BoE to ensure banks recover quickly from IT troubles

By Huw Jones

LONDON (Reuters) - Britain's major banks will have to meet targets for recovering from cyber attacks and other disruptions to key services, a senior Bank of England official said on Wednesday.

Lyndon Nelson, deputy chief executive of the BoE's Prudential Regulation Authority arm, said banks needed to be resilient to cyber attacks, or IT disruptions like those at British bank TSB , where customers were unable to access their accounts because of computer problems.

He said the BoE's Financial Policy Committee had been considering its "tolerance for disruptions" to key functions in the finance sector.

"As part of this work, it is likely that the FPC will set a minimum level of service provision it expects for the delivery of key economic functions in the event of a severe but plausible operational disruption," Nelson told a conference.

The BoE will publish a discussion paper on operational resilience.

"I expect this to be a substantial body of work, so it is likely that we will ... focus on some key economic functions and key providers," Nelson added.

He said that "tolerances" for IT outages would use a combination of benchmarks, such as time, volume of business, and market share.

Nelson said financial services companies were often at their most vulnerable when embarking on change.

"They often discover too late that weaknesses in their resilience can jeopardize the success of a major project even if those involved believe that they have carried out robust testing," he said.

TSB, owned since 2015 by Spanish bank Sabadell, found that thousands of customers were locked out of their accounts after a botched migration of its computer systems. Some of its customers' accounts were hit by fraud.

"It is not surprising ... that management and boards of firms have been pushing operational resilience ever higher on their agenda," Nelson said.

He said firms would have to test their tolerances and demonstrate to their supervisors that they had concrete measures in place to deliver resilient services.

"And firms need to be able to recover from an operational incident. This requires viable, tested contingency plans for the resumption of critical functions."

(Reporting by Huw Jones; Editing by Catherine Evans and Jane Merriman)

Related News

Trump breaks ice with China's Xi in letter...

Feb 9, 2017

US-USA-TRUMP-CHINA:Trump breaks ice with China's Xi in letter seeking 'constructive' ties

New Zealand central bank shifts focus to external...

Feb 9, 2017

US-NEWZEALAND-CENBANK-ASSISTANTGOV:New Zealand central bank shifts focus to external risks:...

Philippine minister says mine closures in...

Feb 9, 2017

US-PHILIPPINES-MINING:Philippine minister says mine closures in watershed areas non-negotiable

Australian banks face renewed push for intrusive...

Feb 9, 2017

US-AUSTRALIA-BANKS-INQUIRY:Australian banks face renewed push for intrusive inquiry

Pope says 'at peace' confronting Vatican...

Feb 9, 2017

US-POPE-CORRUPTION:Pope says 'at peace' confronting Vatican corruption, sex abuse

Macquarie, ING join Apple Pay in Australia in...

Feb 10, 2017

US-APPLE-AUSTRALIA-BANKS:Macquarie, ING join Apple Pay in Australia in challenge to Big Four

Search
Financial Markets

Sign up now!