Out-Law / Your Daily Need-To-Know

RBS systems altered to mitigate risk of future IT outages

Out-Law News | 07 May 2014 | 2:18 pm | 2 min. read

The IT systems behind the processing of RBS Group customers' transactions have been split up in an effort to reduce the risk of IT outages in future, the company has announced.

In its most recent financial statement (108-page / 759KB PDF), the company revealed that it has moved from a single system for processing NatWest, Ulster Bank Northern Ireland and Ulster Bank Republic of Ireland customer transactions to three separate systems for each division of its business.

The move follows problems the company encountered in updating customer accounts in 2012 which caused a backlog of transactions the company had to manage.

"To improve the resilience of our IT systems, on 21 March 2014 we moved our existing single batch scheduler for NatWest, Ulster Bank Northern Ireland and Ulster Bank Republic of Ireland onto three dedicated and separate versions (RBS already runs in a separate scheduler environment)," RBS said. "Separating the batch schedulers means that, if a problem occurs with transactions on one of these brands, it will not impact the activity taking place to support the other two, avoiding a repeat of the 2012 system outage."

"This forms part of a wider programme that will help us become a simpler organisation, including investment of around £750 million over a three-year period to improve the safety, security and resilience of our IT systems," it said.

Earlier this year the Financial Conduct Authority (FCA) announced that it, the Bank of England and Prudential Regulation Authority (PRA) would later this year review how banks and building societies are managing the risk of IT outages.

In Singapore, regulator the Infocomm Development Authority (IDA) earlier this week fined three telecom providers in the country after finding that the companies had "not fulfilled their respective obligations" after a fire damaged network cables and caused disruption to services to customer.

SingTel, CityNet and OpenNet all committed to undertakings to improve the resilience of their networks. The IDA found that the companies did not "provide sufficiently resilient telecommunication systems and services, and ... restore services to affected end users as quickly as possible when the service disruptions occurred".

The incident prompted the IDA to conduct a review of the resilience of Singapore's telecoms network infrastructure. The review is ongoing and is not expected to be completed until the latter half of this year.

"This is a very serious service outage of a magnitude that is unprecedented, but more importantly, that could have been avoided," Leong Keng Thai, IDA's deputy chief executive and director-general for telecom said. "With increasing dependency of businesses and consumers on telecommunications, a strong signal must be sent to telecommunication operators that they must take network resilience very seriously, and invest in necessary infrastructure, processes and training to prevent and minimise service outages. IDA will closely monitor the operators' undertaking of the corrective measures and ensure that they are implemented."

"Notwithstanding this incident, there is overall resiliency in Singapore's telecommunication networks and services in the form of multiple operators, networks and technology platforms. Resiliency does not mean that incidents will not happen. An important part of resiliency is to be prepared for incidents and to recover quickly. IDA will continue to review its regulatory frameworks to ensure that telecommunication operators take proactive steps to enhance the resilience of their networks and services. IDA will also take steps to further strengthen the resilience of Singapore's telecommunication networks," he said.