Faulty Patch Freezes Millions of UK Bank Accounts

frisket writes with news from The Register about ongoing problems for some UK banks: "'RBS and Natwest have failed to register inbound payments for up to three days, customers have reported, leaving people unable to pay for bills, travel and even food. The banks — both owned by RBS Group — have confirmed that technical glitches have left bank accounts displaying the wrong balances and certain services unavailable. There is no fix date available.' Customers of NatWest subsidiary Ulster Bank in Ireland have also been left without banking services. RTE reports that 'the problem had arisen within the systems of parent bank RBOS when an incorrect patch was applied.'"

I always knew

this is how its all going to end.

Solution:

[Cornwallis]

Where are those cleanmypc.com ads when you need them?

Re:Solution:

[virgnarus]

Made in the US. Only for the US. The rest of the world can get its own miracle cure.

Re:Solution:

[Chrisq]

Made in the US. Only for the US. The rest of the world can get its own miracle cure.

And now we can't even get our money to buy it. (This also affects a number of smaller building societies and companies that use RBS to process payments)

Re:Solution:

STOP IT. Do not turn that in to a meme. You are rewarding them for spamming.

Re:Solution:

[justforgetme]

That's why you should always use RBN not RBS for your "Transactions"

</wikitard>

They outsourced their IT dept...

... getting rid of all the expensive people with experience in the mainframe backend system...

Re:They outsourced their IT dept...

http://www.theregister.co.uk/2012/06/22/rbs_natwest_outage_fourth_day/

Re:They outsourced their IT dept...

[noahwh]

This is only interesting if it's true. Could you cite your source?

Re:They outsourced their IT dept...

A later commenter did: http://www.computerweekly.com/news/1280093677/Royal-Bank-of-Scotland-cuts-1000-IT-jobs

Re:They outsourced their IT dept...

This is only interesting if it's true. Could you cite your source?

http://www.computerweekly.com/news/1280093677/Royal-Bank-of-Scotland-cuts-1000-IT-jobs

-A different AC

Re:They outsourced their IT dept...

[kiwimate]

I had the same question, and then saw this post further down, referencing this story from 2010 (which in turn points to another story discussing this as an ongoing strategy). Seems to have validity.

Re:They outsourced their IT dept...

[na1led]

This always happen when IT goes on vacation. I keep telling management "Please call me before doing anything!", I usually get the call after the fact.

Re:They outsourced their IT dept...

Bitter much?

Learn to adapt or consult for the smaller companies that need experienced people to just get the job done and forget the big behemoth politically insane companies. If is your career not theirs. So go on, be bitter.

Re:They outsourced their IT dept...

Parent is in the process of training their replacement and trying to make the best of it.

His soon to be ex-employer is unlikely to last more than half a decade.

Re:They outsourced their IT dept...

So the last one out the door turned out the lights and turned on the virus

Re:They outsourced their IT dept...

... like expensive experienced people are flawless...

Re:They outsourced their IT dept...

[cusco]

"Expensive" experienced people would know all the interdependencies among systems, for a start. The outsourced staff are quite likely to not know that System W has to be brought up before System Q, because System S needs to authenticate with W first before it can provide data to Q.

And how much money do you think they're saving with their outsourced people today?

Re:They outsourced their IT dept...

[PRMan]

A later commenter did: http://www.computerweekly.com/news/1280093677/Royal-Bank-of-Scotland-cuts-1000-IT-jobs

The Unite union says RBS plans to offshore upwards of 500 technology roles to its existing IT operations in the US, India and the Far East.

Re:They outsourced their IT dept...

A later commenter did: http://www.computerweekly.com/news/1280093677/Royal-Bank-of-Scotland-cuts-1000-IT-jobs

A later commenter did: http://www.computerweekly.com/news/1280093677/Royal-Bank-of-Scotland-cuts-1000-IT-jobs

Where are the government in all of this, they should ban off shoring, At a time when our economy needs the money most they are allowing jobs to be cut here and the Indian economy to be boosted by taking our jobs. David Cameron grow some balls and sort this out.

Re:They outsourced their IT dept...

I worked with the rbs guys in India. They were "OK". About as good as I've seen outsourcing wise. Still needed things driven from the uk part though. I think it's less about savings these days and more about enough senior people have put their jobs on the line saying it will work, so it gets pushed even if all the evidence says they should just cut it.

Aargh

I always mess up some mundane detail.

Re:Aargh

[TheSpoom]

This is not a mundane detail, Michael!

it's obvious

[Hognoxious]

They're doing tests on locking down funds transfer & electronic payments systems. This is probably much harder than you'd think, because they're designed to, well, just work. A few weeks ago (5th June, to be precise) a similar thing happened in Belgium. Caused chaos on the railways.

If anyone thinks it isn't a rehearsal for when Greece drops out of the Euro then I've got a nice bridge for sale.

Re:it's obvious

A few weeks ago (5th June, to be precise) a similar thing happened in Belgium. Caused chaos on the railways.

That looks interesting. Would you mind providing links on which we can read more about on that case?

Re:it's obvious

I was just thinking the VERY same thing.

Re:it's obvious

[GNious]

A few weeks ago (5th June, to be precise) a similar thing happened in Belgium. Caused chaos on the railways.

What, SNCB suddenly had trains leave on time?

Re:it's obvious

[petes_PoV]

I've got a nice bridge for sale.

ahh, so you're the guy who bought it! Big of you to own up.

Re:it's obvious

[ColdWetDog]

If anyone thinks it isn't a rehearsal for when Greece drops out of the Euro then I've got a nice bridge for sale.

I'd take you up on that offer except my bank account seems to be locked. However, I have a good friend in a Central African state that has access to many large bank's internal systems. He has generously offered to transfer the funds through his contacts. All he needs is your banking account number and routing data and he will gladly oblige us both.

Simply reply to this communicationl with the appropriate information.

Thanking you in advance.

Re:it's obvious

Do you REALLY need someone to post a link to 'lmgtfy' ?

Re:it's obvious

[Pieroxy]

I honestly don't think you're right. I've worked in enough "brack & mortar" companies that have slowly over time transferred all of their operations and value to IT so that nobody in the company outside of IT clearly knows how the system is supposed to be working.

This would all be well and good if only the management - the very people that ordered the transfer - were aware of it. But no, they still see the value in all the little people doing nothing in their offices. After all, IT is a cost and doesn't bring money in ! Need to cut costs? Lay off those geeks. They serve no purpose.

And all of a sudden, you've lost the only people that keep the entire company afloat.

Because what these people need to realise is that the ONLY people needed in the company are the IT. You can layoff ALL OF THE REST OF THEM and the company will keep on running. Badly, not as efficient, maybe at 10% of its capacity. But the IT people can take over as a cashier, delivery boy, salesmen, etc. Those jobs are complex, if you want to be efficient at them. But anybody can do them badly.

Lay off ALL OF IT. You company dies right there. End of the story. Because nobody else in the company can understand the first thing about IT. They wouldn't even know how to log in the production servers.

They outsourcedtheir IT? Equivalent of selling off the company. They outsourced to some random dudes in some place they cannot even reach? They killed themselves.

Re:it's obvious

[Patch86]

I'd bet on something far more pragmatic. I work for one of their rivals, so I'm sure our systems are broadly comparable.

They've outsourced their mainframe support to an Indian company. They're probably running a similar mainframe set-up to what we are. From the snippets of non-technical fluff that their spokesperson was spouting on Radio 4 yesterday, it sounded like it was their mainframe's daily update programme (which applies changes to customer accounts that have been received in the queue from the mainframe's interfaces with various other systems, such as their BACS/CHAPS/FP systems) that tripped over, apparently when applying a patch to it. That's consistent with them now having a large backlog of payments in and out to work through. It's also consistent with their ATMs still working, seeing as small ATM transactions are dealt with by the Link servers, which then goes on to charge against the customer's account. The cock-up was probably a case of brand new Indian contractors being unfamiliar with the nuances of an ancient set-up.

All guesses obviously, but that's where I'd put my figurative 5p on the side.

Re:it's obvious

[Hognoxious]

The trains, yes. The passengers, no. They were all in line trying to pay with cash at the single manual sales point, because if you board without a ticket they fine you.

Re:it's obvious

[Hognoxious]

I've never held much faith in Hanlon's razor.

I'd say that any sufficiently advanced conspiracy is indistinguishable from a cock-up.

Re:it's obvious

[GNious]

Unless SNCB changed their rules recently, you're allowed to buy the ticket on the train as long as you advice the conductor at the time of boarding. I've taken to use this approach as a matter of expediency, since there is usually issues with the Metros/Busses (MIVB/STIB are incompetent beyond belief), and I cannot leave any earlier due to the opening hours of my child's creche.

Purchasing on board the train may be a bit more expensive, but if you explain why (ticketing not possible, expedient), you should be able to avoid the surcharge.

food!

[AltGrendel]

I hate it when I can't food. We all need to food sometime.

Re:food!

If you try sometimes you food what you need

Re:food!

[networkBoy]

You know, typo's aside, this is tragic. Many people live paycheck to paycheck. I used to, up till fairly recently, and I'd still be hosed if this happened because my rainy day money is not in a bank fund.

I would be calling for people to be put against the wall for this.
-nB

Re:food!

If you try sometimes you food what you need

Food you very much.

Foo Foo Fooya.

Re:food!

[networkBoy]

This is not people's poor choices causing them hardship, this is their bank fscking the system hard.
Like I said, even I, with a 12 month rainy day fund, would be in a world of hurt, because I would not be able to put the money into the account to pay bills with, even if I could get it out from where it was.

Someone living wholly beyond their means is one thing. A bank not posting deposits is entirely different. Different, and unforgivable.
-nB

Re:food!

[mspohr]

So, do you keep all of your assets in gold under the mattress?
How do you pay bills?
Do you live in the woods in a cabin with no services (ala Ted Kazinski)?

Re:food!

[xaxa]

You know, typo's aside, this is tragic. Many people live paycheck to paycheck. I used to, up till fairly recently, and I'd still be hosed if this happened because my rainy day money is not in a bank fund.

I would be calling for people to be put against the wall for this.

If you can show you should have been paid (e.g. payslip, last month's statement) they are giving you £300 if they can't access your account. The bank branches stayed open extra late yesterday, opened at 8am today, and will be open for long hours all weekend.

Re:food!

[xaxa]

There is only one person who can be put to the wall for failure to control your own finances.

Most people in the UK are paid by an electronic transfer of the money into their bank account. If your bank is NatWest you can get £300 from them by proving you should have been paid, but I'm not sure what you can do if your employer's bank is Natwest.

That's one way ...

[ackthpt]

To prevent another run on UK banks.

Re:That's one way ...

Bullshit. That's a way to create one.

Re:That's one way ...

Actually you over estimate the intelligence of the GDP, generally dumb public. They will wait until its far too late to try and withdraw their assets and asses.

Re:That's one way ...

[samkass]

Or cause one, once things come back up.

Re:That's one way ...

What in the cunt of fucking shit do you think the people will do as soon as the system is back up? There will be a run on the motherfucking bank you wad of shit.

Re:That's one way ...

[Chrisq]

Actually you over estimate the intelligence of the GDP, generally dumb public. .

That explains why they say that the USA has a higher GPT per capita than Europe.

Re:That's one way ...

[Chrisq]

Actually you over estimate the intelligence of the GDP, generally dumb public. .

That explains why they say that the USA has a higher GPT per capita than Europe.

Damn keyboadr!

I keep getting headhunted by RBS/Citizens

[kilodelta]

And I've always wanted nothing to do with them. Banking in general is very distasteful to me.

Re:I keep getting headhunted by RBS/Citizens

And I've always wanted nothing to do with them. Banking in general is very distasteful to me.

So they were looking for competent help and you refused them. Thus... we can conclude this is all your fault! FOR SHAME!

Re:I keep getting headhunted by RBS/Citizens

[Skaperen]

Actually, it is the fault of management for creating a lousy work environment.

test labs

[fluffythedestroyer]

Always have one. Test it in your testing environment and if it works correctly, deploy on live servers. server idiots guide 101 available in all stores right now

Re:test labs

[networkBoy]

For our critical stuff we hav 4 layers to get to production:
1) I do Foo and test it on my dev machine on an unsigned system
2) I submit my Foo to the build system, it builds it for unsigned systems and it is tested by our QRE/Validation department
3) Once things look good, it is signed, then deployed to our Validation dept to run on signed systems.
4) If it is still looking good, then it is deployed.

And we're not even a banking related operation...
-nB

Re:test labs

Ah, but have you tested deployment from the testing environment to the live environment? The obvious solution is a testing lab with a test live site and a test test site. Wait, I think you need to test that that testing environment correctly approximates the live and the test, with another testing lab. Before you know it you've got turtles all the way down!

Re:test labs

[cusco]

Ah, but they've outsource their IT staff to save money, so they probably got rid of the test lab for the same reason. Never underestimate the stupidity of a group of executives looking for a short-term cost saving.

Re:test labs

[sjames]

But that costs MONEY! If they keep doing things that cost MONEY, how will they pay out the huige executive bonuses?

Automatic updates

Another Windows XP automatic update fiasco...

Yeah, this might be an interesting way to stop an EURO run, as someone suggested.

CAPTCHA = greener (Yes, it's definitely greener over here...)

Wow.

[serviscope_minor]

Well, they've always looked like a bunch of clowns.

They were always a bit useless. Then they kind of bought each other up to increase the lavel of failure when they went bust.

It's government owned now, but you can't blame the government for this computer foul up (there are many other even more spectacular ones), since it was all done by them before the bail out anyway.

The UK retail banking industry is a poster child for why private industry is every bit as crap as a government, and in fact often worse. The thing is that safe storage of money, like roads and the rule of law is one of those things which is essential for civilization. As such, it can't really be entrusted to private companies since the consequenes if they foul up are simply too big.

In conclusion, I hate them all. They're all useless. Some of them are rude too.

It would have been nice if they went bust except that me and a lot of people I know would have lost an awful lot. The only funny thing is that just as the Scottish independence moverment really started to gear up again, the UK (i.e. mostly England) bought all their banks!

It's all crap.

People suck.

Re:Wow.

People suck.

They're the worst!

Kosmo Kramer

Re:Wow.

[cyber-vandal]

[roman_mir]It's all the government's fault because they wouldn't let the banks go bust and people lose all their money. Vote Ron Paul![/roman_mir]

Annoyed customer

[ralphius]

As a customer, I'm annoyed that a) A major high street bank doesn't have enough failsafes/testing to prevent this and b) That there is so little communication as to the cause and expected time to fix the problem.
Thankfully I don't live week to week off my wage like some people do, but if I did I'd be having major problems as evidenced by some of the BBC stories.

Re:Annoyed customer

[Skaperen]

Even though you were not impacted, you should still move your money to another bank ASAP.

Re:Annoyed customer

[Circuit+Breaker]

Don't take the description at face value.

I think it is more probably a premature application of some anti-bank-run version. There are financial earthquakes coming soon to Europe, one way or the other, and that always means bank runs and naked cheques.

I think it is more plausible that they just flipped the "do not trust other counterparty until really verified" switch too early.

Re:Annoyed customer

[petes_PoV]

The bank won't ever say what the problem is/was. The reasons are that they think their customers are stupid so wouldn't understand - but they also probably don't actually know, themselves. That is also the reason they wouldn't issue a time-to-fix estimate. Their only IT people are outsourced, cheap staff in a foreign country and it's not likely that they have enough understanding of the systems to do much more than try undoing the last thing that happened before it all went wrong.

Natwest are not alone, another british bank (Barclays) has often been reported as having Monday-morning outages, which sounds a lot like a weekend update that went wrong.

As it is, having a single account is like having a single credit-card, no spare car key or only one kidney. You can get by until something goes wrong, but in an ideal world you'd have at least one spare.

Re:Annoyed customer

I'm affected too - and I don't live week to week either. But I do try to maximise my savings - so rather than get 0% on my current account I regularly top it up to the £500 mark during the month and £1500 just before bills time (so all bills & mortgage are covered, and some spare).

This doesn't just affect those living pay day to pay day.

Re:Annoyed customer

[Ash-Fox]

As a customer, I'm annoyed that a) A major high street bank doesn't have enough failsafes/testing to prevent this

When was the last time there was a massive failure like this from a major high street bank? I really cannot remember.

Re:Annoyed customer

[c0mpliant]

Why would you need more than one credit card? Honestly don't see why I would need two credit cards. I only have one bank card as well. If I lose my card I will have another within 3 days. I always have enough food in my house to last me a week and I cycle everywhere so I don't need to pay for transport. Worst case scenario and go into my bank and take out money directly from my account.

Guess this was inevitable....

[trancemission]

When you remove a 1000 members of IT staff [many of which were probably your best] and replace them with 500 offshore workers combined with the need to support *legacy* systems, you are asking for trouble.

http://www.computerweekly.com/news/1280093677/Royal-Bank-of-Scotland-cuts-1000-IT-jobs

Regardless of the technical problems, the root cause of this seems to be management......

Re:Guess this was inevitable....

[Hatta]

Regardless of the technical problems, the root cause of this seems to be management......

Management always gets the credit when things go well. They should always get the blame when things go wrong.

Re:Guess this was inevitable....

instead.... management gets golden parachutes and bailouts when shit hits the fan..

Re:Guess this was inevitable....

[CanHasDIY]

Regardless of the technical problems, the root cause is pretty much ALWAYS management......

FTFY.

Fail.

As a bank, you'd think they would be able to deploy the patch to only a couple of their user base to see if there's anything wrong. Or at the very least test it in a closed test environment.

Re:Fail.

[wonkey_monkey]

What makes you think they didn't, or that it didn't all go swimmingly up to that point?

Re:Fail.

as a bank, maybe.
as a bankrupted bank laying of 1000 IT people recently, certainly not

Re:Fail.

[v1]

As a bank, you'd think they would be able to deploy the patch to only a couple of their user base to see if there's anything wrong. Or at the very least test it in a closed test environment.

Sometimes there's a limit to what you can test. Simulating a multilevel network with very broad trees, as a big bank probably uses, probably makes do with a significantly simplified environment. All it takes is some yutz somewhere to try to freeze an account that's already frozen (or do something else obtuse that's very hard to predict) to trigger an untested path bug and BOOM.

Being able to roll back a patch becomes a very useful feature at that point. But rolling back large amounts of financial transactions is a whole 'nother big can of worms.

Sometimes they just have to turn things on they shouldn't, to get the water flowing again, and try to clean up as best they can next weekend while they pour over the logs trying to catch things that got rolled back wrong etc. My bank had this happen once in their recent upgrades that I've caught, and it turned out to be a "bank error in your favor, collect $130". (they auto-paid a bill of mine and never debited my account) But that's the cheaper price they pay for screwing up. The alternative would be to let everyone know that they screwed up the books and are going to be fixing things for the next week, and that drops peoples' confidence in their bank which is incredibly bad for business at a bank, people really flip out when their bank tells them they don't quite know where all their money is right at the moment. So they just take a deep breath and take some little hits here and there to avoid much worse PR damage.

This is what they get for cutting QA / testing

This is what they get for cutting QA / testing

Fix has already been made

[kiwimate]

The summary says there's no fix date available, and I know that's what it says in the Register article, but the second article, linking to the bank's site, has this to say:

The bank says the issue has now been fixed but it will take the weekend to clear the backlog which amounts to millions of euro in transactions.

Re:Fix has already been made

[gatfirls]

...and to properly apply all fees due.

Re:Fix has already been made

Really that big of a backlog? Millions of Euro?

Re:Fix has already been made

If you're a fairly large bank with 3-4 million customers, it isn't much of a stretch to assume they're pushing ~10 million transactions a day. So yes, millions of Euros is probably correct.

Re:Fix has already been made

You need to adjust your sarcasm detector. If the RBS only has a "millions of euro" transaction backlog after 3 days of not processing transactions, they are not "a fairly large bank".

First thing to do when the fix happens ...

[Skaperen]

... move your money to another bank. I hope in UK they have smaller local banks like we have here in the former colonies. If not, maybe find some favorite small towns in the USA.

Re:First thing to do when the fix happens ...

[Vanders]

move your money to another bank.

Why? What does that achieve, exactly?

I hope in UK they have smaller local banks like we have here in the former colonies.

We used to have building societies but most of them converted into banks in the 90's, then they all bought each other, then they merged into the big banks or went bust. So no, not really.

Re:First thing to do when the fix happens ...

Co-operative Bank would be the best bet.

And you would move your account to tell the bank that incidents like this aren't acceptable for a bank. That cutting experienced IT staff and outsourcing is not a good idea in the long run.

Re:First thing to do when the fix happens ...

[magarity]

Actually, since this has happened and been fixed at this bank, it's now the place to keep your money to avoid the problem. At other banks, it just hasn't happened yet. :/

Cockup or conspiracy

[hazeii]

Cockup or conspiracy? Probably cockup - but quite likely they'll discover they've made more by hanging on to cash for a few extra days than this will cost them in customers.

I switched off NW/RBOS when I (banked with them since 1978) joined their online banking and saw .asp in their URL.

Re:Cockup or conspiracy

[julesh]

Cockup or conspiracy? Probably cockup - but quite likely they'll discover they've made more by hanging on to cash for a few extra days than this will cost them in customers.

Not with £300 per customer compensation as their first offer.

I switched off NW/RBOS when I (banked with them since 1978) joined their online banking and saw .asp in their URL.

ASPX, not ASP. And I personally don't see an awful lot wrong with ASP.NET MVC. I'm assuming they didn't use vanilla ASP.NET, because their pages aren't using the witless state tracking mechanism that ordinary ASP.NET pages use.

Re:Cockup or conspiracy

Not with £300 per customer compensation as their first offer.

That's just an interest-free loan, not a gift.

Also it doesn't address any non-cash impact to the account holder such as negative credit rating from "missing" mortgage and bill payments.

Problem and fix

[evilgraham]

Ok, RBS group (which includes NatWest) updates customer accounts via a vast number of batch jobs on a (very big) mainframe overnight. They use CA-7 (a job scheduler, originally written by Uccel) to manage the release, interdependencies and status of these jobs.

It would appear that an update to CA-7 resulted in the actual schedule for these being corrupted or deleted. Therefore they do not know how much any customer actually has in their account, since accounts were not updated with transactions from the previous day.

The problem now appears to be fixed (read: update backed out and control datasets restored), but they still have to run through three days of unprocessed transactions, so people are not getting money paid in during these three days into their accounts as expected, resulting in misery.

This is something which should have been detected and fixed in a competent mainframe site very quickly indeed, so I imagine that the wisdom of outsourcing any "back-office" function of this nature is shortly going to be a matter of very close scrutiny.

Hope this helps.

Re:Problem and fix

[nogginthenog]

Guy on the radio just said his house purchase didn't go through because NatWest failed to release the funds. That's got to suck.

Re:Problem and fix

[PRMan]

Get a good barrister...

Re:Problem and fix

That makes no sense at all. I'm sure Gmail processes more emails (transactions) and saves them on many distributed places so as to never lose any data, in real time, without processing batch transactions overnight.
Where is the complexity of processing transactions? it's one addition per transaction, my desktop pc can do millions of additions per second. Surely a very safe database will do less with all the disk access but still.. overnight? for 4 million customers? 10 - 20 million transactions tops? there must be something wrong.

Re:Problem and fix

[evilgraham]

Erm, they are not using Gmail to process your bank transactions, you tool.

Re:Problem and fix

[cyber-vandal]

The wisdom of outsourcing will not be questioned because they can just blame and sue the outsourcing company. No blame will be attached to the fools responsible for outsourcing (if they're even still there).

Re:Problem and fix

Let me ask again: How come Gmail has more efficient servers than any bank? Overnight transactions is ridicolous!

Re:Problem and fix

Gmail uses something called "eventual consistency". It's a great, efficient (cheap!) technique for building large services. It means that at any given second, something, somewhere, could be slightly out of date or out of sync - though it should eventually catch up. Does this matter for email? Absolutely not.

Does it matter for finance? Absolutely!

Re:Problem and fix

[clickclickdrone]

Where is the complexity of processing transactions? it's one addition per transaction,

OK. Here we go. The SWIFT message arrives. The bank initiates the payment. The SWIFT message is parsed - it's a complex and flexible layout. The sender may have made mistakes. It might need an auto repair, it might need a manual repair. Now we know what it is. Next, check it against the many, many regulatory issues. Does it look like fraud? Does it look like terrorist funding? Does it match the account's usual patterns? Are there country sanctions in place? Now check the balance. Is there enough? If not, get it authorised or not via automated systems. If not, manual check. If not, stop the payment. Now process the payment via the countries clearing system. And that's off the top of my head. You might need to trigger additional payment events, such as confirm to the sender via SWIFT it is OK, process and match cover payments etc etc.

Re:Problem and fix

Rbs bought the outsourcing company so that's sueing themselves

Re:Problem and fix

Parse an xml ? It's O(n) complexity. Check against many issues? Wrong: Just check it does NOT cause regulatory issues, it's one check, not many. Not enough balance? then why bother check regulatory issues? manual check? not going to happen overnight. Process the payment? You're supposed to be the bank who took/sent money, it's processed right now.

Thanks for explaining how SWIFT has complex layout and obviously there are technical reasons for overnight processing... but I still believe that it doesn't have to be that way. It's just inefficient. We know those millions transactions can be processed fast, just like many online services process huge amounts of data incredibly fast.

criminal

so when are upper management going to jail for stealing people's money for several days? or is it ok to steal billions of pounds as long as they give it back in a few days?

Re:criminal

[cusco]

Billions of pounds? Sure. There's only a problem if you steal less than half a million, then you go to jail.

Blame the Auditors

Afterall incorrectly applied patches on live system can cause all sorts of trouble..!!!
Maybe if they didn't recruit on nepotism that would help there IT department source individuals who can apply patches correctly following process and procedure?

RBS were having IT problems in branches a few weeks before so would assume someone in there staff isn't doing there job properly or needs someone looking over there shoulder eh!

Re:Seems to have validity?

No, you're clearly the one who is a massive fucking retard because he meant that the QUOTE had validity, not the strategy. Also, you're an asshole.

consequences

[sribe]

Well, I don't know if it's still the case, but when I worked in banking IT in the late 80s here in the US there was a standing rule: if you don't process checks for more than 24 hours, you can be taken over by the Federal Reserve--where that takeover implies the possibility of being shut down and your assets distributed to other banks.

That really kept the fear of god in management with regard to keeping core IT running, backups, disaster recovery, etc. Daily offsite backups, periodically loading the backups at a backup facility and running test loads...

There should still be such a rule, and it should apply to electronic transactions as well as checks (not much difference anymore anyway), and the UK ought to adopt it. If a bank takes down its main system with a fucked-up patch, and can't get its disaster recovery plan working in 24 hours, shut it down.

Re:consequences

I left banking in 1999 & such a rule was still in affect. We had a test environment and did yearly disaster testing off site. I was told that I needed to document my job before I left so that a 6 year old could follow my instructions. Experience was expensive & I hope the kids are doing well.

Re:consequences

The UK government already took ownership of RBS a few years ago.

Re:consequences

The UK government already took ownership of RBS a few years ago.

Shut it down!

Re:consequences

[Rich0]

I'd go a step further and limit the size of banks to something the government can reasonably deal with should things go south.

If the biggest banks had tens or hundreds of millions in deposits it wouldn't be such a big deal when one of them has an issue like this. Just have the government step in and take care of the people affected, and then fine the living daylights out of whoever messed up once it is all sorted out.

The problem is that these banks are getting so large that you can fit those responsible for 80% of the world's wealth into a single room. That means that they talk to each other, adopt similar policies, and so on. We have far more systemic risk, and even when you get a random failure like this the impact is enormous.

Re:consequences

[sribe]

I'd go a step further and limit the size of banks to something the government can reasonably deal with should things go south.

I'd call that a different subject rather than a step further ;-) I believe that history will eventually come to see the single greatest failure of the Bush administration was not forcing a break up of the large failing banks when they had the chance.

Re:consequences

[Patch86]

Well, I don't know if it's still the case, but when I worked in banking IT in the late 80s here in the US there was a standing rule: if you don't process checks for more than 24 hours, you can be taken over by the Federal Reserve--where that takeover implies the possibility of being shut down and your assets distributed to other banks.

RBS Group has already been taken over by the government; they can't take them over any more than they already have.

And the reason they were taken over is because they were "too big to fail"- so no real possibility of chopping them up and distributing their assets. If they could have done that, they could have just let them collapse and be picked over by their rivals in the first place.

Re:consequences

[rb12345]

RBS weren't fully taken over (Wiki says 84%); I suppose the government could claim the other 16% too but it's unlikely to happen.

Re:Seems to have validity?

[Captain+Hook]

No, you're clearly the one who is a massive fucking retard because he meant that the QUOTE had validity, not the strategy. Also, you're an asshole.

I read the GP as saying that the story had validity given he's provided 3 links as sources. Maybe hold off on the fucking retard comments until you are sure you aren't yourself a fucking retard?

Re:Seems to have validity?

noahwh asked for sources, which is fine. kiwimate replies with the sources, and they show that the company is going the outsourcing route. The retarded as fuck Anonymous Coward then responds "ARE YOU RETARDED? OUTSOURCING IS BAD!1!!!", even though kiwimate's post suggested in no way that he was supporting the company's strategy or outsourcing in general, nor was he making any claims about the quality of outsourced work.

Apparently you're both fucking retards.

that's not a bug..

[bigwavedave33]

That's not a bug for the bank, that's a feature!

Has the worst happened

If customers are seeing the wrong amounts in their accounts it sounds like data may have been trashed too. Your first thought is to restore the db to the point of deployment but by the time they've noticed the db may have changed substantially so that's a no go. Some one will be needing a new job, the coders can fix their shit and the DBA's can do some work for a change and patch the data in the least hacky way possible and pray to the gods of data.

Re:Has the worst happened

[evilgraham]

I very much doubt that anyone's data will be trashed, and the main account balance for RBS/NatWest does *not* live in a database (although many databases will be updated from there). I would think that they are currently trying to manually process a shit-ton of transactions which are usually processed via automatic nightly scheduling. When you have to do this, you want people around who really know the system, and it would appear that due to off-shoring, these people may not work for RBS any more. Hence getting things back in synch is taking an embarrassingly long time. In a sane world, a failure of CA-7 following an upgrade ought to be a piece of piss to remedy and recover from with competent staff, even in a major production system. Someone in the RBS hierarchy is going to have to explain how the discrepancy between this and what actually occurred arose, and if off-shoring was an aggravating factor, then heads should roll.

These are absolutely core business systems; making decisions which turn out to compromise their smooth running is unforgivable. If I banked with any bank in the RBS group, I'd be out of there ASAP if this indicative of how they run their operations.

Can I Write a Cheque?

Can I write a cheque? You do take cheques don't you?

Re:Seems to have validity?

[Old97]

Would you guys please quite insulting the retards by comparing them with these clowns? (Sorry all you clown people.)

Re:Seems to have validity?

Indeed, I apologize. Most retards are actually able to read the posts they are quoting, unlike the ones on Slashdot.

Large banking groups = big problems

Something worth mentioning is how banking groups use the same system. Take Lloyds TSB for instance. Having two current accounts just to be on the safe side isn't going to do any good if they both belong to the same group.
This is true for at least Lloyds, Halifax and Bank of Scotland.

Scary stuff, especially since the only safe option is to put your money under the bed again - which simply can't be done anymore.

Bitcoin

Suddenly Bitcoin becomes a real solution to avoid this kind of problem...

Re:Bitcoin

how many months do we have to wait for the miners to verify 20 million transactions?

Re:Bitcoin

Ha!

Maybe in 15-20 years, if everything goes well for Bitcoin before then.

Right now, traditional banks have Bitcoin pwned on all sides when it comes to reliability of internet services.

Re:Bitcoin

[Ash-Fox]

Suddenly Bitcoin becomes a real solution to avoid this kind of problem...

Not really, if your 'bank' on Bitcoin like flexcoin had issues like this, I fail to see how Bitcoin would make it work.

so ...

is there a particular reason slashdot isn't blaming this on the os they were using?

obviously you have not spent much time

[decora]

as a cashier, salesman, delivery boy, etc.

Re:obviously you have not spent much time

[Pieroxy]

You think I cannot be any of those roles in any kind of structure? You would be wrong.

Use me as a CEO of any company. I'd do a bad job at it no doubt, but I'm pretty sure I won't run the company into the ground in a year.
Use me as a salesman for anything. I'll sell some.
Use me as a cashier. I'll do it.
Legal I may be very wrong.

Remember the context: I need to be in this role at a company for which I've built the IT.

The bottom line is: IT is a very very very technical job. Normal people cannot start to understand what's at stake. There are other jobs like that (see my comment about legal) but they seldom are the key part of any company. IT is at the heart of many many businesses now. All distributors, insurances, banks, etc cannot make a dime if their IT fails.

RBS was a too-big-to-fail bank

[decora]

lest we forget, a huge number of the subprime mortgage securites (CDOs) had the "RBS" name on them. RBS only exists because the taxpayers kept it afloat. it was 'too big to fail'.

the fact that it would fail again in some catastrophic way is not surprising. it is like watching a hippopotamous shit all over the floor and then scratching your head and asking "why did the hippo shit all over the floor?". because thats what hippos do. they shit on the floor. if you want to stop having to wipe hippo shit out of the floor by the truckload, you might want to just get the hippo out of the room instead of trying to figure out how to get it to stop shitting.

you are saying this to a taxpayer funded bank

[decora]

that literally exists only because taxpayers funded it through government enforced bailouts.

methinks your anger is misplaced. please find an arena where the people who run RBS, Goldman, Morgan, Deutsche, and all of the other 'too big to fail' banks were propped up by taxpayer funding, and tell them that they should be "put to the wall".

customers are the problem

[decora]

look, all of the 'disgruntled customers' like yourself may be upset, but are you upset to take your money out and go to a smaller institution? one that charges slightly higher fees and has less profitable interest rates, but that actually takes it's job seriously?

this is the situation in the US with people who 'hate big banks'. if they 'hate' them so much, there are literally tens of thousands of small banks and credit unions - and they are insured up to $250,000 if you are worried about losing your money.

the thing is, customers would rather go with a big shitty bank, and then complain about getting screwed, than a small bank that always works. its some kind of pathological addiction to drama or something.

no, it's not still the case

[decora]

" I worked in banking IT in the late 80s"

if you want to know how things have changed, id start with any of the recent crisis books - "The Big Short" by Lewis, "Fool's Gold" by Tett, "Colossal Failure of Common Sense", by McDonald, "On the Brink", Paulson, "In Fed We Trust", Wessel, etc etc etc.

The stories about Citigroup and it's incestuous relationship with the high offices of government are of particular interest.

The Federal Reserve is kind of a joke as far as regulation goes. It does a lot of mole whacking, but you have to understand, we gave 2 trillion dollars to shitty banks that in essence, could not process transactions. We didn't "shut them down", we didnt "take them over". We bailed them out and payed their executives Bonuses.

Re:no, it's not still the case

[sribe]

It does a lot of mole whacking, but you have to understand, we gave 2 trillion dollars to shitty banks that in essence, could not process transactions.

Bullshit. They were perfectly able to process transactions, and what you've said has no bearing whatsoever on the regulation I was discussing.

I agree the bailout was botched. But your "in essence" is way too far of a reach.

and Obama did what exactly?

[decora]

Fannie and Freddie - still going strong. Executives still making millions.

JP Morgan - still dealing in Credit Default Swaps, with absolutely zero consequences

Morgan Stanley - still churning out shitty IPOs like Facebook that rip people for millions, with absolutely zero consequences

Goldman - still being Goldman

the hedge funds and investment banks can now give unlimited anonymous money to political campaigns. including banks that are essentially 'international' with no allegiance to the US or its constitution.

Obama's chief of staff, Rahm Emanuel, was linked to the Magnetar hedge fund that was near the center of the subprime bubble, and it faced absolutely zero consequenecs, its managers have faced essentially no inquiries whatsoever.

Re:and Obama did what exactly?

[sribe]

The point, which you seem to be willfully ignoring, is that the Bush administration had a unique opportunity to force change and squandered it. The Obama administration has had no such opportunity.

Re:and Obama did what exactly?

[Rich0]

I'd argue that Obama had a chance when he first took office, but there was no way he'd make any traction on that and healthcare. Politically not tackling healthcare would have been suicide - not that many are happy with the results.

The problems in the US are far bigger than who is in the White House. Heck - there was an avalanche of calls from constituents opposing the bailouts and it was basically ignored. And only a huge emergency seems to motivate any action at all on these issues. I'm not convinced that we'll ever fix the problem until we're faced with an emergency so large that we're beyond being able to fix it.

Re:and Obama did what exactly?

[sribe]

I'd argue that Obama had a chance when he first took office...

And that argument would be complete bullshit. By the time Obama took office 2/3 of TARP funds had already been disbursed; the "too big to fail" banks had already been purchased by other big banks, creating even bigger than too-big-to-fail banks. The unique opportunity was when the big banks were on the verge of failure and required government money to survive. Bush had the chance then to use that leverage to force acceptance of change; Obama has had no opportunity that is even remotely comparable.

Japan

has some brilliant banking laws. A bank is required to be able to give a customer up to every cent of his money almost 24 hours per day immediately. This has resulted in faster money flow, better competition in banking, and a generally smoother economy. There are other perks like ATMs that cash out in denominations down to a single yen. Finally banks are unable to pull shit like creating branch withdrawal limits to screw over customers.

In Japan if I had a million dollars in an account and went to withdraw it by law they would have to have a money truck there within a matter of two hours. No excuses allowed.

RUN on the banks

This is the beginning of a run on the banks, nothing to do with a software 'bug'.

Banks have runs because they only hold less than 2% of the money they CLAIM to hold. If too many people try to withdraw too much money at the same time, the bank collapses - because, let me repeat it - THEY DON'T HAVE YOUR MONEY. They've lent it to other people, yet they claim to still have it.

Re:RUN on the banks

[Aristos+Mazer]

They don't claim to still have it. Banks are very open about the fact that they lend out your money. That's why they can pay interest on accounts. That's why you keep your money in a bank. If you don't want it lent out, keep it at home.

Re:RUN on the banks

Yes, that was until they were allowed to create virtual money and lend *that* out. It is simply no longer the case that *your* money is used to lend out to other people. *Your* money is used as some sort of security to create *virtual* money that is then put into the money cycle. And that virtual money returns into the bank as *real* money and is in turn used as security asset to create more virtual money. So essentially virtual money is used to generate more virtual money and hence the whole system is blown up exponentially. (basically, at least)

have you ever actually done any of those jobs

[decora]

have you ever actually been a cashier?

have you ever actually been a file clerk?

have you ever actually been a mail clerk?

have you ever actually been a salesman?

if not, then i suggest you go try it. you will learn a lot.

Re:have you ever actually done any of those jobs

[Pieroxy]

Yes I've been. And you apparently are under the impression that I am discarding those jobs as being of no value while that's not at all what I'm saying.

Anyone can be a bad salesman by replacing a salesman in case of an emergency. Anyone can be a bad file clerk. Anyone can be a bad cashier.

That's easy. Now being a good salesman/cashier/clerk is not easy at all. And there's value to that.

But take a cashier and tell him to fix your critical application that just failed. You'll see the difference btw taking a computer scientist and tell him to replace the cashier for a few days.

anyone can be a bad computer scientist

[decora]

the system can fail regardless of how 'genius' the person you stick on the job.

witness the financial crash of 2008 - hundreds of PHDs were involved in creating CDOs, Synthetic CDOs, RMBS, and giving AAA+ ratings to migrant farm laborers with $300,000 home loans. all those geniuses didn't help the system one single bit, not at all, not one iota.

Re:anyone can be a bad computer scientist

[sjames]

IT was up and running the whole time. The computers faithfully reported the nosediving financial indicators. The networks all stayed up. That crash took place in the business side where networking means gladhanding and golfing. Where people tell everyone else that only they can keep things running because they're more powerful than God and that's why they should have the GDP of a small country as a salary even though they're never in before 10 and never stay past 3.

Had it been turned over to IT people the crash might not have happened because IT people know risk doesn't disappear just because you keep shifting it around.

"Run, Forrest - RUN!"... apk

Yes -> http://yro.slashdot.org/comments.pl?sid=2931443&cid=40420635

* I don't care for your "std. troll evasions" here, because I KNOW you'll do them here rather than "face the music" in that link in that link above...

Right?

Well, let's see about that - whatever you say here is immaterial - this on MY part's just to "shame you" a bit for trolling me in the past... turnabout's fair play (except I don't RUN like you do, Forrest... lol! I confront fools like yourself & systematically DESTROY them!).

---

A.) You run from the link above? You prove my point for me.

B.) You show up there attempting to disprove my points (which you run from to NO end)?? You know I've already "eaten you alive", & thus, you evade 3 simple questions there.

---

* You can't win, & YOU FAIL, bigtime, troll... (you know it, I KNOW IT, anyone reading here now, knows it!).

APK

P.S.=> Yes... You're usually QUITE verbose, until you're caught with your pants down I've noted from that discussion, lol... what's the matter NOW? "Cat got your tongue"??

Again - I won't even look here for your evasion reply, but instead, I'll be waiting @ that link to humiliate the HELL out of you publicly here because you'll evade answering as you have numerous times now already!

(Since I also showed you've "trolled me" before on the same issue, custom hosts files, & you RAN... "Run Forrest, RUN!")...

... apk

"Run, Forrest - RUN!"... apk

Yes -> http://yro.slashdot.org/comments.pl?sid=2931443&cid=40420635

* I don't care for your "std. troll evasions" here, because I KNOW you'll do them here rather than "face the music" in that link in that link above...

Right?

Well, let's see about that - whatever you say here is immaterial - this on MY part's just to "shame you" a bit for trolling me in the past... turnabout's fair play (except I don't RUN like you do, Forrest... lol! I confront fools like yourself & systematically DESTROY them!).

---

A.) You run from the link above? You prove my point for me.

B.) You show up there attempting to disprove my points (which you run from to NO end)?? You know I've already "eaten you alive", & thus, you evade 3 simple questions there.

---

* You can't win, & YOU FAIL, bigtime, troll... (you know it, I KNOW IT, anyone reading here now, knows it!).

APK

P.S.=> Yes... You're usually QUITE verbose, until you're caught with your pants down I've noted from that discussion, lol... what's the matter NOW? "Cat got your tongue"??

Again - I won't even look here for your evasion reply, but instead, I'll be waiting @ that link to humiliate the HELL out of you publicly here because you'll evade answering as you have numerous times now already!

(Since I also showed you've "trolled me" before on the same issue, custom hosts files, & you RAN... "Run Forrest, RUN!")...

... apk

Since when biterness ....

[jotaeleemeese]

... is just expressing the truth.

The fact is that many (all?) banks outsource whole departments to "reputable" companies where the attrition rate is high, so what happens is that your systems end supported by a guy that had a week of certification on a given technology but no experience whatsoever with highly sensitive business systems.

If explaining this reality is biternees, so be it.

What idiotic nonsense.

[jotaeleemeese]

The only thing you need to do to lock down funds is to shut down the website down in purpose, no need of conspiracy theories.

I applied to work there as well.

Went through a couple of interviews and then they said no , sorry, our budget for the project where we wanted you has been cut.

Something you may not know is that lots of RBS management come from another bank that ran into problems during the 2008 financial crisis.

I would just say that they outsourced pretty much all IT expertise out of the UK, before they themselves started to be kicked out. Many ended in RBS and surprisingly supported enthusiastically the same blind Mumbai friendly policies (outsourcing is great for junior positions, because that is the reality of most expertise you can get, the best people in India eventually go to work in the UK and elsewhere because those countries can offer better work conditions).