As the latest news confirms, the last week has been a disaster for millions of customers at the Royal Bank of Scotland, Nat West (my bank) and Ulster Bank. Almost all the media attention has been on the adverse impact on so many customers and the efforts of the banks to mitigate these impacts. But we need to ask why this problem occurred and assess the chances of it reoccurring at RBS or other banks or even other organisations. The public owns RBS and has a right to know. All IT managers and staff live in fear of their system going wrong and we need to share experiences and lessons.
All we have been told so far is that the problem occurred because of an upgrade to the banks’ IT system. This seems odd. Upgrades to IT systems are happening all the time; we know that they can cause unexpected problems; so one should test the upgrade on a closed part of the system first to identify and address any adverse impacts. Was this done in this case? If not, why not? If so, why did the upgrade cause such major problems?
At least one report suggests that the problems began last Tuesday night during an upgrade of a key piece of software known as CA-7. This controls the batch processing systems that deal with retail banking transactions. The owner of the CA-7 software is a company called Computer Associates which has declined to say whether CA-7 lay at the heart of the problems. So, could something else be involved – perhaps a virus, or malware, or hacking? We need to know ….