Royal Bank of Scotland has been fined £56 million for IT failures in 2012 that led to a complete breakdown in its payment processes.
The bank was fined by £14 million by the Prudential Regulation Authority along with Natwest and Ulster Bank, along with a further £42 million by the Financial Conduct Authority. A joint investigation of the banks was considered necessary because the incident impacted upon the objectives of both the PRA and the FCA.
The 2012 systems failure across the three banks, caused by a malfunctioning technology upgrade, left 6.5m customers without access to their accounts and resulted in a backlog of 100m unprocessed payments within only a few days.
The incident in June 2012 directly affected at least 6.5m customers in the UK, 92 per cent of whom were retail clients.
The IT incident had the potential to have an adverse effect on the safety and soundness of RBS, Natwest and Ulster Bank, the PRA said, as it impacted upon the ability of retail and commercial banking customers to access their accounts, prevented customers of other banks to receive payments from Natwest, RBS and Ulster Bank customers. It also prevented the banks from fully participating in clearing, when an efficient clearing system is fundamental to the efficient operation of the financial markets, the regulation authority added.
Disruption to the majority of RBS and Natwest systems lasted until 26 June 2012, and Ulster Bank systems until 10 July 2012. Disruptions to other systems continued into July 2012.
Ultimately, the cause of the IT incident was the failure of the banks to have the proper controls in place to identify and manage exposure to the IT risks within their business.
“The severe disruption experienced by RBS, Natwest and Ulster Bank in June and July 2012 revealed a very poor legacy of IT resilience and inadequate management of IT risks,” said Andrew Bailey, deputy Bank of England governor and chief executive of the PRA.
“It is crucial that RBS, Natwest and Ulster Bank fix the underlying problems that have been identified to avoid threatening the safety and soundness of the banks,” he added.
Banking IT systems are struggling with the influx of activity due to the growth in online banking and introduction of banking apps, as customers demand more frequent access to their accounts. Technology consultants say the problems stem from most banks’ IT systems having been built 30 years ago with new systems “bolted on” to existing ones, resulting in hugely complex IT networks, the Financial Times noted.
Trust in high street banks is at a low after groups of FX traders were caught manipulating foreign exchange rates for personal gain. Last week, RBS was fined £400m by the FCA and the Commodity Futures Trading Commission, a US regulator, for failings in internal controls that allowed this to happen.
A survey of corporate decision makers across Europe finds that chief executives in more than half of the businesses canvassed take responsibility for the issue of cybersecurity.
Regulatory technology - aka RegTech - should become a priority for bankers as regulators increasingly focus on risk data aggregation, argues a white paper from Wolters Kluwer.
Despite significant cost-cutting in recent years, management consultancy McKinsey says the world’s biggest banks need more radical business plans.
With its estimated market capitalisation reduced to US$235bn, Wells Fargo’s current valuation is some US$4bn less than its rival.