RBS

The Financial Conduct Authority (FCA) levied a penalty of £42m, while the Prudential Regulation Authority (PRA) fined the banks a collective £14m.

The banks allegedly failed to put in place adequate systems and controls to identify and manage their exposure to IT risks in June 2012, which affected more than 6.5 million customers in the UK for several weeks.

According to the regulators, the customers were unable to use online banking facilities to access their accounts or obtain accurate account balances from ATMs, and make timely mortgage payments over that period.

The customers in foreign countries were left without cash, while some organisations were unable to meet their payroll commitments or finalize their audited account.

FCA enforcement and financial crime director Tracey McDermott said: "The problems arose due to failures at many levels within the RBS Group to identify and manage the risks which can flow from disruptive IT incidents and the result was that RBS customers were left exposed to these risks."

PRA chief executive officer and Bank of England Prudential Regulation Deputy Governor Andrew Bailey said: "It is crucial that RBS, Natwest and Ulster Bank fix the underlying problems that have been identified to avoid threatening the safety and soundness of the banks."

RBS chief administrative officer Simon McNamara said: "A lot has changed and much has been achieved already.

"Our systems are currently available to customers over 99.9% of the time.

"As a result, by the end of 2015 we will have invested an additional £750m in enhancing the security and resilience of our IT systems."

The banks have agreed to settle at an early stage of the investigation and hence qualified for a 30% Stage 1 discount.

Both of the payments are covered by provisions already made by RBS in 2012, as reported by BBC News.

The 80%-state owned lender has also paid £70.3m in redress to UK customers and £460,000 to individuals and firms who were not customers.


Image: RBS has been fined over failure to identify and manage exposure to IT risks in 2012. Photo: courtesy of Royal Bank of Scotland 2014.