TSB Bank fined £46.65M over risk management failures

TSB Bank has been fined a total of £48,650,000 due to failures in its operational risk management and governance procedures relating back to IT upgrades in April 2018.

The Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) fined TSB after finding its IT systems resulted in customers not being able to access its banking services following its ‘Migration Programme’ experiencing technical failures. 

This resulted in 5.2m customers being affected by the IT disruption as they could not access banking services in-person, online or via the phone app, with some customers affected up until December 2018 for their issues to be resolved. 

Despite TSB paying out £32.7m in redress to customers who were affected by their “ambitious and complex” IT management change, the bank lender’s migration carried a high-level operational risk according to the FCA. 

“The failings in this case were widespread and serious which had a real impact on the day-to-day lives of a significant proportion of TSB’s customers, including those who were vulnerable,” stated Mark Steward, FCA Executive Director of Enforcement and Market Oversight. 

“The firm failed to plan for the IT migration properly, the governance of the project was insufficiently robust and the firm failed to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems.”

Both the FCA and the PRA found TSB to have failed in its control and organisation of its IT migration programme, deeming that the bank should have held tighter operational risk management guidelines pertaining to its IT third-party supplier. 

The FCA handed the bank lender a £29,750,000 fine, along with a £18,900,000 fine from the PRA. TSB agreed to resolve the matter and qualified for a 30% discount of the overall penalty imposed by both regulators.

Sam Woods, Chief Executive Officer of the PRA, commented: “The PRA expects firms to manage their operational resilience as well as their financial resilience. The disruption to continuity of service experienced by TSB during its IT migration fell below the standard we expect banks to meet.”