The only real surprise about TSB’s IT disaster this week is that people are still surprised when a retail bank has IT problems.
There are few organisations with a more complex and difficult technology legacy estate than the big banks. For all the online banking sites and mobile banking apps we’ve become accustomed to, these are only modern sticking plasters patched over some of the oldest corporate IT systems in business.
At the heart of most banks you’ll still find a hulking IBM mainframe running software written 20, 30, maybe even 40 years ago, often in programming languages that are so redundant the only people who understand them are retired or quite possibly dead. Cobol is widely used – and is perhaps one of the more modern languages you’d find.
Most of those applications still run as overnight batch processing systems, crunching numbers during the small hours to reconcile all the transactions from the multitude of other systems that feed into them. Your mobile app might show the purchases you made a couple of hours ago – but the master file sitting in the back-end mainframe won’t know a thing about it until that overnight batch run completes.
TSB was forced off the legacy IT of former parent Lloyds Bank only because it was acquired by a Spanish bank, Sabadell. The banking system TSB was migrating onto – a UK version of Sabadell’s in-house Proteo software – was developed in 2000, and that makes it young by banking standards.
Even then, the complexity and scale of the migration floored TSB. There are important questions that need to be answered around contingency planning and the ability to roll back to a stable platform once problems occurred. No doubt we will hear more before long at the inevitable House of Commons select committee inquiry.
But other banks will be looking at TSB and thinking, one day that could be us. The cost of moving from the current patchwork of legacy banking spaghetti to a modern, integrated system would run into the billions of pounds, and be the single biggest risk factor for the entire organisation.
For that reason, banking CEOs and CIOs who rarely stay in post more than three to five years have no desire to be the one who oversees such a high-profile, risky move. And so, the problem perpetuates, handed from one CEO to the next.
But the banks know that the day will come when the cost of doing nothing outweighs the risk of change. TSB needs to be open and transparent about what went wrong, for all of its peers in the industry to learn from its mistakes.