By Huw Jones
LONDON (Reuters) – Regulators made proposals on Thursday to strengthen the ability of banks and payment firms in Britain to recover from disruptions to services within set timeframes.
A parliamentary committee called for changes in October following a string of IT failures at banks, most recently one at TSB that left thousands of customers unable to make payments from their accounts.
The Bank of England and the Financial Conduct Authority have proposed that banks and financial market infrastructure (FMIs) firms like Visa that make payments possible set “impact tolerances” for important services.
This would quantify the maximum level of disruption they would tolerate in terms of time, volume of business or number of customers affected.
A metric based on time alone may be insufficient, the regulators said, taking a more nuanced approach from an earlier discussion paper.
Firms will have to spell out what back up plans they have to stay within these tolerances.
Firms will set their own tolerances but should expect “close supervisory scrutiny and engagement”, the regulators said.
“It is in the public interest that a resilient financial system is able to supply the most important services with minimal interruption even during severe operational events,” FCA Chief Executive Andrew Bailey said in a statement.
The regulators also issued papers on how operational resilience relates to services outsourced by financial firms, such as cloud computing, that can leave them vulnerable to disruptions.
Firms must be certain that important services can recover from a disruption within a set period even when they rely on outsourcing or third party providers for those services, the BoE said.
“Firms and FMIs should use impact tolerances as a planning tool and should assure themselves they are able to remain within them in severe but plausible scenarios,” the BoE said.
(Reporting by Huw Jones; Editing by Christina Fincher)