Bank IT failures & cyber attacks set to continue, says FCA

Britain’s financial watchdog has warned that the rapid rise of IT failures and cyber attacks at banks are set to continue as it revealed a spike in tech meltdowns across the sector.

The Financial Conduct Authority revealed that firms reported a 138% increase in technology outages to the regulator in the year to October, as well as an 18% increase in cyber incidents.

In a speech Megan Butler, head of supervision at the FCA, said: “We see no immediate end in sight to the escalation in tech and cyber incidents that are affecting UK financial services.

“All the trends that we’re seeing at the moment suggest an increasing threat to UK customers, and financial markets, from technology outages and cyber attacks.”

She said financial companies are reporting incidents more robustly but suspects underreporting is still an issue.

Ms Butler added that the FCA expects firms to recover and learn from operation disruption, as the “true test of the resilience of UK finance is not the absence of incidents” but “how well incidents are managed”.

The data was complied from an FCA survey on tech and cyber resilience that nearly 300 firms completed between 2017 and 2018.

Ms Butler said: “The FCA is deeply concerned that the number of technology incidents reported to us has increased, with many outages linked to re-platforming and outsourcing failures.

“The most prominent of these is perhaps TSB’s IT migration earlier this year. But we’ve also seen a lot of recent outages caused by relatively small changes, usually made on a weekday evening.”

In April, IT woes left up to 1.9 million people using TSB’s digital and mobile banking locked out of their bank accounts after the bank migrated customer data from former owner Lloyds’ IT system to a new one managed by TSB’s current owner Sabadell.

Recent IT meltdowns at TSB, Barclays, Royal Bank of Scotland and the Visa card network have prompted MPs to launch an inquiry.

The Treasury Select Committee will examine whether banks can prevent any disturbance to services and if they are able to put things right if an IT failure occurs as consumers and firms become increasingly reliant on technology.