Regulators and banks questioned over ‘unacceptably common’ IT breaches
Andrew Tyrie, chairman of the Treasury Committee has written to the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) telling them more work needs to be done to protect consumers from bank IT system failures.
Tyrie said that consumers remain more exposed than necessary to the risks of IT failures, including delays in paying bills and an inability to obtain access to their own money.
“A great deal of work still needs to be done,” he said, “So I have written today to the FCA and the PRA for further assurances that they are getting on with it.”
“The proliferation of remote and online banking, including the use of biometric data for customer identification, may also be increasing the risk of unauthorised access to their accounts,” he added.
With this in mind, having already written to, and received replies from the chief executive officers of RBS and HSBC, Tyrie has now written to Sam Woods, deputy governor of the Bank of England and CEO of the PRA, and Andrew Bailey, chief executive of the FCA.
“Banks continue to suffer failures and breaches of their IT systems, exposing millions of customers to uncertainty, disruption and sometimes distress. We can’t carry on like this. Responsibility for sound IT systems is often lacking at the highest levels of management, and ultimately customers pay the price.”
In January, he wrote to the regulators urging them to take action to ensure that banks improve the resilience and security of their systems and enhance IT expertise at Board level, with a clear understanding of accountability when things go wrong.
However, he said that the regulators themselves also need a clear division of responsibilities to avoid duplication and gaps in their approach to address these problems.