By Alex MacDonald
LONDON--U.K. financial authorities fined Royal Bank of Scotland
Group PLC (RBS) 56 million pounds ($87.8 million) for information
technology failures that meant 6.5 million customers couldn't
access banking services for several weeks during the summer of
2012.
The Financial Conduct Authority said Thursday it fined RBS and
two of its affiliates, National Westminster Bank PLC, or NatWest,
and Ulster Bank Ltd., GBP42 million, while the Prudential
Regulation Authority fined the bank GBP14 million.
The FCA said the bank was fined for failing to put in place
resilient IT systems that could withstand, or minimize the risk of,
IT failures, despite spending over GBP1 billion annually to
maintain IT infrastructure.
RBS has agreed to pay the fines, for which provisions were
already set aside.
"Our IT failure in the summer of 2012 revealed unacceptable
weaknesses in our systems and caused significant stress for many of
our customers. As I did back then, I again want to apologize to all
customers in the U.K. and Ireland that we let down two and a half
years ago," RBS Chairman Philip Hampton said in a statement.
The IT incident was the result of a software compatibility
problem.
Over the course of several weeks, customers couldn't use online
banking facilities to access their accounts or obtain accurate
account balances from ATMs. Customer were also unable to make
timely mortgage payments and were left without cash in foreign
countries.
The bank applied incorrect credit and debit interest to
customers' accounts and produced inaccurate bank statements, while
other organizations were unable to meet their payroll commitments
or finalize their audited accounts.
"The problems arose due to failures at many levels within the
RBS Group to identify and manage the risks which can flow from
disruptive IT incidents," said Tracey McDermott, director of
enforcement and financial crime at the FCA. "We expect all firms to
focus on how they ensure that they can meet the requirements of
their customers when looking at their IT strategies and
policies."
The FCA acknowledged that since the IT Incident in June 2012,
the bank has taken significant steps to address the failings in its
IT systems and controls. RBS spent GBP750 million between 2013 and
2015 to enhance the security and resilience of its IT systems.
Write to Alex MacDonald at alex.macdonald@dowjones.com
Subscribe to WSJ: http://online.wsj.com?mod=djnwires