Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Listen up you bunch of bankers. Here are some pointers for less crap IT

UK regulators hash out cheat sheet to avoid total meltdown

The Bank of England has teamed up with other regulators to offer UK banks a little advice on sorting out their woeful IT systems.

BoE, Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA) have come up with a shared policy summary and consultation to strengthen resilience in the financial sector.

The Old Lady of Threadneedle Street warns that banks and Financial Market Infrastructures (FMIs) are expected to take responsibility for their resilience.

The bank calls for transparency rather than obfuscation: "If disruption occurs firms are expected to communicate clearly, for example providing customers with advice about alternative means of accessing the service." Good luck with that.

The regulators suggest that under the proposals companies and FMIs would be expected to:

  • Identify their important business services that if disrupted could cause harm to consumers or market integrity, threaten the viability of firms or cause instability in the financial system;
  • set impact tolerances for each important business service, which quantify the maximum tolerable level of disruption they would tolerate;
  • identify and document the people, processes, technology, facilities and information that support their important business services; and
  • take actions to be able to remain within their impact tolerances through a range of severe but plausible disruption scenarios.

You might have hoped they'd be doing this already, but given the recent record of UK banks' IT – the latest incident being last week – you would probably be wrong. TSB also had problems last month just after the publication of a damning report into their failures last summer.

The regulators' intervention follows similar criticism from the Treasury Committee.

To complement this announcement, the PRA is opening a consultation on "outsourcing and third-party risk management" to ensure that banks can continue to be confident in the resilience of their services even if outsourced to a cloud provider. The consultation runs until 3 April.

In summer, the Treasury Committee heard about banks' increasing reliance on the big three cloud providers and the potential risk this could bring.

The Bank of England report summary is here. ®

Similar topics

TIP US OFF

Send us news


Other stories you might like