Most of us today enjoy doing our banking online. We want to be able to get all our banking errands sorted over our devices and do not want to spend hours at a bank. To ensure a smooth flow of all the processes, banks have spent a huge amount to ensure their digital services are able to cope with user demands and to improve them over time.
Compared to other industries, banks and financial services face more regulations and compliance when using technology. As the data they are using is primarily sensitive customer data, securing the data and the services provided is a prerogative for them. Failure to do this can lead to heavy fines from regulators.
Unfortunately, outages and downtime do happen and banks do fall victims to this as well. There have also been banks that have fallen victims to cyber attacks and had their customer’s data stolen. In December 2020, the Reserve Bank of New Zealand was the victim of a cyber attack after their third-party file-sharing application was compromised. The bank estimated that the final cost of the breach response was around NZ$ 3.5 million but did not declare specific details on the data affected due to security reasons.
More recently, according to reports, websites of several Australian banks were offline due to a glitch by an important piece of internet infrastructure. Server-related glitches at Content Delivery Network (CDN) provider Akamai had hampered services at Australian banks. The disruption linked to technical issues at Akamai follows an outage at rival Fastly Inc that affected a number of popular websites in the UK and the US the previous week.
The websites of the central bank, the Commonwealth Bank of Australia, Westpac Banking Corp and Australia and New Zealand Banking Group had begun to come back online by late afternoon after the outage was fixed.
Meanwhile, in Malaysia, RHB Banking Group suffered an issue with sending out e-statements to the wrong customers which were caused by a technical issue on the side of its external service partner. The incident was discovered when customers reported the bank had sent them e-statements that do not belong to them but still could be accessed using their password. The bank has since rectified the issue and sent a follow-up email to customers, advising them not to open the statement.
Over in Singapore, DBS Bank customers flagged a glitch in the bank’s services, with several of them saying they were charged twice for transactions made on credit and debit cards. The bank released a statement saying they are fixing the technical issue that caused the duplicate transactions and has since refunded the affected customers automatically.
Commenting on DBS Bank, Ian Hall, Manager, Client Success for APAC at Synopsys Software Integrity Group said businesses are interconnected like never before and that includes their IT systems and in this case payment card systems. It is probably too early to say where exactly the problem originated from and whether it involves payment processing or a back-end core banking system. Defects (or bugs) in software are incredibly common and most organisations do end up pushing them through into the production systems.
There will be a significant effort placed into making sure the most egregious bugs are weeded out early in the development lifecycle and also that sufficient monitoring is in place to quickly identify, fix and patch a problem. Core banking systems are usually based on older programming languages (e.g. COBOL, FORTRAN) which makes them more difficult to maintain since it may be difficult to find individuals with skills in this area.
“I’m glad to see that as of right now, DBS seems to have identified the problem and based on a message on the internet banking login page have already set a timeline that all refunds will be made by 20th June. However, I think that there will likely be some impact on the bank in terms of their user’s trust. In the past year, thanks to COVID-19, many have moved online for most of their banking needs and some of those people would have been reluctant based on the many scams going around. This will only have added to those individuals’ worries as they rushed to check their bank accounts and overloaded the internet banking site,” explained Ian.
While cybercriminals may not be the main culprit in most of the glitches experienced by banks today, the number of incidents is a clear indication that financial services still have a lot to do in ensuring their systems are able to cope with the increased demand from consumers and newer technologies.