Technology outages in UK financial services sector become more frequent, FCA survey shows

Maria Nikolova

The number of incidents reported to the FCA has increased by 138% in the past year.

The UK Financial Conduct Authority (FCA) has earlier today posted the results of a survey dedicated to cyber and technology resilience, with the findings pointing to a rising number of tech outages in the financial services sector.

The survey covered 296 firms and assessed their technology and cyber capabilities. Firms self-assessed their capabilities and the FCA then analyzed the responses for each firm and across sectors.

Cyber-attacks show no sign of decreasing in volume. They accounted for 18% of the operational incidents reported to the FCA between October 2017 and September 2018. Technology outages in the financial services sector are becoming more frequent. The number of such incidents reported to the FCA has increased by 138% in the year to September 2018.

Most firms ranked cyber resilience as their biggest concern. Firms’ responses highlight cyber weaknesses in 3 areas: people, third party management, and protecting their key assets. Nearly 80% of respondents struggle to maintain a view of what information they hold and of their third parties. Firms also noted challenges in identifying and managing their high-risk staff and then educating those employees with access to critical systems or sensitive data, who are more likely to be targeted by cyber criminals.

Under Principle 11, the FCA expects firms to report major technology outages and cyber-attacks to it. Evidence, however, suggests that firms are under reporting and the FCA reminds all firms of their obligations to report.

Regarding detection of cyber-attacks, only the largest firms report that they have automated systems to spot potential cyber-attacks and support their subsequent response. Smaller firms are mainly reliant on manual processes, or have no processes at all.

Change management is the top root cause for issues reported to the FCA in the past year. The regulator notes that there is a disconnect between firms’ self-assessed strength in change management and the FCA analysis of incidents reported to it. This indicates that poor change management caused 20% of incidents reported to the FCA between October 2017 and September 2018.

Third-party failure is ranked second among root causes. Nearly all firms described discussing cyber risk with their third parties. However, only 66% of large firms and 59% of smaller firms understood their third parties’ response and recovery plans. These figures drop to 22% and 19% (respectively) when it comes to explicitly including third parties in their own testing plans.

Key areas of focus that the FCA has identified, such as third party management and change management, will be considered in its supervisory plans for 2019.

Let’s recall that, in July this year, the Bank of England, the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA), presented their joint view on the need for the financial sector to boost its operational resilience. The supervisory authorities envisage that boards and senior management have to assume that individual systems and processes that support business services will be disrupted, and focus on back-up plans, responses and recovery options.

Read this next


US and South Korea seek extradition of Luna founder Do Kwon

Both US and South Korean officials are seeking to extradite Terraform Labs CEO Do Kwon, just hours after he was arrested in Montenegro.

Retail FX

Pepperstone UK doubles profit, client assets in 2022

The London-based entity of Australian FX broker Pepperstone has reported its financials for the fiscal year ending June 30, 2022. The group had outperformed the last year’s flat performance, having doubled revenues and boosted the broker’s bottom line and shareholders’ fortunes.

Institutional FX

CLS FX volume rises to just shy of $2 trillion in February

Foreign exchange settlement provider, CLS Group saw strong volumes in February 2023 as the banking crisis continues to weigh on a world economy that’s yet to fully recover from the Russia-Ukraine war’s shocks.

Digital Assets

Binance restores trading after 2-hour outage

Binance suffered a breakdown on its trading engine that lasted for about two hours, but the premier cryptocurrency exchange finally managed to restore normal operations at around 14:00 UTC.

Digital Assets

Tether earns $700 million in Q1, taking excess reserves to $1.6 billion

Tether chief technology officer Paolo Ardoino said the world’s largest stablecoin issuer expects to earn more than $700 million in the January-Mach quarter, which will be added to the reserve backing its stablecoin (USDT).

Digital Assets

Narwhal Finance Secures $1M in Seed Funding Led by Animoca Ventures

Narwhal Finance received strong support from Animoca Ventures and angel investors in a $1 million seed funding round, reinforcing the company’s vision of providing an accessible platform to all.


SteelEye tries ChatGPT for market surveillance

This capability can be used as a starting point for initiating a surveillance investigation and to standardize workflow processes to boost the throughput and consistency of cases. It is also useful when analyzing communications in foreign languages, as the system returns the above insights in English regardless of the languages being used.

Industry News

SEC charges ex-Morgan Stanley advisor of NBA players after $13m fraud

Darryl Matthew Cohen was arrested this week and is facing three different federal counts of fraud, which could amount to 20 years in prison if convicted, besides the SEC complaint. 

Industry News

AWS FinTech Africa Accelerator launched, applications until April 27, 2023

Founders will be offered tech resources, expert guidance, and a global network of industry leaders, technologists, entrepreneurs, investors, associations, and partners, in order to build their fintech products.