Since 2018 the FCA has required financial services organizations to report any major operational and security incidents that occur to create more transparency for regulators and customers. The figures published by the FCA this month show that incidents continue to rise and negatively affect customers.
Of the banks that reported major incidents between July 2018 and June 2019, there were 228 incidents affecting business accounts and 336 affecting personal accounts. These most commonly affected internet banking, with customers facing an average of 10 digital banking shutdowns a month, but telephone and mobile services were also widely affected. Some banks had as many as 33 incidents a year affecting business or personal clients.
How many incidents were caused by change?
While cyber attacks have shown no decrease in volume, it’s operational incidents that are the main culprits for causing outages that affect customers. Although established banks have mature IT change management functions, failed IT changes are a big cause of operational incidents reported to the FCA.
How many banks are still managing complex change events using static manual tools like spreadsheets and PowerPoint where time-critical data is hidden in dark matter?
The increase in incidents suggests an increase in demands and complexity for banks making major IT changes. Clients expect to be able to access their accounts whenever and wherever thanks to internet and mobile banking, making even short outages newsworthy. While banks invest millions to ensure systems are robust and secure and work to minimize disruption when something does go wrong, they all still face outage issues.
The FCA says it is “deeply concerned” at the increasing number of technology outages and the number of ‘operation resilience breaks” has apparently increased 300% year-on-year with no sign of slowing.
Operational incidents don’t have to be an accepted risk of IT change in banks. While banks spend billions on their banking infrastructure, it can still be difficult to manage the automated and human tasks together in an efficient and resilient way, with effective planning, rehearsal implementation and audit. Cutover provides an enterprise platform that orchestrates humans and machines and has helped our clients better manage enterprise change, resilience events, transformation programs and IPOs.