Regulators must force banks to overhaul IT infrastructure

Regulators must force banks to overhaul complex IT infrastructures which risk causing further large-scale system outages, IT trade body Intellect has urged.

The UK’s financial IT infrastructure is no longer fit for purpose and risks damaging the economy by creating more glitches such the recent RBS outage, said the body in its report Biting the bullet – why now is the time to rebuild the foundations of the financial system.

“Banks are willing to spend money on cutting-edge technology that facilitates high-frequency trading or reduces the time it takes to process a transaction in the capital markets – where every cut millisecond means more profit – but not on modernising the infrastructure that allows them to deliver better customer services, act as a catalyst for the economy or allow regulators to perform their roles,” said the report.

This short-termist attitude means banks are currently spending 90% of their IT budgets on managing legacy systems, it said. The findings follow a report from analyst firm JWG Group earlier this year, which said decades of ad hoc technology investment, combined with merger and acquisition activity, has left many financial institutions with disconnected silos of information and duplicative processes.

The body called on the Financial Policy Committee and the forthcoming Prudential Regulatory Authority to take the lead on this issue.

Ben Wilson, head of financial services programmes at Intellect said the issue was the complexity of systems. “Just because systems are old does not necessarily mean they aren’t good – in fact many older ones are bullet-proof. It’s when systems become increasingly complex that the risk of failure goes up.

When systems become more complex the risk of failure goes up

Ben Wilson, head of financial programmes, Intellect

Banks are bringing in the people who built their core systems 30 years ago because they need to understand what is connected to what and how to amend things, he said.

“One of the key issues is that it doesn’t allow banks to have a complete view of their customers, something that, by token, the regulators also can’t see. And from the customer side, poor infrastructure means banks can’t deliver a full level of customer service,” said Wilson.

Over the years, banks have taken the decision not to invest in modernising infrastructure, something which could be down to the board level who don’t understand the importance of technology, he said.

But Wilson said CIOs are also reluctant to embark on lengthy IT modernisation programmes: “Changing anything in their core systems is the banking equivalent of open heart surgery. But the point is the longer you bolt on more systems, the bigger the risk.”

“Recently we’ve heard a lot about RBS, but it’s not the only bank which has experienced systems failures. This has also been happening a lot in Australia, for example.

“Ultimately we will see more glitches, which will become more complex the more unknowns are out there."

He said the cost of modernisation should be weighed against the risks of not doing anything – such as the amount HSBC has paid in fines for money laundering because it did not have a complete picture of customer activity, or the fines RBS was recently forced to pay. 

Wilson cites Deutsche Bank as an example of how IT modernisation can pay off: "It recently spent €1bn in systems renewal, but this year alone attributed €200m in savings as a direct result of the standardisation.”

He said banks could stagger modernisation programmes over a 10-year period to avoid paying costs in one go.