For some time now the European banking sector has been in the firing line for a number of reasons ranging from job cuts, increased regulation, lower profitability and major IT glitches. All of which can potentially lead to brand damage, customer dissatisfaction and fines in some cases from the regulators

The most headlines over the past year have been driven by the system outages that some of the UK’s leading banks, such as Natwest, RBS and Barclays have been experiencing. Already in 2016, HSBC experienced an outage lasting nearly 2 days and effecting its online banking system, preventing its 17 million personal banking customers from accessing their bank account and functions online.

Following the latest glitch from HSBC, leading MPs held a Treasury Select Committee meeting to discuss the need for a major audit that could result in millions of pounds of restructuring costs for Britain’s biggest banks. The industry has been plagued by repeated IT failures which seriously disrupt and undermine the credibility of business and personal banks. MPs are looking to HSBC’s management for answers as to why in the past six months, they have experienced so many glitches in their core IT systems. Regulators should urgently audit major UK banks’ systems to ensure they are fit for purpose, and then require those falling short to invest more heavily in IT. Much like the financial stress tests undertaken in recent years.

The root cause of the problem

The frequency of these failures across the banking sector suggests a systemic weakness in IT systems. With a primary factor being the fact their core systems are based on legacy IT, with some banks running core banking applications on systems that are more than 30 years old. The technology currently in place isn’t going to get any younger, so the situation will only get worse if nothing is done to fix the problem.

Some of the UK’s leading and oldest banks are delivering more and more services to customers, whose expectations of reality have been set by consumer tech. The addition of new payment platforms like contactless and Apple Pay and digital interactions via online and mobile banking is imposing unprecedented volumes on these legacy banking systems. For example, in the ‘old days’ he peak CPU utilisation for bank’s servers was when batch processes were run in the middle of the night during a 4 hour window but in the digital world similar processing peaks are seen during lunch hours in a weekday or even at 10pm at night!

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The string of recent glitches in the UK banking sector, highlights the structural flaws in their business-critical systems, and the level of risk they expose the businesses to. This is now a boardroom issue that the UK financial services regulator has to address since the problem is only getting worse.

A bank’s IT builds up over many years; its software is created by a myriad of different teams and outsourcing vendors, writing in different programming languages on different machines in multiple locations. The systems then become the product of hasty and ill-considered mergers. Problems are inevitable, fixing them can take years and cost a fortune.

The Solution

CAST, whose software quality solutions are designed to prevent such unscheduled IT glitches, predicted last year that the systems which run exchanges as well as those internal to banks, were not robust enough to ensure IT issues did not cause costly business interruptions. Sadly, this has already proved true weeks into the New Year. Therefore, there is an urgent need to measure the software risks banks face on their critical IT applications to help take objective decisions about how IT transformation should take place.

Further factors that banks can take to improve the reliability and security of their code and minimise the risk of becoming a victim of a major software outage include:
– Conducting careful structural testing of the software before deployment
– Transparency between the banks and its vendors, to ensure the appropriate level of software updates and protection is taking place.
– Diligent patching and software updates can often be behind the major IT glitches at banks, so these need to be carefully conducted
– Measure the quality of their software against global standards from CISQ (Consortium for IT software Quality) which measures the four aspects of software including, reliability, security, performance efficiency and maintainability.

CAST believes the financial services industry needs standards based on low cost, automated measures for evaluating software size and structural quality that can be used in controlling the quality, cost and risk of the software that is produced either internally or by outsourcing partners.

This is where CISQ code quality standards can be used to carry out an audit of its applications. Without a benchmark to measure against they are less likely to have an understanding of where the problems are within their system.

CISQ code quality standards can be used to detect critical violations of good coding and architectural practice in software. Initially, there would need to be the measurement against software quality standards at every release, e.g. measure code compliance to secure architecture, and put CISQ software quality measures into contracts with outside developers or software vendors to track established outcomes.

Using such architectural and structural analysis tools in accordance with the CISQ standards allows for non-IT executives and application owners to use this insight to identify which of the applications present the greatest risk to their business or involve the highest cost of ownership. These measures can also be used externally to benchmark service level agreements in their outsourcer agreements with greater accuracy.

Why do we need software quality standards?

Software quality measurement is often in the eye of the beholder, and it can fall victim to the perspective and values of whoever happens to be judging the code. But it should not ,now that there are agreed industry standards. These are designed to develop a common understanding between developers and enterprises of how software systems are analysed, as well as how to detect architectural and coding flaws.

The fact of the matter is that the top management at companies like HSBC don’t seem to understand the complexity of the technology they’re managing and they leave the responsibility for reliability to their development teams. Their developers try to do a good job, but they are also pushed by the business to deliver the digital transformation, the next marketing program, and the next customer service functionality as soon as possible.

At the heart of the issue, neither the developer nor their management have all the information in one place to make informative trade-offs. IT executives think structural issues are technical and not their concern, but it’s the technical issues that account for more than half of software disasters and top management needs to step up to manage these and implement an audit of its applications.