"These things happen" says NAB CEO after payments system crashes
Whilst he might be right that unexplained incidents do occur with IT systems, what is not expected is for it to take over six days to be able to fix the problem. As NAB starts to investigate the cause of the problem questions need to be asked as how the payments system was designed with a single point of failure, whether there was any backout/recovery in the system and when and whether robust disaster recovery testing had last been carried out.
Many banks for too long have underinvested in their legacy systems, bolted on changes without any reference to the integrity of the overall design and crossed their fingers and hoped that the systems don’t fail. Ironically NAB has recently kicked of a AUS$1bn technology refresh.
The impact for customers of not being able to access their money apart from the monetary implications is one of high levels of emotional stress and a loss of faith in the banking system. Queues were seen to be formed outside banks as customers tried to get their money. Fortunately there wasn’t a run on the bank and the other banks stepped up to assist by waving charges for non-payment and other such actions. But the damage to the banking system was done and it will take some time to repair.
The total impact for NAB, both financial and non-financial will only be known over time.
The processing of payments is the one basic task that banks are expected to perform, flawlessly time after time. Indeed that is the principle reason for banks existing for many consumers and corporations.
As banks around the globe heave a sigh of relief that this hasn’t happened to them, this should prompt many bank CEOs and CIOs to perform an audit on the vulnerability and the recoverability of their payment systems and their ability to respond to such a major incident. Scenario planning and simulation should all play a part in this.
No bank can afford to rest on its laurels; there are lessons to be learnt for all from this incident in Australia.