TSB fined $59m (£48.65m) due to operational risk management and governance failures

Regulators found that TSB failed to adequately organize and control a 2018 IT migration programme.

The total penalty relates to an IT migration process that took place in April 2018, when TSB updated its IT systems and migrated the data for its corporate and customer services. The move resulted in technical failures causing significant disruption to the continuity of TSB’s banking services, including branch, telephone, online and mobile banking.

All of TSB’s branches and a significant proportion of its 5.2 million customers were affected by the initial issues. It took until December 2018 for TSB to return to business-as-usual. TSB has paid £32.7m ($39.6m) in redress to customers who suffered.

The Financial Conduct Authority (FCA) levied a fine of £29.7m ($36.2.m) and the Prudential Regulation Authority (PRA) imposed a fine of £18.9m ($22.9m)

Outsourcing risks

The FCA cited risk management and governance failures, including management of outsourcing risks, relating to the bank’s April 2018 IT upgrade programme. Technical failures in TSB’s IT system ultimately resulted in customers being unable to access banking services.

“The failings in this case were widespread and serious, which had a real impact on the day-to-day lives of a significant proportion of TSB’s customers, including those who were vulnerable,” said Mark Steward, Executive Director of Enforcement and Market Oversight, FCA.

The FCA called TSB’s IT migration programme “an ambitious and complex IT change management programme carrying a high level of operational risk”.

“The firm failed to plan for the IT migration properly, the governance of the project was insufficiently robust and the firm failed to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems,” said Sam Woods, Deputy Governor for Prudential Regulation and Chief Executive Officer, PRA.