The House of Commons Treasury Committee (the Committee) has published letters it has sent to CEOs of the UK's nine largest banks and building societies to request information on the scale and impact of IT failures which have affected their businesses over the last two years.
The Committee has asked the CEOs to respond to a list of questions by 26 February 2025, including the number of instances their services have been unavailable due to IT failures over the last two years, the number of customers that have been affected by each IT outage, the amount of compensation paid to customers due to IT failures over the last two years and a description of the reason for those IT failures.
These requests come as ground-breaking UK and EU regimes to manage the risks posed by third-party service providers to the financial sector start to go live. Later this year, and under these regimes, some ICT service providers will come under direct supervision by the financial services regulators for the first time (for more detail, see this article and Lens post).
We will be watching whether, and how, responses to the Committee's letters will further shape the regulatory approach to operational resilience, which is considered a top regulatory priority. We will also be continuing to advise clients on these developments.
Relevant too will be a consultation expected in H2 2025 on expectations around the management of ICT and cyber resilience risks—particularly as results from the regulators’ 2024 CBEST thematic (which assess the cyber resilience of key financial institutions through security testing) highlighted continued gaps in firms foundational cyber defences.
It is worth reflecting that this is not the Committee's first foray into IT failures in the financial services sector. This is a persistent theme, and amidst an increasingly digital landscape for financial services, it is likely that the quest for operational resilience will only become more intense.
/Passle/5badda5844de890788b571ce/SearchServiceImages/2025-02-06-17-03-20-192-67a4eb584f1402a3d0b92510.jpg)
/Passle/5badda5844de890788b571ce/SearchServiceImages/2025-02-05-17-39-11-081-67a3a23fe818d1b426facffe.jpg)
/Passle/5badda5844de890788b571ce/SearchServiceImages/2025-02-04-19-00-13-708-67a263bd492e357b9e7b56e8.jpg)
/Passle/5badda5844de890788b571ce/SearchServiceImages/2025-02-04-10-00-13-503-67a1e52d2b7d00f4a4b35212.jpg)