Many were surprised when fintech darling Greensill Capital suddenly collapsed earlier this year.

Buoyed by capital from leading global investors, the company was widely understood to be transforming and revolutionizing the business of supply chain finance with new technology and methods. Beyond the implosion however, the incident teaches several important lessons about risk and fintech.

Diversification Reduces Risk

Nobel Prize winner Harry Markowitz has called diversification “the only free lunch in finance”. Experienced supply chain professionals understand this intuitively.

When an important component or service in a supply chain is sole-sourced (meaning the company is only buying it from a single supplier), fragility increases and resilience declines. Conversely, when an important supplier derives the bulk of its revenue from a single large customer, everybody that works with the supplier is exposed to that single large customer.

Both dynamics figured significantly in Greensill’s collapse.

As early as 2017, documents show that nearly 70% of the company’s net revenue came from entities linked to a single large customer: GFG Alliance. By all accounts, that extreme concentration has persisted in recent years, as problems at GFG Alliance are widely known to have been a catalyst for collapse. Its products also relied on a single large insurer for their viability, not unlike the “sole-source” risk that supply chain managers are typically laser-focused on avoiding.

Either of these two factors alone would represent significant business risk; taken together, they tell the story of a remarkably precarious business situation behind the story and pitch. Getting the information is only half the battle. In this case, although most of the investors and counterparties working with Greensill had identified these risks during due diligence, ultimately few changed their business decisions as a result.

Securitization does not make the underlying assets disappears

Securitization and asset-backed securities played a starring role in the 2008 financial crisis. In the years since, the market has continued to recover—and grow—and today represents a $1.6 trillion market. The structures were central to the business model at Greensill—its obligations were typically securitized and sold to financial institutions in short order.

The theory behind securitization is that, as above, diversification reduces risk. Although this is true, these instruments can nevertheless have substantial risk—especially when the underlying securities are highly correlated. It also happened even in 2008 (many of the homeowners’ defaults were driven by common causes), and played out again with Greensill, where a significant share of the lending was to a small group of related companies.

Here is the most important thing to remember: regardless of the asset class (accounts payables, auto loans, mortgages), you cannot reasonably manage risk without understanding the risk profile of the underlying assets. Put another way: if your security is based on payables from a group of related companies, you had better find some way to understand the financial health and correlations between these businesses.

Unbiased third-party ratings models are vital

Third-party indicators should never replace your own due diligence, but they can play an important role in how you manage and assess risks with your business partners or investments. An unbiased, objective ratings model can offer a different perspective from your own, and thus enrich your overall picture of risk, sometimes affirming your own take, and other times causing you to rethink a piece of your analysis.

History has shown that the traditional issuer-paid, agency ratings models are not up to this task.

The methodologies are opaque and often subjective, and the business model itself means the ratings are inevitably biased toward strong ratings. The demand for Greensill securities was stoked in large part by consistently strong ratings from Moody’s Investor Service, a stamp of approval that too many investors likely accepted without much question.

A modern, unbiased and objective analysis of the underlying assets would have made it clear that the lending was concentrated, and likely would have identified risk much sooner.

The lines between fintech innovators and traditional players can be blurry

It’s undeniable that fintech companies have fundamentally improved how individuals access financial services and enabled businesses to collaborate more effectively. But what is new is not always better. As an industry, fintech includes a vast and varied set of companies, with significant differences both in how innovative they are, and in how risky they are. In some cases, the fancy branding and slick technology are just a shiny new veneer for an old-fashioned business.

But the traditional financial institutions are not quite as old-fashioned as some folks think. They have long recognized both the risks and opportunity associated with fintech, and so they are very active participants within the full range of that market. Sometimes this involvement takes the form of strategic partnerships, direct investments, or internal incubators—and in other cases, traditional firms continue to provide the critical infrastructure behind the scenes.

The circumstances of Greensill’s collapse are a case in point: established traditional asset management firms, brokers, and insurance companies were crucial in providing the capital and services needed for Greensill to succeed. Whether or not Greensill fully understood it, they had substantial third-party risk exposure to these important partners. And when these partners stopped the music, Greensill was no longer viable. Even if a flashy fintech firm is approaching a business problem in a novel and innovative way, it may nevertheless have critical third-party exposure to financial institutions. If you’re exposed to the fintech, you’re exposed (knowingly or not), to the third parties, too.

What lessons are we left with?

Greensill introduced a new look and feel to the old-fashioned business of supply chain finance. Its growth was, without a doubt, incredibly fast. Along the path to that growth, however, it began to accumulate a series of well-known risk factors for companies in the industry. It loaded up on customer concentration, relied heavily on the ability to continually syndicate securitized products, and established critical dependencies on a range of traditional financial institutions.

The lesson at large is that people and companies need to do their homework. When you’re establishing a meaningful relationship with a business—any kind of business—be sure to ask basic questions about what they do, how they earn their profits, and what could place these activities at risk. The most enduring and successful collaborations start from a place of transparency and financial insight.

‍