At the end of last year The Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) have fined TSB Bank plc (“TSB”) a total of £48.65 million for operational risk management and governance failures, including management of critical third-party outsourcing risks, relating to the bank’s IT upgrade programme back in 2018. Technical failures in TSB’s IT system ultimately resulted in customers being unable to access banking services. Read the full story here.
But what were the key failings and what can in-scope firms do tho avoid similar fines from the regulators?
A significant portion of TSB’s then 5 million customers were affected by the IT migration issues in 2018. During this time, many customers were not able to access the bank's Important Business Services.
Fraudsters also saw an opportunity in the confusion and a number of customers were the victims of scams. Following the incident, TSB paid out £33 million in redress to its customers.
The key issues from the migration stem from the following:
- Failure to properly plan for and organise the transition
- Failure to implement sufficiently robust governance to control the transition once live
- Failure to responsibly and effectively manage operational risks arising from critical third-party suppliers
To enquire how our Operational Resilience and Third-Party Risk Management specialists can help your firm, enquire here or book a time with one of our consultants here now