Thursday, 5 July 2012
Bank IT Systems
Question 4: To ask the Minister for Finance his views on the handling of the crisis at Ulster Bank following the IT problem which occurred on 19 June 2012; if he is satisfied with the response of the bank and the Central Bank of Ireland; if he will state the steps that are now planned to ensure that the affair is fully investigated and that the contingency plans of the other banks are rigorously tested; and if he will make a statement on the matter. [32960/12]
I am fully aware of the negative impact that Ulster Bank's technical problems are having on the bank's personal and business banking customers throughout the country. This issue has been ongoing for far too long at this stage and, as I have made clear already, it is essential it is resolved as a matter of absolute priority. From my perspective, it is totally unacceptable that it has taken Ulster Bank so long to solve the technical problems and that customers of the bank have been given mixed messages on when the problems will be resolved. My officials and the Central Bank are getting regular status updates from Ulster Bank and are closely monitoring the situation to ensure it is resolved as quickly as possible. In that respect, the Central Bank has officials on the ground in Ulster Bank to ensure immediate priority is given to the backlog issue and that all customer accounts are brought up to date as soon as possible.
The current focus is to get all transactions processed and, following that, Ulster Bank has said it will commence the process of refunding customers for any interest or fees and charges that have occurred as a result of this incident. The Central Bank has also indicated it will be putting in place a full restitution regime for all persons who have been affected and that it will work with the Irish Credit Bureau to ensure customer ratings are not affected.
The Central Bank met with the Joint Committee on Finance, Public Expenditure and Reform yesterday. The bank's representatives informed the committee it has already begun to scope out the parameters of an investigation into the matter with its UK counterparts. In that respect, the investigation is complicated by the fact that the payment processing system at Ulster Bank is, in fact, outsourced to its parent, the Royal Bank of Scotland, where the technical problems first arose.
All credit institutions are required to have in place contingency and business continuity plans to ensure they have the capacity to operate on an ongoing basis and limit losses in the event of severe business disruption. They are required to adopt policies and processes to evaluate and manage exposure to operational risk, including low-frequency, high-severity events. It is important that the Central Bank satisfies itself independently, as regulator, that these requirements are being met by other credit institutions to avoid similar problems elsewhere.
This has developed into a complete mess over the last two weeks. Yesterday, the Central Bank came before the finance committee and, today, Ulster Bank came before the committee and confirmed that more than 500,000 customers of the bank in Ireland have been directly affected by this debacle. It still has a backlog of 4 million transactions to clear and its latest update, as the Minister knows, is that by the week beginning 16 July it hopes the vast majority of customers will have a normal service. Therefore, four weeks after the incident first occurred, not all customers will have full access to normal banking services. It is completely unacceptable and a scandal.
From a regulatory point of view, one issue that arose during the course of the hearing yesterday was that the Central Bank confirmed it does not have the IT expertise to go in and interrogate the IT systems in the banks. In its own words, the Central Bank "has instructed all banks ... to review their contingency plans and to formally reconfirm that a robust recovery capability is in place." Essentially, the Central Bank is asking the banks to review their own plans and systems and confirm that they think everything is in order. That is the type of regulatory approach that contributed to the mess we got into and it needs to change. There needs to be far more active engagement. The Central Bank should be arranging for teams to go into the banks and actually test the systems instead of relying on what the banks are telling it.
Perhaps the Deputy is right. Certainly, I would agree with him that this was an absolute disaster and it has been extremely badly handled by Ulster Bank and by RBS as well. It has taken far too long. Deadlines that were solemnly given have been broken time and again over the last two weeks.
What the Deputy is suggesting is that the Central Bank should have a unit that duplicates the IT expertise of the banks. There is only so far we can go. I do not think we need literally hundreds of public servants on stand-by waiting to move in when an accident happens once in five years or once in ten years. There is a limit to how far we can go.
The inspectors go to primary schools but there are not enough inspectors to allow them to move in and replace what the teachers inside are doing. There must be a limit to the manner in which we regulate. I would have thought the directive from the Central Bank, whereby it is obliging the banks under law to do an assurance check of their systems and give a guarantee they are able to deal with any eventuality that discontinues business, was appropriate. That is a pretty good step.
We have another problem, of course, with Ulster Bank, which has indicated to us it is moving to regulation by the Bank of England because its parent is a British bank, with a subsidiary in Northern Ireland and trading down here. Therefore, it is still regulated by us but it is changing the legal base of the bank so it will be regulated by the Bank of England. We have to keep that in mind as well.
We have all of the world's top technology companies in Ireland. I am not suggesting the Central Bank hire permanent staff and duplicate the work the banks are doing with their IT systems. However, it can bring in expertise from the private sector on a needs basis, which is what I am suggesting. The expertise is out there. The major risk factor in the Irish banks now is clearly technology. It was lending but that is not now a problem because they are not taking much risk. I am suggesting the Central Bank should go in there and do that work.
At the committee today, the CEO of Ulster Bank, Mr. Brown, had the cheek to say he might accept a bonus for the current year and he refused to rule out that possibility. That is absolutely ridiculous. It is rubbing the noses of its customers in it - customers who have been affected over the last two weeks and will continue to be affected for another number of weeks. Has the Minister a view on this? Would it be appropriate for Mr. Brown and senior management at Ulster Bank to accept a bonus given all that has happened?
There are many problems in banks and, obviously, technology is one problem and lending is another problem. The biggest problem of all is credibility. We cannot believe the banks; we cannot believe what they say. Look at what is happening in the City of London at the moment and one will get examples in nine-foot-high letters of what the key problem is. There is a credibility problem and I hope Ulster Bank and RBS move very quickly to restore credibility because they must be suffering considerable reputational damage. Senior management in those banks then have to accept responsibility, but that is what a board of directors is for.