Home / Opinion / Bank systems are not safe (anymore)

Bank systems are not safe (anymore)

I used to think that we were good at designing systems.  We would phase test them, user test them,
stress test them and more, and eventually we would roll out the system and it would
work.  And life was good.

Then we started getting into a new world of developments
where systems relied on networks, networks relied on servers, servers relied on
mirroring, mirroring relied on programs and programs relied on programmers.

The interlinkage and interdependcies became more and more complex
and clouded, rather than simpler and easier, and the systems started to
fail.  And life was bad.

This is the state of today’s nation, where we see increasing
numbers of systems failures across the markets.

It used to be the odd outage, but most banks and exchanges
reported 99.99999999999% uptime and, if they had that 0.00000000001% downtime,
it was so minimal as not ot be noticed.

This has changed, as I seem to blog more and more about
systems outages.

The last time was after the RBS glitch of summer 2012 –
maybe this is a summertime thing? – and noted a lot of other outages around the
same time:

Since then, there have been several others noted:

and then we saw Goldman Sachs losing $100 million or more due to a systems glitch that occurred last
.  A glitch that could have been as
big as the one that brought down
Knight Capital.

And the real biggie is then Nasdaq’s outage, again.  But is this
Nasdaq or NYSE or something inbetween?

From Reuters today:

Nasdaq, NYSE at odds
on outage cause as SEC seeks facts

Five days after a
glitch that paralyzed Nasdaq-listed stocks for three hours on all U.S. markets,
Nasdaq and NYSE have a different understanding of what happened in the period
preceding and during the blackout, with each side blaming the other for the
outage, according to the sources.

At the center of the
disagreement is the role of Arca, NYSE's fully electronic stock market. The
blackout, which saw trading in about 3,200 Nasdaq-listed stocks such as Apple,
Google and Facebook grind to a halt, was preceded by connectivity problems
between Arca and the Nasdaq-operated Securities Information Processor (SIP).
The SIP consolidates stock prices and distributes them to the market.

What's not clear is
whether the problem at the SIP was caused by issues at Arca or technical flaws
at the processor.

The likelihood is that these things will get worse.

For example, I remember a recent discussion with a bank
about cloud computing, and what would happen if the systems were down?

We would blame the service provider, said the bank.

The service provider would blame their service provider,
says I.

The banks says that’s their problem.

Not if it’s your downtime, says I.

In other words, you can have all the Service Level Agreements
(SLAs) and penalty clauses in the world, but the world does not work the way
you think anymore.

If the systems are down is it the network, the cloud storage
system, the SaaS, the interconnectivity, the latency, the … the … the … the …

The world of today is incredibly complex, operating on
systems that are interdependent and highly reliant upon each other.

Even when you run your own, you may find the issue is not
your own but your partner’s or your partner’s partner or your partner’s partner’s
partner or  …


Well, it’s obvious isn’t it?


Thanks Dilbert


About Chris M Skinner

Chris M Skinner
Chris Skinner is best known as an independent commentator on the financial markets through his blog, the Finanser.com, as author of the bestselling book Digital Bank, and Chair of the European networking forum the Financial Services Club. He has been voted one of the most influential people in banking by The Financial Brand (as well as one of the best blogs), a FinTech Titan (Next Bank), one of the Fintech Leaders you need to follow (City AM, Deluxe and Jax Finance), as well as one of the Top 40 most influential people in financial technology by the Wall Street Journal’s Financial News. To learn more click here...

Check Also

The real financial plans of the tech titans (#GAFA #BAT)

In my blog yesterday, I talked about the technology titans being liked and potentially trusted …

  • Somewhere along the line uptime and availability got less sexy. Probably at that same point where retail banking was only useful as a way to fund the investment banking division…
    Infrastructure which is utterly critical started to get out sourced and cost effective (ignored).
    There are exceptions and you’re right that complexity has made things much harder. Ultimately though it comes down to fundamentals. Keeping the lights on is expensive but not nearly as expensive as if they go out.
    Vendors who excel in uptime still have a huge advantage in supplying banks. Banks infrastructure has evolved slowly and is so complex I doubt anyone understands it all.
    What we need is to take the approach the tech sector has. Separate out the stack. Build a tcp ip protocol for banking. Let the protocols manage the basics and build out a programmable top layer for developers.
    Of course it’s a pipe dream to think banks would ever collaborate in such a forward thinking, long term investment that won’t show on the balance sheet in any obvious way for years, if at all.
    Still. I think there is a competitive advantage to be had for those who get it right.

  • I think there are some interesting juxtapositions here that confuse the issue. When people say banks are safe, to me it means that the money is there. Issues of bank safety arise when we talk about depositor guarantees, Cyprus, etc.
    When downtime happens, that’s an issue of access. It is a marketing concern to the banks, of course. But only when we get to the point of, for example, the ATMs shutting down, as was feared in the post-Lehman failure, is there a real issue of interest to the public.
    Also, when a trade goes haywire, the trader can lose a bundle. E.g., GS. But again this is not an issue of bank safety, but of banks being involved in trading.
    As long as depositor funds are safe, who cares? As long as banks aren’t trading with those funds, no problem. And as long as banks aren’t doing securitization, then banking remains banking. Right?