FCA fines RBS, NatWest and Ulster £42m, PRA issues £14m fine
RBS, NatWest and Ulster Bank have been fined £56 million for IT failures which occured on 8th June 2012. The failure resulted in at least 6.5 million customers being unable to access banking services.
The FCA fined the banks £42m, with the Prudential Regulation Authority issuing a further fine of £14m.
The incident occured due to a software compatibility problem, together with inadquate systems and controls to identify and manage exposure to IT risks.
Over several weeks, starting on the 8th June 2012, customers were unable to access their accounts and obtain accurate account balances from ATMs.
Mortgage payments were missed, customers were left with no money overseas, incorrect credit and debit interest was added to accounts and some organisations were unable to meet payroll commitments or finalise their audited accounts.
Tracey McDermott, director of enforcement and financial crime at the FCA said: ‘Modern banking depends on effective, reliable and resilient IT systems. The Banks’ failures meant millions of customers were unable to carry out the banking transactions which keep businesses and people’s everyday lives moving.
Veeam Software Vice President, Northern Europe, Ian Wells commented: "This fine should come as a stark reminder to businesses of all shapes and sizes: IT has to be always-on and failures are simply not acceptable anymore."
"Although the problems at RBS aren’t unique, they are among the most high profile we’ve seen impacting customers across the world. Organisations should take this as a stark warning to modernise their legacy IT infrastructure to ensure that it can cope with growing demands for uninterrupted, 24/7 availability."
"For instance, whenever vital applications and services are upgraded, the business should be certain that this won’t have drastic effects on the existing IT infrastructure. This means testing, and it means that, if the worst comes to the worst and the upgrade does cause damage when it goes live, the previous good configuration should be instantly recoverable."
"If businesses can’t meet these demands, then the FCA and other bodies will have some busy years ahead of them as society’s demand for always on IT becomes the norm."