Banks are being urged to improve their IT systems by an influential group of MPs, with Chairman of the Treasury Select Committee Andrew Tyrie saying that "Bank IT systems don’t appear to be up to the job."
Tyrie has written to Andrew Bailey, Deputy Governor of the Bank of England and Chief Executive Officer of the Prudential Regulation Authority (PRA), and Tracey McDermott, Acting Chief Executive of the FCA, having published the correspondence he had from the CEOs of RBS, HSBC, and Barlcays.
In the letters to Bailey and McDermott, Tyrie said he suggested that "the banks need great IT expertise at main Board and subsidiary Board level", that "much greater resources should be put towards modernising managing, and securing banks’ IT infrastructures", and that "legal, regulatory and structural and cultural changes are needed to the way that banks mange their cyber security risks."
Tyrie said that it may be Bailey, as head of the PRA, who is best placed to ensure that banks improve more resilient IT systems, and should regularly report to the Chancellor and Parliament on the issue.
In his letters, the chairman concludes that "until these changes – or something like them – are made, the public will remain more exposed than necessary to the risks of banking failures."
In response to the letter, the FCA said: "IT resilience has been, and will continue to be, a priority area for the FCA. We have just received Andrew Tyrie’s letter and will respond in due course:"
The Bank of England said it too would respond in due course, including on the specific recommendations made around Bailey’s role as head of the PRA.
The publication includes correspondence that has been going on since the summer of 2015 to a variety of high powered City figures.
In a response dated 8th July 2015 to questions around the 2012 RBS IT failure, the bank’s chief executive Ross McEwan said that his organisation has invested "invested £750m to improve our IT systems, significantly enhancing their resilience and stability. Mcewan said that as a result "major and significant notifiable events" had been reduced by a third from 2013 to 2014.
In 2012 RBS was affected by a major IT glitch, and had been subject to a large cyber attack in previous years as well.
Barclays were amongst the other financial institutions also contacted by Tyrie on the back of a cyber attack that affected Barclay’s online banking services on the weekend of 24th October 2015.
In July 2015, Kaspersky Lab found that 46% of internet users were still choosing to use traditional over the counter banking methods, instead of online banking, with 54% saying that it was safer than making online payments.