Skip to main content

IT failures in the financial services sector inquiry launched

23 November 2018

The Treasury Committee inquiry will focus on the common causes of operational incidents in the sector, the ways in which consumers lose out as a result of such incidents, and whether regulators have the relevant skills to adequately hold people to account.

As consumers and firms come to rely more heavily on technology, the Treasury Committee is today launching a new inquiry into IT failures in the financial services sector.

The Committee will examine the ability of financial services institutions such as banks to guard against service disruptions and to put things right in the event that disruptions do occur.

The Committee will appoint a Specialist Advisor for this inquiry to provide analysis.

Chair's comments

Commenting on the launch of the inquiry, Rt Hon. Nicky Morgan MP, Chair of the Treasury Committee, said:

“The number of IT failures at banks and other financial institutions in recent years is astonishing. Since becoming Chair of the Committee 16 months ago, there have been problems at Equifax, TSB, Visa, Barclays, Cashplus and RBS, to name a few.

“Millions of customers have been affected by the uncertainty and disruption caused by failures of banking IT systems. Measly apologies and hollow words from financial services institutions will not suffice when consumers aren't able to access their own money and face delays in paying bills.

“As bank branches close and customers are ushered towards online services, the availability of those services is vital.

“The Committee has launched this inquiry to consider the causes and consequences of these failures, and will examine what industry and regulators are doing to promote operational resilience.”

The Committee would welcome evidence on the following topics:

  • The extent to which operational incidents are becoming more frequent, and how the prevalence of such incidents may change in future as consumers and firms come to rely more heavily on technology.
  • The common causes of operational incidents in the financial services sector.
  • The extent to which there exist “single points of failure” and/or other sources of concentration risk in the financial services sector.
  • The incidence of multiple old legacy systems and the nature of their connectivity, and the impact of retrofitting web based/mobile systems to legacy systems.
  • The risks associated with integrating banks/systems, following takeovers and mergers, for example.
  • The quality of relevant technical documentation.
  • The impact of outsourcing on operational resilience.
  • The ways in which consumers typically lose out as a result of operational incidents, including inconvenience and vulnerability to fraud.
  • Examples of best practice with respect to firms' responses to and handling of operational incidents, including approaches to communicating with customers, identifying and addressing the causes of incidents, and handling customer complaints and compensation.
  • What should be learned from the operational incidents witnessed in recent years.
  • The ability of the regulators to ensure firms are adequately guarding against service disruptions.
  • Whether the regulators have the relevant skills to hold appropriate parties to account in the event of significant operational incidents.
  • Approaches to operational resilience in different jurisdictions.
  • The opportunities and risks presented by the application of new technology in the financial services sector with respect to operational resilience.
  • What should be considered an appropriate level of tolerance for operational disruptions.

Submit written evidence

You can submit evidence through our evidence portal, or please get in touch if you have special requirements for submitting evidence. You can contact the Committee via email on or via the telephone on 020 7219 8222.

The Committee would welcome submissions by Friday 18 January 2019.

Further information

Image: iStockphoto