Out-Law / Your Daily Need-To-Know

Banks subject to UK disclosures on security and outage incidents

Out-Law News | 22 Aug 2018 | 11:52 am | 1 min. read

Rules requiring banks to publically disclose how often they have had to report major operational and security incidents have taken effect in the UK.

The rules, set by the Financial Conduct Authority (FCA), also require UK banks to publish a range of other standardised information relating to the quality of their service.

The other information they must disclose includes details of how and when services and helplines are available, contact details for help, including for 24 hour helplines, and the published level of complaints made against the firm.

The information must be published by the banks on their websites. The largest UK banks must also make it available through their 'open banking' APIs. Those banks must also publish information on how likely people would be to recommend their bank, as well its online and mobile banking, branch and overdraft services, to friends, relatives or other businesses. The FCA has published a table containing links to the various disclosures.

According to an analysis of newly published data by Out-Law.com, the FCA received 92 reports of major operational and security incidents experienced across UK banking groups between the beginning of April and end of June this year. The incidents impacted either personal or business current account services, or both.

The analysis factors out duplicate data reported by banks within the same group of companies. It also assumes that where the number of incidents reported by banks for their distinct personal current account services and business current account services are the same, that the incidents that occurred impacted both types of service and are therefore not counted twice.

It is not possible from reading the data to determine whether every incident reported was distinct or impacted on rival services too. According to the information disclosed by the Co-operative Bank, at least one of the incidents it experienced impacted "all payment service providers".

The new information requirements were mandated following a retail banking market investigation carried out by the UK's Competition and Markets Authority (CMA). They form part of a broader package of measures aimed at improving competition in the market.

Adam Land, senior director at the CMA, said: "For the first time, people will now be able to easily compare banks on the quality of the service they provide, and so judge if they’re getting the most for their money or could do better elsewhere. This is one of the many measures – including open banking and overdraft text alerts – that we put in place to make banks work harder for their customers and help people shop around to find the best deals for them."

The Bank of England announced in June that major financial institutions in the UK would face new minimum requirements on the level of service they provide under plans it is drawing up.