As subtlety goes, I am happy to throw it out of the window this morning (a lack of coffee does this to me). You see, when we get the situation that the guy states that it did not matter whether she was ready or not, mainly because it only costs him $50, regardless what comes (or is that who). You might wonder where this is going, this is not going there, we are talking about banking. It does not matter who you screw and how you screw people over, when ‘she’ is not ready (or willing), it potentially constitutes a crime and you can throw ‘potentially’, as I personally see it straight out of the window. So why are we not getting angry? Why are we confronted with ‘TSB plunges to £107.4m loss as bill for IT chaos reaches £176m‘ (at https://www.theguardian.com/business/2018/jul/27/tsb-plunges-to-107m-loss-as-bill-for-it-chaos-reaches-176m). When we see: “bank has resolved only a third of 135,403 complaints“, why is there not a front page leading with the CPS investigating issues at the TSB? When we are confronted with “The payouts that followed a botched IT transfer from its former parent Lloyds to the new owner, Sabadell, a Spanish bank, in April pushed TSB into a first-half loss of £107.4m, compared with a profit of £108.3m in the same period last year“, we see a dangerous setting and there is no investigation? When we see the Financial Times on June 22nd 2018 (at https://www.ft.com/content/32749936-7561-11e8-aa31-31da4279a601), giving us the “customer of Bank of Scotland last month asked to withdraw £5,000 at her local branch in Leven, north of Edinburgh, the cashier thought the amount was unusual and asked her to speak to the branch manager. The pensioner explained that she needed the cash to pay workmen who had asked if she would like some half-price work on her driveway. Spotting a potential scam, the branch manager called the police, invoking a scheme that came into effect last year dubbed the “banking protocol”. Officers responded immediately and arrested six men at the customers’ house“, so in that case we go all out on 6 men, but we now see a setting where ‘135,403 complaints‘ are a potential issue involving many millions, and we are not looking deeper and setting the limelight on a level of negligence close to unique in banking. So what gives?
This does not come lightly, you see, when you take a scalpel to the quote: “The bank admitted that while it’s mobile app, online and telephone banking services are “much improved”, problems remain. The chief executive, Paul Pester, who defied calls to resign over the handling of the meltdown, said: “We’re making progress in resolving the service problems customers experienced following our IT migration and we will continue to work tirelessly until we have put things right.”“, we get the following:
- The bank admitted that with its mobile app, problems remain.
- The bank admitted that with its online banking services, problems remain.
- The bank admitted that with its telephone banking services, problems remain.
- The chief executive, Paul Pester has been called to resign over the handling of the meltdown.
- We have been currently unable to resolve the service problems customers experienced.
Reread the previous quote and you can see that it is all there.
This setting does not merely impact some parts of the IT setting; it involves failure on the levels of
- Documenting the changes required.
- Verifying the document is accurate and confirmed form the UK and Spanish side
- Presenting the required steps to the board members letting it be scrutinised
- Analysing the migration test run and testing it for the setting of trial version against the live databases
- Doing a small segment live run to test for optional missed failures
- The QA report on the path to see if any issues were missed.
These are merely 6 steps in the most shallow of tests required to see if the changes would hold, yet in all this, with the setting of ‘135,403 complaints‘, there is a clear indication that more than just a few issues were missed.
It gets to be a larger issue with “Savings balances fell by nearly £1bn, while 26,000 account holders switched to other banks. Breaking down the £176m bill, TSB has so far paid £115.8m in direct customer redress, £30.7m to fix “operating defects” and £29.9m in lost income after it waived fees and charges to customers“, when I am confronted with ‘£30.7m to fix “operating defects”‘, we are confronted with a much larger issue than the 6 points show, It implies that the preparation and QA was close to completely missed. Even as we also see the implied £0.02 from TSB Marketing towards the Guardian, the truth of the presented “TSB said it remains one of the most financially secure banks in the UK and despite the highly publicised problems it had attracted 20,000 new customers“, you see, an actual secure bank does not lose £1,000 million, and neither does it stage the setting where 26,000 account holders do the ‘Nintendo Switch’ towards another bank. In addition, there is no verification for the quality of the implied ‘20,000 new customers‘, yet the loss of optional 26,000 loyal account holders might prove to be a much larger loss down the track. That is not given and the Guardian is not giving us those goods here (because we can accept that this loss is for now unknown).
The setting intensifies with “TSB was heavily criticised for its initially slow response to the crisis but has since hired 1,800 people and redeployed 700 staff internally to help stabilise its services“, so not only are people redeployed, 1,800 staff members need to be trained (I have done that for years, so I can already see the additional dangers not shown yet), there will be a learning curve, in addition the added stresses might make the chance of introducing new flaws and errors larger.
Even as TSB is for all settings decently adapt in shifting blame, with “On 22 April 2018 TSB moved from an IT system rented from Lloyds Banking Group to a new IT system provided by Sabis. As TSB outlined to the Treasury select committee in June, from internal investigations it appears that the design of the platform itself is robust but that the deployment on to the technical infrastructure led to many of the problems. TSB and Sabis therefore shifted the focus of the internal investigation towards the testing regime in Sabis and its providers“, the mere fact that a shift like that requires a shadow run of no less than 1 quarter, even if that means hiring 60 people trailing 6,000-10,000 accounts, that would have revealed a lot of the issues. So the evidence we see with ‘the deployment on to the technical infrastructure led to many of the problems‘, the 6 points mentioned earlier, the test runs and the shadow phase would have shown this. Now we have a, what I would personally regard as a setting of corporate negligence. You see, TSB cannot shift the blame, they are part of this and the proper testing was required on both sides. I would never want a CTO who had not been in the depth of the transfer from beginning to end, and if TSB had no proper CTO, continuing should not have been an option.
It gets even worse, when we see the Independent (at https://www.independent.co.uk/news/business/news/tsb-bank-losses-it-fiasco-cost-paul-pester-a8466856.html), who gives us “some reported being able to see other people’s financial details“, it’s a phishing hackers dream to get that far in any bank, for the bank to directly allow the viewing of this is just beyond normal comprehension. So as even the Independent is slightly soft on Paul Pester, they end with “The chief executive will not receive a £2m bonus he was due to collect for successful completion of the integration between TSB and its parent company Sabadell“, which would have been the straw that breaks the camel’s back. You see, the issue is larger than you think, when you consider the additional flaws that were revealed in publications going all the way back to February 2018. The Business Insider gave us the TSB goods on Crypto currency. So consider the IT failure and the setting of: “We don’t block payments for customers wishing to purchase crypto currencies when they use a TSB credit card or debit card, however we continue to monitor the use of crypto currencies and we will review our position on an ongoing basis“, which would have required additional testing on any system moving for one to the other, so additional tests were either not done, or not properly reported on. Now also consider the IBM report mention from June 2018. Here we see (at http://www.cityam.com/287976/ibm-report-suggests-tsb-testing-not-rigorous-enough-before), when we see: “Consultants from IBM told the embattled bank’s board that it had not seen evidence of the kind of testing it would expect of the risky migration process. The meltdown started on 22 April, when TSB had planned to complete a migration of its systems to a new system, away from a platform run by former owner Lloyds Banking Group“, as well as “IBM has not seen evidence of the application of a rigorous set of go-live criteria to prove production readiness,” according to the report, which was created as an update to the TSB board on 29 April, four days after IBM was hired and almost a week after the first signs of problems at the bank. IBM would expect “world class design rigour, test discipline, comprehensive operational proving” for a task of similar complexity and scale, the report said. However, the bank’s testing before the launch may have not given enough evidence to proceed, the report suggested. Previous examples have taken place over a longer time frame, with multiple trials, and did not attempt to migrate the entire customer base simultaneously“.
Now consider that the IBM report was given on April 29th, yet the making of the report suggests that part of this visibility was there as early as March. When you consider these events, how come that the SFO and the CPS is not all over this? It will not matter whether there is a case in the end, their absence is a setting that shows that there is a much larger issue at the banks and TSB might not be alone, but merely the most visible and stupid player.
So even as the TSB hides behind the spokesperson giving us: “The IBM document contained a preliminary work plan with very early hypotheses based on observations to date, that were produced after only three days of engagement with TSB. The content is therefore now very much out of date”, really? My 6-point list took a mere 5 minutes, I am certain that IBM has a lot more than I have, and for the ‘out of date‘ part? 26,000 customers leaving and 135,403 complaints, shows that the issues is a lot larger than a trivialised IBM report.
So when I see: “nor were they a validated view of what went wrong or of the actions that have subsequently been taken. Without this context, this document could be misinterpreted to the detriment of TSB’s customers“, I would like to tell this spokesperson (who seems to not be named anywhere) that ‘actions that have subsequently been taken‘, are actions when it was already too late, they should have been prevented! In addition, with well over one hundred and thirty five thousand complaints, the detriment of TSB customers have been achieved by internal actions alone, the IBM report might merely show how stupid these yet to be presented documented actions have been.
There is one additional part in this, and even as we see it as a sign for some crucifixions on banking levels, yet the given Financial Times in May that gives us ‘TSB turned down help from Lloyds during IT failure‘, with the additional “Lloyds had made an open-ended offer to use its own expertise to help TSB, but TSB declined. TSB has since recruited a team from technology group IBM to help it identify and fix the problems“, we see a path that TSB could validly have taken, yet to not include the one provider with years of experience on the TSB account and system usage seems not too great a decision. In addition, we see this (at https://www.ft.com/content/7159ae84-5798-11e8-b8b2-d6ceb45fa9d0), yet what we equally need to consider is that with “TSB’s new system was unable to cope with the volume of customers when it went live“, we see another failure, something that comes with the preparation before things transfers, the entire data load and bandwidth requirement that the new systems require to have, In my personal view it needs to be the current load +50%, not merely because customers tend to get nervous when ‘a new system‘ comes into play, the fact that there are moments when peaks come play (like Christmas shopping), systems tend to get tested to the max, not in April when no one has anything special in mind. In addition, it seems that TSB is relying again and again on ‘Our teams have continued to work around the clock‘, so how long until those teams get a burnout? The same excuse is reused for months now, so either they have been paying triple rates to staff members, or TSB ends up not even being close to a legal setting where they can walk away from anything. That view is seen in the Guardian the April edition, where we saw “Sabadell was warned in 2015 that its ambitious plan was high risk and that it was likely to cost far more than the £450m Lloyds was contributing to the effort. “It is not overly generous as a budget for that scale of migration,” John Harvie, a director of the global consultancy firm Protiviti, told the Financial Times in July 2015. But the Proteo system was designed in 2000 specifically to handle mergers such as that of TSB into the Spanish group, and Sabadell pressed ahead” that part alone should have been the setting where the board of TSB would have required to be up in arms every step of the way. So who were the board members, and which of them have actual IT, Technology and data quality experience? Is that not the weirdest question to ask when we are confronted with crash issues that should have been clearly identified in the preparation and identification phase of a project like this?
So whilst you are lulled to sleep with: ‘we will continue to work tirelessly until we have put things right‘, continue to think what else a bank could lose, or publicly propagate that impacts your life. In the end, the damage is not over and when we see the imbalance not be resolved, IBM might actually end up advising that for now, the return move towards Lloyd’s will be the only remaining sane act in play. How much more is that going to cost both TSB and Sabadell?
A setting that took a mere 5 minutes to see and I haven’t even had my first cup of coffee yet.
In the end, how ready was the bank? It seems not very ready, not ready at all.