Feeds

Banking IT cowboys 'need whipping into shape by watchdog'

It's not just dodgy bankers who need a slap

Intelligent flash storage arrays

The technology underpinning the UK's financial services sector needs urgent investment if regulators are to be able to spot potential abuses and prevent future financial crises, an influential report has claimed.

Intellect, the trade association for the UK technology sector, said in its report (62-page/5MB PDF) that banks should be forced by regulators to ensure that systems underpinning their vital functions are fit for purpose.

Investment in "managing and maintain legacy systems" accounted for an estimated "90 per cent of the technology budgets of North American and European financial institutions" resulting in "infrastructure that is inefficient, overly complex and an obstacle for cost-effective business change," it said.

Recent systems failures experienced by UK retail banks demonstrated the "weaknesses of the overall financial system" and the "urgent need to get it back on a proper footing", the report also said.

Ben Wilson, head of Intellect's financial services division said that substandard infrastructure was the "elephant in the room" for government and regulators.

"This infrastructure is the foundation upon which the entire financial system is built and it has been neglected for far too long," he said. "For the past four years, government and regulators have been trying to treat the wounds exposed by the financial crisis with stick plasters. The regulators, and in particular the Financial Policy Committee and the forthcoming Prudential Regulatory Authority, must take the lead on this now - it's not going to sort itself out."

'Banks are willing to spend money on cutting-edge technology that facilitates high frequency trading or reduces the time it takes to process a transaction in the capital markets - where every cut millisecond means more profit - but not on modernising the infrastructure that allows them to deliver better customer services'

Wilson said that without prompt action, the effectiveness of forthcoming reforms both to banking and financial services regulation would be "severely limited". He added that global efforts to increase transparency by standardising data across the financial system would be "undermined" by poor infrastructure.

Financial infrastructure refers to the combination of technology systems and networks that underpin every function carried out by a bank, from processing transactions to assessing loan applications. In its report, Intellect said that mergers and acquisitions, combined with years of lack of investment as a result of a culture of 'short-termism', had had a direct impact on the ability of banks to share information across their "disparate departments and operations", as well as with regulators.

"Banks are willing to spend money on cutting-edge technology that facilitates high frequency trading or reduces the time it takes to process a transaction in the capital markets - where every cut millisecond means more profit - but not on modernising the infrastructure that allows them to deliver better customer services, act as a catalyst for the economy or allow regulators to perform their roles," the group said.

"As the recent Kay Review concluded, it is this short-termism that has played a significant role in banks not acting in the public interest and harming the reputation of the City."

Published last month, the government-commissioned Kay Review said that poorly targeted incentives and public mistrust had helped to create a "culture of short-termism" in the financial markets. Its author, Professor John Kay, made a range of recommendations aimed at restoring "long-term trust" to investor relationships.

Insufficient data and information sharing within banks prevented institutions from having an accurate view of their business as a whole, the report said. As well as preventing them from fully understanding their customers, this "siloing" of information affected the economy, by preventing lending to small businesses due to poor collation and sharing of credit risk data, as well as the knock-on effect of preventing regulators from being able to have a "holistic view" of the banking system.

The solution: a cloud-based system.... Yes really

As a long-term solution, the report suggests that banks move to a "central", cloud-based system for non-competitive elements of their infrastructure. To do so would, it said, require significant reform to existing systems to ensure that change is "neither as costly, complex nor time consuming as it currently is", but would open up opportunities for banks, consumers and the economy as a whole.

"A central utility of shared services ... opens up the possibility of benefits for banks themselves (reduce costs, reduced levels of fraud, better risk management, enhanced [Know Your Customer systems]), for consumers (more responsive banks, demandled service provision) and for the economy as a whole (greater competition in the banking sector, increased access to the banking sector for new entrants, increased stability)," the report said.

In the meantime, there was a "strong argument" for the regulatory authorities to set minimum standards for banks' systems as part of wider minimum standards for infrastructure, it said. It added that, "by luck or design", the recovery and resolution plans currently being put together for major banks touched on some of the important issues, however only specific technology risk standards would be able to ensure an appropriate level of systems assurance.

Large firms were asked to submit recovery plans and resolution packs to the Financial Services Authority (FSA) by the end of June, as part of a pilot exercise aimed at drawing up "living wills" for banks. Recovery plans aim to reduce the risk of failure by requiring banks to identify the actions they will take when a crisis occurs, while resolution packs will assist the authorities in winding down a firm which fails for any reason.

Copyright © 2012, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

Internet Security Threat Report 2014

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.