Five million TSB customers were locked out of their accounts after the bank botched an IT upgrade. The incident wasn’t the first banking IT fiasco, and it won’t be the last, says Ben Judge.
TSB experienced a severe IT systems failure that left customers locked out of their accounts and unable to access their money. The bank warned its five million-odd customers to expect some downtime over the weekend of 21 and 22 April as it transferred 1.3 billion records from a system rented from Lloyds, its former parent company, to a new IT platform run by its new owner, Spain’s Banco Sabadell.
By Sunday evening, all seemed to have gone smoothly: executives congratulated themselves on a job well done and Sabadell issued a press release hailing a “new milestone in the history of Banco Sabadell”. “With this migration, Sabadell has proven its technological management capacity, not only in national migrations, but also on an international scale,” said Josep Oliu, the bank’s chairman.
And had it gone smoothly?
Not quite. By Monday morning, it was quite clear that something had gone horribly wrong. Customers were unable to get access to their accounts, check balances, transfer money or withdraw cash. Some were able to get online, only to find they had access to other customers’ account details. Angry patrons bombarded social media and besieged call centres with complaints. Staff, unable to cope with the volume of complaints and unable to resolve queries, were reduced to tears. Problems continued into this week, with many customers still reporting problems.
Why did the transfer need to happen?
TSB was spun out of Lloyds Banking Group on the orders of the European Commission. Lloyds’ receipt of £20bn of state aid after the financial crisis meant it had to divest itself of a portion of its business. After TSB was bought by Sabadell it found itself in the unusual position of using a competitor’s IT systems – and paying for it. Sabadell decided that the best way to deal with it was to create a whole new system, the “Proteo4UK” platform, which would bring “increased operational simplicity”, generate new business opportunities, and allow it to keep pace with the new generation of digital startups.
It’s not yet clear exactly how the meltdown happened when it tried to move over to this, says Lucy Barton in The Daily Telegraph. In the run-up to the switch, “more than 2,000 staff clocked over 80,000 test cases and nine so-called ‘dry runs’ of the system before its launch”, and “no major problem was flagged”.
Are these problems confined to TSB?
No. RBS came a notable cropper in 2012 when it botched an upgrade to its payment-processing system. The problem was blamed on a single inexperienced programmer, who was suspected of wiping vital information during the upgrade. Unions were quick to lay the blame at the door of management, which had outsourced IT jobs to India, where staff were paid just £9,000, compared with £50,000 in the UK. But RBS chief executive Stephen Hester said there was “no evidence” that this particular problem was connected with outsourcing, and that it lay with the company’s main Edinburgh IT centre.
The outage affected 17 million customers of RBS, NatWest and Ulster Bank – most of whom were retail customers – who were unable to obtain account balances from cash machines, use online banking, make mortgage payments or withdraw cash abroad. Salaries weren’t paid, and one customer spent the weekend in prison after RBS failed to process his bail money in time. Most other high-street banks have suffered much smaller malfunctions from time to time.
Why does this keep happening?
Because most modern banking systems are nothing of the sort. The big banks’ systems were created in the 1970s and 1980s, and are now utterly outdated, says consultancy Capgemini. As banks grew, so did the number of systems they needed. Each bespoke system was bolted on to the existing systems, with specialised communication protocols developed to get them to talk to each other. As more and more systems were added, bottlenecks developed.
Lack of documentation and staff able to work in the antiquated computer languages added to the difficulties in solving problems, with attempts to fix things often making them worse. Legacy systems are inefficient, expensive to run, and unable to cope with the demands of a modern bank. “Maintaining and replacing legacy systems is one of the biggest challenges for CIOs across the globe today,” says Mohit Joshi of Infosys in Financier Worldwide. Banks can spend up to 80% of their IT budgets maintaining outdated systems.
So why aren’t they being replaced?
It’s not a simple business, as TSB’s woes show – a major upgrade is expensive, time consuming and quite likely to go wrong. When the Commonwealth Bank of Australia decided to upgrade its system in 2008, says Euromoney, the original project was estimated at $580m over four years.
The final cost was $1.3bn and took five years. Quite frankly, “nobody has the balls to replace legacy systems at the big banks”, says Jean Louis Bravard, an IT consultant who formerly worked at JP Morgan, in Computer Weekly. Banks are run by former traders who may not understand technology, so “no big bank is going to invest huge sums of money” with no immediately obvious return.
Is this a long-term threat to big banks?
Possibly. One of the major selling points behind the new breed of digital challenger banks, including Monzo and Starling (and to a lesser extent, Metro Bank), is that they operate on new systems built for a digital age. Traditional banks rely on inertia and a fear of the unknown to keep their customers. That may not last for ever.