We turn our attention in this week’s IT Hiccups to one of the truly major IT ooftas of the past decade—one that was back in the news this week: the meltdown of the IT systems supporting the RBS banking group. (That group includes NatWest, Northern Ireland’s Ulster Bank, and the Royal Bank of Scotland.) The meltdown began in June 2012 but wasn’t fully resolved until nearly two months later. The collapse kept 17 million of the Group’s customers from accessing their accounts for a week, while thousands of customers at Ulster Bank reported access issues for more than six weeks.
Last week, Sky News reported that the UK’s Financial Conduct Authority (FCA) informed RBS that it was facing record breaking fines in the “tens of millions of pounds” for the malfunction, which was blamed on a faulty software upgrade. In addition, the Sky News story states that the Central Bank of Ireland is looking at imposing fines on Ulster Bank over the same issue. The meltdown has already cost RBS some £175 million in compensation and other corrective costs.
In the wake of another major RBS IT system failure last December, RBS CEO Ross McEwan admitted the bank had neglected its IT infrastructure for decades. Last year, RBS said it would be spending some £450 million to upgrade its IT systems, but that figure was upped to over £1 billion this past June.
According to Sky News, RBS “could receive a discount of up to 30 percent on the proposed penalty if it agrees to settle within the 28-day window under FCA rules.” Seeing how RBS already has admitted that it has been short-changing its IT investiment, it is hard to see why the bank would decide to contest the fine.
In a separate story, Sky News reported that the UK’s Prudential Regulation Authority (PRA), which is part of the Bank of England, has sent a letter to the UK’s biggest banks “demanding” that they improve the resilience of their IT systems. The PRA has given the banks until mid-December to report on what they are doing to ensure their IT systems are robust.
Some wags wondered, however, whether the PRA was going to be conducting a resilience assessment of the Bank of England’s IT systems. That bank suffered a highly embarrassing outage of its own a few weeks ago.
In Other News…
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.