MPs from the influential Treasury Committee have slammed the “unacceptable” level of IT failures in financial institutions, warning that greater penalties should be exerted on institutions that fail to meet requirements and calling for the UK’s three major regulators – the Financial Conduct Authority, Prudential Regulation Authority, and the Bank of England – to be given more resources to deal with the growing problem.
An increase in the financial levies on banks could be needed to ensure that the regulators are adequately funded, said the committee in a report published today outlining the results of a public enquiry into the concerns. The report also raised concerns around the increased use of third-party providers of cloud services for computing power and data storage, citing them as a key source of systemic risk.
“The consequences of a major operational incident at a large cloud service provider, such as Microsoft, Google or Amazon, could be significant,” noted the report. “There is, therefore, a considerable case for the regulation of these cloud service providers to ensure high standards of operational resilience.”
Guy Warren, CEO of monitoring and analytics software provider ITRS Group, submitted evidence to the enquiry.
“Operational resilience has deteriorated over the last few years as the number of digital channels and volumes of transactions have increased, with very little pause for thought,” he tells RegTech Insight.
“This morning’s announcement from the MP committee is a strong message that banks need to take a step back and put operational resilience at the top of the agenda. The resilience of IT systems no longer falls to the back-office IT team. As the regulator pushes this operational resilience campaign forward, executives at retail banks can expect to be more in the spotlight than ever and be personally accountable for the operational resilience within their organisation.”
