The Royal Bank of Scotland group (RBS) has apologised for the debacle of June 2012 which saw consumers unable to access their bank accounts for up to 3 weeks due to an unforeseen blow-up of its IT system, in view of the £56m fine it has been slapped with.
The Financial Conduct Authority (FCA) dished out the majority of the fine, £42m, whilst the Bank of England exerted its newly bestowed powers via its freshly established regulatory body, the Prudential Regulation Authority (PRA) which made up the £14m remainder of the penalty.
“The FCA has taken this action against the banks for failing to put in place resilient IT systems which could withstand, or minimise the risk of, IT failuresî: read a statement released by the city watchdog
“The actual cause of the IT incident was a software compatibility problem with the underlying cause being the banks’ failure to put in place adequate systems and controls to identify and manage their exposure to IT risks.
RBS apologised unreservedly for the malfunction, moving to assure the public that those responsible had been held accountable through the slashing of their bonuses, although whether customers of RBS, NatWest and Ulster bank will be appeased by this move by the taxpayer majority-funded bank remains to be seen.
Given the £1bn a year spent on average by RBS on technological advancement, its customers can be forgiven for expecting such catastropheís to be beyond the realms of contemplation. However, RBS has been down in the doldrums frequently in recent times, and just last week it endured a £400m fine for its part in the rigging of foreign markets.
Having already paid over £70m to affected customers in recompense, RBSís chief administration officer, Simon McNamara, declared that RBS had splashed over £500m on plugging leaks to assure that a technicality with such far-reaching consequences does not occur again.
When considering the amount to fine RBS, the PRA took into account a range of factors including the impairment faced by customers in the accessing of their bank accounts, the inability to make or receive payments via their online banking, the inhibition faced by other banks in clearing and the inconvenience suffered by customers of other banks who werenít able to receive payments from affected RBS, Natwest & Ulster Bank account holders.
Andrew Bailey, CEO of the PRA of the Bank of England, said: ìThe severe disruption experienced by RBS, Natwest and Ulster Bank in June and July 2012 revealed a very poor legacy of IT resilience and inadequate management of IT risks. It is crucial that RBS, Natwest and Ulster Bank fix the underlying problems that have been identified to avoid threatening the safety and soundness of the banks.
Sir Philip Hampton, resigning chairman of RBS, said: ìOur IT failure in the summer of 2012 revealed unacceptable weaknesses in our systems and caused significant stress for many of our customers. As I did back then, I again want to apologise to all customers in the UK and Ireland that we let down two and a half years ago.
Tracey McDermott, director of enforcement and financial crime at the FCA said: ìThe problems arose due to failures at many levels within the RBS Group to identify and manage the risks which can flow from disruptive IT incidents and the result was that RBS customers were left exposed to these risks. We expect all firms to focus on how they ensure that they can meet the requirements of their customers when looking at their IT strategies and policies.î
Mr Hampton concluded: ìI am confident that the progress we have made ñ in increasing the resilience of our I.T. systems through the additional investment of hundreds of millions of pounds and the enhancement of our control structures – has made RBS better able to provide the service our customers expect and deserve. I am also pleased that the regulator acknowledged the steps we took at the time to provide redress to anyone who had lost out as a result of our mistakes.î