP 10 billion.[8]

The Five Amplifiers

6. Cultural Suppression

An organisational culture that discourages escalation. Wells Fargo fired 5,300 employees for sales integrity violations but treated each as an individual HR event rather than a systemic risk signal. Employees who reported through the ethics hotline were terminated. The Federal Reserve imposed an asset cap that remained in force for seven years. Cost: $7–8 billion in fines and settlements. At Wirecard, BaFin filed criminal complaints against the Financial Times journalists who reported on the €1.9 billion fraud — the regulator attacked the whistleblowers rather than investigate the company.[9]

7. Correlation Surprise

Hidden correlations between apparently independent risks that emerge only in stress. HSH Nordbank held €30 billion in shipping loans alongside subprime exposure, believing they were diversified. Both collapsed simultaneously during the GFC because the same macroeconomic shock drove both asset classes. Cost: €10 billion in state guarantees plus €3 billion in capital. LTCM's convergence trades assumed low correlations that spiked to near 1.0 during the Russian crisis. During the GFC, 63 events in the database — approximately $1.5 trillion in losses — were connected by the same correlation surprise: housing, structured credit, wholesale funding, and counterparty risk all became correlated simultaneously.

8. Regulatory Arbitrage Failure

Structuring activities to avoid regulatory requirements while leaving the economic risk unchanged. Lehman's Repo 105 transactions moved $50 billion off the balance sheet at quarter-end under a UK GAAP classification that treated them as sales rather than financing. Citigroup's structured investment vehicles held $49 billion in assets off-balance-sheet with no regulatory capital — until the commercial paper markets froze and Citigroup absorbed the assets, suddenly needing capital it did not have. AIG classified its credit default swaps as insurance-like products, avoiding derivative margin and capital rules. When the collateral calls came, there were no reserves.

9. Operational Risk Underestimation

Treating operational failures — fraud, IT breakdowns, control gaps — as low-probability events. Société Générale's Jerome Kerviel accumulated €50 billion in hidden positions while 107 risk alerts went uninvestigated. Loss: €4.9 billion. Knight Capital lost $440 million in 45 minutes from a software deployment error that activated dormant code — a firm with $365 million in equity, effectively destroyed before anyone understood what had happened. Punjab National Bank lost $2 billion over seven years through 13,000 fraudulent SWIFT messages because the messaging system was never integrated with the core banking system.

10. Emerging Risk Blindness

The failure to identify risks outside the institution's historical experience. Wirecard — a fintech with a banking licence and payment-processing structures in Asia that no regulator fully understood — fabricated €1.9 billion in cash balances while short-sellers flagged concerns for five years. Equifax's 147-million-record data breach exploited a known Apache Struts vulnerability that went unpatched for months — total cost: $1.38 billion. SVB's collapse was driven partly by the emerging risk of social-media-accelerated bank runs, a phenomenon no traditional liquidity stress test had modelled.

The Interaction Problem: Why Failures Are Always Multi-Modal

Almost no catastrophic failure involves a single failure mode. The most devastating cases involve three to five modes operating simultaneously, and their interaction is multiplicative, not additive. Governance bypass enables concentration to grow unchecked. Model overreliance prevents anyone from seeing it. Complacency ensures no one questions it. And when the stress comes, correlation surprise and liquidity illusion ensure that everything collapses at once.

Lehman Brothers combined model overreliance (internal models showed adequate capital), governance bypass (the CRO was marginalised, Repo 105 was concealed from the Board), and regulatory arbitrage (off-balance-sheet structuring disguised true leverage). SVB combined concentration blindness (a $91 billion HTM portfolio), complacency (the risk was on the register for years without action), and liquidity illusion ($42 billion withdrawn in a single day). LTCM combined model overreliance ($35 million VaR versus $553 million actual loss), correlation surprise (all convergence trades collapsed simultaneously), and liquidity illusion (positions could not be unwound because every similar fund was unwinding at the same time).[10]

This multi-modal pattern has a structural implication: addressing any single failure mode in isolation is insufficient. A bank can have excellent concentration monitoring and still fail if governance bypass allows the concentration limits to be overridden. It can have strong governance and still fail if model overreliance means no one identifies the risk that needs governing.

The 15-Year Cycle

The database reveals a recurring cycle of approximately 15 years: crisis, regulatory reform, a period of stability that breeds complacency, and then the same failure modes reappearing in new asset classes. The S&L crisis of the 1980s produced Basel I. LTCM and the Asian crisis in 1997–1998 drove the development of Basel II. The GFC in 2007–2009 produced Basel III and Dodd-Frank. SVB and Credit Suisse in 2023 have driven Basel III.1 and CRR III reforms. Each time, concentration blindness and complacency repeat — only the asset class changes. Interest rate risk in the 1980s. Convergence trades in the 1990s. Structured credit in the 2000s. Long-duration government securities and concentrated deposits in the 2020s.

The implication is clear: the regulatory response after each crisis addresses the specific risk that materialised, not the structural failure in the identification process that allowed it to go unaddressed. The failure modes persist because the process that should catch them is never fundamentally rebuilt.

What Good Looks Like

The EON methodology's six-phase process was designed specifically to address these 10 failure modes — not individually, but as an integrated system.

Phase 1 — Foundation Setting forces a forward-looking environmental scan using PESTLE analysis, countering emerging risk blindness and complacency. It requires explicit mapping of the institution's structural vulnerabilities — funding model, business model concentration, counterparty dependencies — before a single risk is identified.

Phase 2 — Dual-Track Identification runs top-down workshops (where senior management identifies strategic risks) and bottom-up templates (where business units identify operational risks) simultaneously, then mandates a reconciliation between the two. That reconciliation is where concentration blindness and cultural suppression are caught — in the gap between what the top sees and what the front line reports. The Delphi method ensures anonymous assessment, preventing groupthink.

Phase 3 — Assessment uses four-dimensional scoring (impact, likelihood, vulnerability, speed of onset) with mandatory data quality ratings on every score. This directly counters model overreliance by forcing acknowledgement of where assessments rest on thin data. An interaction matrix identifies hidden correlations between risks — the structural defence against correlation surprise.

Phases 4 through 6 address the governance and freshness problems. Phase 5 integrates identification directly into ICAAP, ILAAP, Board reporting, and strategic planning — ensuring that identification findings cannot be disconnected from capital, liquidity, and governance decisions. Phase 6 mandates quarterly re-identification with event-driven triggers, preventing the staleness and drift that allowed SVB's risk register to become a compliance artefact while unrealised losses consumed its equity.

What To Do Monday Morning

  1. Map your top 10 risks against the 10 failure modes. For each risk on your register, ask: which failure modes could cause this risk to be missed, underestimated, or ignored? If any of the 10 modes are not represented in your analysis, you have a blind spot.
  2. Test for hidden concentration. Aggregate your exposures across silos — by counterparty, sector, geography, and funding source. Concentration that is invisible within individual business lines often becomes visible only at the enterprise level. If your risk identification process does not aggregate, it cannot see the concentrations that kill banks.
  3. Ask the hard question about your register. For every risk rated medium or above: is this risk on the register because we genuinely assess it each quarter, or because it has always been there? If nothing material on your register has changed in 12 months, something is wrong. The risk landscape has changed. Your register has not.
  4. Run a correlation stress test. Take your top three risks and ask: what happens if all three materialise simultaneously? What are the transmission channels between them? If your stress testing treats each risk independently, you are not testing for the scenario that has actually destroyed banks.
  5. Check your governance response time. Pull the last three material findings from your risk identification process and trace each one: when was it identified, who received it, what action was taken, how long did it take? If any finding was softened, deferred, or absorbed without action between identification and the Board, you have a governance bypass vulnerability — the single most common enabler of catastrophic loss.