Crisis Preparedness in the Era of Digital Banking
Digital runs, cloud dependence and cross-border deposits are exposing the limits of Europe’s post-2008 prudential framework. A commentary by Simone Boldrini, and Elena Carletti
Digital transformation in banking is challenging the assumptions on which post-2008 prudential rules were calibrated. Events such as the 2023 failure of Silicon Valley Bank (SVB) are posing questions about how regulation, deposit insurance and resolution should be recalibrated for a faster, more cross-border and operationally interdependent system.
At the same time, the adoption of new technologies such as API and clouds increases reliance on a small number of tech providers, thus raising the importance of business continuity and more generally operational risks. These questions are even more pressing in Europe given the lack of a truly integrated market and clear backstop mechanisms.
Bank digitalization has led to the emergence of a new class of banks, operating either as digital lenders or with a business model closer to money market funds, investing deposits predominantly in high-quality liquid assets.
Both archetypes share a funding base for small, cross-border retail deposits. In the EU, a single national license grants access to the entire Union deposit market, increasing the risk of cross-border stress transmission.
Risk implications of banks digitalization
Digitalization lowers banks’ distribution costs and geographic frictions while improving credit assessment and monitoring through new models and big data. However, these benefits come with risks.
Digital depositors tend to be more responsive to rate differentials and shocks, giving rise to a new form of digital runs. Koont, Santos and Zingales (2024) show that, in the United States, digitalization is associated with both higher deposit beta and greater outflows during interest rate hikes.
European evidence is consistent. Giuliana, Panfilo and Peltonen (2025) document larger deposit fluctuations at more digitalised euro-area banks during the recent tightening cycle. Finally, Fascione et al. (2025) find that online banking modestly amplifies extreme outflows .
In addition, concentration in a few cloud providers creates system-wide single points of failure, while APIs and internet banking expand the cyber-attack surface. The Digital Operational Resilience Act (DORA) moves in the right direction on third-party oversight but may underestimate systemic implications.
SVB rewrote the textbook on bank runs
The clearest example of the speed problem associated with digital runs was SVB. On 9 March 2023 more than $40 billion was withdrawn in roughly eight hours, close to a quarter of the bank’s $166 billion deposit base.
Around 90% of SVB deposits were uninsured, with the top ten depositors holding $13.3 billion. Moreover, depositor coordination on social media, together with crypto exposure, intensified deposit outflows.
The dynamics differed sharply from 2008. The worst single-month outflow rates during the Great Financial Crisis ranged from roughly 6% to 18% of the deposit base SVB lost 24% in a single day, orders of magnitude faster.
Liquidity rules, deposit insurance, and resolution frameworks were calibrated for a slower world.
The Liquidity Coverage Ratio’s 30-day horizon does not capture the possibility of deposit outflows that can occur within hours fueled by low frictions of online apps and instant payments.
More fundamentally, liquidity resilience now depends also on operational readiness: banks should be able to mobilize collateral and access liquidity without delay, for instance via collateral pre-positioning at central banks.
In parallel, deposit insurance and resolution frameworks face credibility challenges: protection must be both clear and nearly instantaneous.
At the same time, cross-border digital banking exposes fragmentation in national schemes. A gap that the still-unfinished European Deposit Insurance Scheme (EDIS) is meant to address.
Finally, faster runs also compress resolution timelines, making real-time data on liquidity, deposits and operations a prerequisite.
From financial resilience to operational preparedness
The increase in speed stemming from digitalization requires crisis preparedness to extend beyond capital and liquidity to operational resilience in real time. Liquidity rules need to capture intraday and short-horizon stress, not just a 30-day window.
Moreover, they should be paired with hard operational requirements, for instance mandatory collateral pre-positioning. This could allow banks to access liquidity in hours rather than days.
On the other hand, completing EDIS and shortening payout times toward near-instantaneous access for covered depositors would close the most visible credibility gap in supervision and resolution.
Digitalisation raises the speed, scale, and interconnectedness of banking risk, rendering legacy frameworks less effective. The question is no longer whether recalibration is needed, but whether it will happen proactively or only in response to the next systemic event.
IEP@BU does not express opinions of its own. The opinions expressed in this publication are those of the authors. Any errors or omissions are the responsibility of the authors.
