British legislators are putting pressure on the country’s banking sector about IT failures, writing to the CEOs of some of the largest banks to request information.
The Treasury Committee, a cross-party group of bankbench MPs which scrutinise British financial policy, raised the issue after a recent outage at Barclays, which lasted for three days starting 31 January.
This outage coincided with the day many British people received paychecks, and as a result many people faced disruption receiving wages and paying rent, bills and subscriptions. Also significant was the HMRC self-assessment deadline falling on 31 January, with the outage causing problems for many people’s tax self-reporting.
IT outages are nothing new in British finance and payments, however, with several notable ones occurring over the past two years. These are not just limited to banks, with payments processors like Visa and Mastercard experiencing widespread disruption in July last year, in turn impacting retail across the UK.
The Treasury Committee seems to want to gain an understanding of the depth of potential IT issues. Though Barclays appears to have been the first bank to have been contacted due to the recent outage, leadership at eight other banks have also been reached out to.
The CEOs of Allied Irish Bank, Bank of Ireland, Danske, HSBC, Lloyds Banking Group, Nationwide, NatWest and Santander have received email letters, with MPs requesting details about the number of IT failures at each bank and how long each outage lasted for.
Chair of the Treasury Select Committee, Dame Meg Hillier MP, said: “When a bank’s IT system goes down, it can be a real problem for our constituents who were relying on accessing certain services so they can buy food or pay bills.
“For it to happen at a major bank such as Barclays at such a crucial time of year is either bad luck or bad planning. Either way, it’s important to learn what has happened and what will be done about it.
“The rapidly declining number of high street bank branches makes the impact of IT outages even more painful; that’s why I’ve decided to write to some of our biggest banks and building societies.”
Is the EU leading the UK on cyber?
Though not stated by legislators, the recent IT upgrades in the European Union may also be a cause for concern. UK legislators may be evaluating whether or not the UK’s European neighbours have made a head start on the country in the field of IT and cybersecurity.
On 17 January, the final deadline for the EU’s Digital Operational Resilience Act (DORA) came into effect. The Act applies to over 20,000 financial organisations and IT providers throughout the EU, with requirements covering IT risk management, major incident reporting, digital resilience testing and information sharing, among other areas.
“In many ways, DORA is a step by regulators to address the vulnerabilities exposed by the rapid innovation of fintech,” Marios Joannou, Head of Digital Risk and Privacy at payabl., a London-based paytech firm, told Payment Expert the day of DORA’s compliance deadline.
“It signals the end of the “move fast and break things” era that accelerated growth but often left critical resilience gaps, exposing institutions and markets to significant operational risks.”
With the EU and UK moving in parallel on a number of other areas of finance and technology – Open Banking, AI and digital ID to name some of the most notable examples – some legislators may be keen to see Britain match its continental counterparts in the field of cybersecurity and IT.
As the government under PM Keir Starmer and Chancellor of the Exchequer Rachel Reeves has prioritised economic growth as the focal point of its political agenda, and financial services is in turn considered a key part of this, the role IT plays in underpinning UK banking and payments could be critical.
