By Matthew Dove
Having boldly claimed that they’re the “UK’s largest fintech” at Fintech Connect in December, Barclays can now add “UK’s glitchiest bank” to its list of designations.
In April last year, the FCA introduced rules which require banks to report details of any security or technical issues which affect their customers’ ability to access payment services.
In the following nine months, Barclays led the pack as it sheepishly assumed responsibility for 41 out of a total of 302 IT-related incidents. Whilst we’d expect nothing less than a market share in excess of 10% from the UK’s largest fintech, they can’t take all the plaudits.
The Award for Most Embarrassing IT Clanger goes to HSBC. Their systems ground to a spectacular halt on the very day in November that a Treasury select committee was discussing the prevalence of online banking foul-ups. The Biggest Whoopsie Award, on the other hand, goes the fine folks at TSB, who inconvenienced 1.9 million of their online customers following the bodged unveiling of their new IT infrastructure. Honourable mentions must also go to Lloyds, who reported 37 outages to payment services, Natwest, who managed 26, the Bank of Scotland and Halifax, who chipped in with 31 each.
In its acceptance speech for the banking equivalent of the Razzie Award for Worst Picture, Barclays said;
“We take IT resilience extremely seriously and we welcome transparency for our customers which is why we report every incident to the regulator, even minor glitches that have minimal impact on customers.”
The award for most embarrassing IT clanger goes to HSBC. Their systems ground to a spectacular halt on the very day in November that a Treasury select committee was discussing the prevalence of online banking foul-ups
Displaying an admirable level of sympathy, Peter Groucutt, managing director of Databarracks, had this to say in reaction;
“Barclays’ response might sound a little defensive, but it does highlight the limitation of how these incidents are reported. Are all outages equal? For example, does TSB’s prolonged outage from its systems upgrade count as just one incident? If so, that makes it difficult to compare performance between banks.”
Concluding on a note which had more than a whiff of shooting-the-messenger about it, Groucutt listed improvements he feels the FCA should consider making (well, I never!).
“The FCA has to strike the balance between the demands on the banks to produce this data and the value it adds. In future reporting our recommendation would be to add:
- Length of outage – the duration of the incident.
- Severity of issue – from minor degraded performance of systems causing delays to complete outages with systems unavailable.
- Number of users/customers affected – to distinguish between incidents that only affect a small number of customers and major incidents that affect all (or a high proportion of) customers.
For the small amount of effort, it would take to produce this data, the benefit to consumers is high and it would be equally valuable for the FCA to keep track of IT outages for the industry. Lastly, we would also suggest reporting the cause of the issue, which could be taken from a small number of broad categories such as ‘cyber incident’, ‘systems upgrade’ or ‘human error’.”