Antonio - stock.adobe.com

Treasury Committee launches inquiry into bank IT failures

With IT outages in the financial sector a regular occurrence, the Treasury Committee is investigating the causes and consequences of these failures, and what industry and regulators are doing to promote resilience

The parliamentary Treasury Committee has launched an inquiry to find out why banking IT failures continue.

It will also look at how consumers suffer as a result IT outages, such as the problems suffered by TSB earlier this year, and investigate whether financial services regulators have the skills needed to challenge companies over their IT.

Although banking IT outages have become increasingly regular, the problems experienced by TSB earlier this year have heightened government interest.

TSB’s IT crisis began on 21 April, when it transferred customer accounts from Lloyds Bank systems to its new Proteo4UK core banking system. Customers began to experience serious issues with their mobile and internet banking services following the switch.

The Proteo4UK system was by TSB’s owner, Sabadell, to give the bank the infrastructure required to harness the latest IT and become a challenger to the big high street banks.

At the time  the outage, customers were locked out their accounts and saw money disappear from online accounts. Some were even able to see other customers’ accounts.

Nicky Morgan MP, chair the Treasury Committee, said: “The number IT failures at banks and other financial institutions in recent years is astonishing.

“Millions customers have been affected by the uncertainty and disruption caused by failures banking IT systems. Measly apologies and hollow words from financial services institutions will not suffice when consumers aren’t able to access their own money and face delays in paying bills.”

Morgan said as banks continue to close branches, online and app-based services become even more important and should be more resilient.

“The committee has launched this inquiry to consider the causes and consequences these failures, and will examine what industry and regulators are doing to promote operational resilience,” she said.

The committee is seeking feedback on subjects including the risks associated with integrating banking systems following takeovers and mergers, and the impact retrofitting web-based and mobile services to legacy systems.

Treasury Committee is seeking evidence on these topics

  • The extent to which operational incidents are becoming more frequent, and how the prevalence of such incidents may change in future as consumers and firms come to rely more heavily on technology.
  • The common causes of operational incidents in the financial services sector.
  • The extent to which there exist “single points of failure” and/or other sources of concentration risk in the financial services sector.
  • The incidence of multiple old legacy systems and the nature of their connectivity, and the impact of retrofitting web-based/mobile systems to legacy systems.
  • The risks associated with integrating banks/systems, following takeovers and mergers, for example.
  • The quality of relevant technical documentation.
  • The impact of outsourcing on operational resilience.
  • The ways in which consumers typically lose out as a result of operational incidents, including inconvenience and vulnerability to fraud.
  • Examples of best practice with respect to firms’ responses to and handling of operational incidents, including approaches to communicating with customers, identifying and addressing the causes of incidents, and handling customer complaints and compensation.
  • What should be learned from the operational incidents witnessed in recent years.
  • The ability of the regulators to ensure firms are adequately guarding against service disruptions.
  • Whether the regulators have the relevant skills to hold appropriate parties to account in the event of significant operational incidents.
  • Approaches to operational resilience in different jurisdictions.
  • The opportunities and risks presented by the application of new technology in the financial services sector with respect to operational resilience.
  • What should be considered an appropriate level of tolerance for operational disruptions.

Source: Parliamentary Treasury Committee

Read more on IT for financial services