Treasury Select Committee wants regulators to intervene on operational resilience

On Monday, Britain’s Treasury Select Committee released a hard-hitting report into IT failures at UK banks. People may have missed it due to some Other Thing dominating the headlines …

But this is potentially a big deal for banks, and on the basis that regulation hitting banks now hits credit unions and other community providers later, our sector should pay attention.

The report is called IT Failures in the Financial Services Sector (report here, press release here) and is an investigation into British bank IT failures in recent years. It concludes that the current level of financial services IT failures is unacceptable, and that

  • Regulators must act to improve operational resilience of financial services sector
  • Financial sector levies should increase so regulators can hire experienced staff
  • Regulators must use enforcement powers to ensure failures do not go unpunished
  • There is a strong case for the concentrated cloud services sector to be regulated
  • Firms must manage (technology) change better
  • Firms must resolve customer complaints and award compensation quickly.

Regulatory interest currently has been focused on credit unions’ financial resilience and exposure to conduct risk. If the regulators become more active in the area of operational resilience, many credit unions will need to work hard to demonstrate robust controls over their IT arrangements, core processors in particular. This should be a matter of good business practice, but how confident are you about your credit union’s policy and procedures? One to watch.