“[W]e have this house of cards where you’ve got an awful lot of institutions working co-operatively with each other, but if one messes up the system, then the whole system fails.”
Given all the drama generated by Donald J Trump’s tariff tiff over the past few days, readers could be forgiven for not knowing what just happened at Barclays Bank, one of the UK’s “big four” lenders and one of the 29 “Global Systemically Important Banks”, or G-SIBs, designated by the Financial Stability Board as officially too big to fail. Even some British readers may be unaware of the developments given they did not make it to the front pages of the nation’s newspapers.
So, what happened?
Barclays suffered an IT system outage that lasted almost 48 hours, from Friday afternoon til Sunday morning, leaving many of its customers unable to do even the simplest of things on the bank’s app, online platform or telebanking service including making payments. Then, on Monday morning, just hours after Barclays’ resolved its “technology issue”, Lloyds Bank, another “big four” lender, suffered a four-hour outage that affected not just Lloyds’ online services also those of its subsidiaries, Bank of Scotland and Halifax.
But it was the far longer Barclays outage that caused the most chaos and consternation. Barclays, after all, is one of the world’s most systemically important banks, and parts of its payment system stopped working for many of its customers for close to 48 hours. That is a very long time for an IT outage to last, especially at a TBTF lender. Plus, the outage occurred at the worst possible moment for its customers: on the afternoon of the last Friday of the month — aka Payday. It was also the deadline for self-assessment tax returns.
The 5th largest bank in Europe just STOPPED WORKING, on payday, on tax deadline day. The Barclays outage has huge impacts.
Some customers can't pay bills
Others can't meet tax deadline dayThis will get expensive.
Barclays is working with the tax service (HMRC) to minimize… pic.twitter.com/T3jgNTZSL7
— Simon Taylor (@sytaylor) February 2, 2025
The banking areas affected by the glitch included Barclays and Barclaycard apps, online banking and services, cards, payments and transfers, branches and telephone banking. More than 4,000 Barclays customers had reported problems, including failed payments and incorrect balances being displayed. Some customers were locked out of their accounts altogether.
Many customers took to social media to air their grievances. Some reported being unable to buy shopping for themselves and their young children, pay their bills or withdraw cash. Yet the bank insisted that its ATMs were unaffected.
The bank’s crisis management and communications appear to have left much to be desired. For example, when an X user called Olive said she had “no access to money” because of the outage, the Barclays UK Help account asked: “Are there any friends or family who can offer support?” When she said there wasn’t and described the reply as “so triggering”, the bank’s X account posted links to the Trussell Trust, a charity that runs food banks, and the Citizens Advice Bureau. In other words, Olive was on her own.
Other affected customers, according to the BBC, included at least two separate instances of home-movers left “effectively homeless” on Friday when their transactions involving funds in Barclays failed to complete, as well as businesses who complained of losing thousands of pounds in rejected payments.
As Reuters notes, “disruption of online services has been a persistent problem for banks in the UK in recent years, and an acute one because lenders have increasingly encouraged customers to bank online to help them reduce fixed costs.”
“Encourage” is an interesting choice of words given that many bank customers had little choice in the matter. Over the past decade, the UK’s big banks, including Barclays, have ripped away the choice of in-branch services for many of their customers through their ruthless cull of branches across the nation’s towns and cities. Since 2015, more than 6,000 bank branches have been closed in the UK. Meanwhile, the number of ATMs has fallen from a historic maximum of 70,000 in 2016 to under 50,000 today.
The trend is ongoing (and is unlikely to change even after this latest outage): last year, Barclays reaffirmed plans to close 99 of its high street sites over the course of 2024 and 2025. For those affected by the bank’s latest round of closures, the good, ahem, news is that Barclays does offer an alternative: so-called “mobile branches” are available through Barclays’ educational and support van for customers in England and Wales.
As the financial analyst, author and pro-cash activist Brett Scott notes, this trend of aggressively pruning branches networks has created a feedback loop that constantly reinforces the impression that people are turning their back on cash when, in actual fact, banks are making it harder and harder for them to access it while bricks-and-mortar businesses are making it harder and harder to use it:
In closing down their branches, or withdrawing their cash machines, they make it harder for me to use those services. I am much more likely to “choose” a digital option if the banks deliberately make it harder for me to choose a non-digital option.
In behavioural economics this is referred to as “nudging”. If a powerful institution wants to make people choose a certain thing, the best strategy is to make it difficult to choose the alternative.
At the same time, as is becoming increasingly clear, banks like Barclays have spent not nearly enough time or money ensuring that the digital platforms they were nudging (or herding) their customers towards are not nearly as reliable or as secure as would be ideal. As our NC regular (and City of London insider) Colonel Smithers notes in the comments thread below, bank leaders don’t prioritise systems resilience and advise their clients to keep some liquid in case of emergencies:
Readers may be stunned to learn that some bank MI packs do not mention incidents and attribute accountability for such matters.
No one will become CEO or head of a product team, location, relationship team or division by serving in an operations and technology role, prioritising such costs or be accountable for such a thankless task.
The results speak for themselves. In 2018, there was the rigmarole of Banco Sabadell’s botched IT migration of its UK subsidiary TSB — branded the “biggest IT disaster in British banking history. Hundreds of thousands of customers were unable to access their online accounts for weeks on end. Some lost out financially, many saw their credit ratings deteriorate as a direct result. Business customers were unable to pay bills or make payroll and mortgage payments were missed. Over 1,300 customers became victims of fraud attacks.
The crisis cost Sabadell hundreds of millions of pounds, 80,000 customers and one CEO. It was probably a key factor in scuppering BBVA’s takeover of Sabadell in 2020. Since then, the UK’s financial sector, much like Australia’s, has been plagued by bank outages.
The UK’s main financial regulator, the Financial Conduct Authority, has been “deeply concerned” about the increasing incidence of IT outages for over half a decade (though that concern doesn’t appear to have translated into operational improvements). At the FCA’s annual public meeting in 2019, the regulator’s executive director of supervision, Megan Butler, said the number of incidents of “operation resilience breaks” reported in terms of IT failings had increased 300% year-on-year. And this, she said, would probably be “a growing trend”.
She was right!
In July 2021, the websites of six large banks and building societies — Lloyds, HSBC, TESCO Bank, Bank of Scotland, Halifax and Barclays — were brought down by a global Internet outage allegedly caused by a botched software update at hosting service Akamai. Less than a month later, the apps of five lenders and building societies — Natwest, TESCO Bank, TSB, Santander UK and Halifax — all went down over a period of just a few days. The outage, apparently triggered by a problem with US payments company TSYS, left consumers unable to access their credit card services and account information.
In March this year, a massive outage disabled contactless and mobile payments across Sainsbury’s and Tesco supermarket stores. The hours-long outage took place on a Saturday, causing maximum disruption and loss of business. Then, in July the fallout of the Crowdstrike outage was so pronounced in the UK’s less-cash economy that newspapers in the country actually began warning about the fragility risks of a fully cashless economy. Since then myriad smallish outages have occurred but nothing nearly as big as what just happened to Barclays.
And the overarching message appears to be that regular bank outages are now just part of the new normal; it’s just something we will all have to put up with. Let’s call it the price of convenience. If your bank’s services go down for days on end and you have no alternative source of funding, you’d better head down to your local food bank, assuming there is one. And if there isn’t, you can always start begging on the streets.
Of course, when the digital revolution began sweeping through the financial system and banks began pushing their customers toward their new, shiny mobile banking apps, we were never told that it would come at the cost of greater system fragility.
Chris Skinner, a financial technology expert and author of The Future of Banking and Digital Bank, suggested in 2005 that digital money will offer a far more secure payment system, especially with the advent of biometric authentication systems. Now that the opposite appears to be happening, Skinner is warning that banks and financial regulators are struggling to keep up with all the technological changes and upgrades that are coming at them. From Yahoo Finance:
Skinner said the vast array of technology systems needed to operate in the modern banking world meant banks have “such a smorgasbord of things they have to work with” that the “competence of keeping up with these changes is really challenging every bank”.
He told the PA news agency that clusters of incidents were also more likely because of the shared financial IT infrastructure and close links between institutions.
Mr Skinner said it meant that situations similar to the CrowdStrike outage in 2024 – where an issue within one infrastructure firm caused a global IT outage – were now more likely in the banking sector.
“If you look at what happened in the US last year (with CrowdStrike), it was like a house of cards,” he said.
“There was a linked organisation that failed, and then other organisations failed on the back end of their failure, and I think that’s where we are today – we have this house of cards where you’ve got an awful lot of institutions working co-operatively with each other, but if one messes up the system, then the whole system fails.”
This applies, of course, not just to the UK but to just about everywhere. In October, Bank of America, another G-SIB, suffered an IT outage that resulted in some customers seeing a zero balance on their accounts. Weeks later, Singapore’s DBS, one of the world’s leaders in digital banking, and Citi, another G-SIB, suffered simultaneous outages caused by a “technical issue” with the cooling system at an Equinix data centre. As Channel News Asia reported, the 14-hour outage prevented 2.5 million payment and ATM transactions from being completed.
Now that bank IT outages have established themselves as a regular feature of the new financial landscape, customers are being advised to take certain measures to minimise their risk of exposure. Those measure include having a second bank account with access to online banking, keeping track of the timing of any outages and taking screenshots of any failed payments or other operations, switching current account to another bank if the outages are frequent, and keeping a cash reserve on hand, just in case.
If these incidents serve any purpose, it is surely as a reminder of the importance of cash whenever technology fails. As we have been saying for years on end, cash does not crash. It is perhaps no wonder that in the UK and other countries, physical money is staging a comeback that seemed most unlikely just a few years ago. These outages should also serve to highlight the reckless folly of banks like Barclays continuing to close down branches and push their customers toward digital options at a time when they cannot even guarantee the security and reliability of those options.
37 comments
Comments are closed.
” If your bank’s services go down for days on end and you have alternative source of funding” should this be ” If your bank’s services go down for days on end and you have NO alternative source of funding”
Fixed! Thanks, rePiet.
Not fixed for me…
That’s weird… Try it now.
I remember the banking crash of 2021. Dad got through because he had a 2nd business bank account at one of the non-affected banks so he could pay his employees. But it was a major hassle and close shave.
I thankfully didn’t need to access my Barclays account during this outage. However, the fragility of the system is becoming more visible. We desperately need a universal basic bank (like the old Girobank) that could revitalise post offices, be used for all govt benefits and be accepted at supermarkets. When in Australia, the (though far from universal) much more widespread prevalence of basic bank accounts to enable shopping and Medicare was notable.
Thank you, Terry.
You may be surprised by how many City types would prefer to use a government bank / banking utility.
We desperately need a universal basic bank (like the old Girobank) that could revitalise post offices
Yes, that is what we need, but did you notice that post offices (at least in Europe) have been closing left and right?
Yes :(
More deliberate enshittification
Thank you, Nick.
I work on such matters and, in late 2021, was offered the post of head of operational risk and resilience policy at the Bank of England, but had to decline as, two days earlier, I had accepted an offer at a bank and one paying a third more than the BOE.
I understand the systems issues and concentration risk, but want to highlight that bank leaders don’t prioritise systems resilience and advise clients to keep some liquid in case of emergencies. Readers may be stunned to learn that some bank MI packs do not mention incidents and attribute accountability for such matters.
No one will become CEO or head of a product team, location, relationship team or division by serving in an operations and technology role, prioritising such costs or be accountable for such a thankless task.
Back to the Bank of England. I was told by the hiring manager that the governor was not interested in such matters, so there was an opportunity to attract his attention.
Thanks, Colonel, for the inside perspective. Have hoisted a couple of your paragraphs into the post. Hope you don’t mind.
Thank you, Nick.
A real problem is that you can belong to a bank that has done it’s job properly but it may not be enough. They may have tested every bit of software installed in that banking service, thoroughly examined what changes need to be made and how to implement them over time, taken care to have trained their staff in any new technology, recruited a top notch IT team that installs any new patches after testing them themselves, listened thoroughly to what their customers want and keep watch on the latest developments. But then some obscure dependency for all that you-beaut software located in Backwater, Nebraska has a glitch and your whole banking services falls down-
https://xkcd.com/2347/
Cash reserves. It is now essential to keep some aside. Because as Nick points out, if your bank falls over, you’re on your own.
One thing that came out of the Russian woodwork when the curtain came down on Communism was 1922 large size Gold Certificate banknotes, all of the sudden there around 500 to 1000 of them on the market, all in average to better than average condition, many having been secreted in walls for 70 years,
This is what they looked like:
https://commons.wikimedia.org/wiki/File:US-$100-GC-1922-Fr-1215.jpg
Didn’t FDR make them illegal for American citizens to hold in about 1933 or so? In the same law that made it illegal for Americans to hold owning gold itself?
They were stripped of the right to turn them in for the amount stated on the Gold Certificate into actual gold coins ($2 1/2, $5, $10 & $20 denominations) and this was the only real ‘gold standard’ of the time in terms of banknotes, you couldn’t demand all that glitters out of a National Banknote, Federal Reserve Note, United States Note and a few others i’ve conveniently forgotten.
Every U.S. Banknote issued since 1861 is still legal tender~
One of the biggest misnomers in regards to the legality of Americans owning gold after 1933, is it was perfectly legal to own anything pre-1933, which except for the quite rare 1933 $10 and prohibitively rare 1933 $20, everything else qualified.
A typical buy/sell spread on $20 gold coins in a 1967 Numismatic Scrapbook magazine advert would read:
$20 Liberty buy @ $40 sell @ $45
$20 Saint Gaudens buy @ $45 sell @ $50
Each coin containing about 97/100’s of a troy ounce of pure gold in content, back when spot was a rigid $35 per oz.
??? Wait, that can’t be right. Monarchs for millenia made sure to put less “precious” metal in their coins than the face value of the coin. I believe the difference is called “seigneurage.” It was one way rulers could keep taxes down (everybody has always hated paying taxes). 97/100’s of $35 is $33.95. I would think $13.95 is worth melting a $20 coin down for its gold (its melt value).
This is in a different wheelhouse but there was a notable game in the past that had its images stored in a section of memory, as is typical. One of them was of a coconut. If the coconut image was removed, the game architecture crashed. No one knew what system pointed to the image to make it responsible for such a catastrophic outcome. They left the coconut in place and warned new hires about the coconut. Speaking with friends in IT, aside from McMaster-Carr this is basically every backend computer system in the world, and rulers pushing digital-only interface are insane.
“Are there any friends or family who can offer support?” When she said there wasn’t and described the reply as “so triggering”, the bank’s X account posted links to the Trussell Trust, a charity that runs food banks, and the Citizens Advice Bureau
Very unhelpful. Barclays could have tried harder. How about “Have you considered shoplifting?”
Thank you. This is giving some juice to the term “Counterparty Risk”, lol.
‘hurricane cash’ is not just for hurricanes. I no longer live at the coast, but I keep plenty of ‘legal tender’.
Where do you spend it? Depending on where you are, cash payments may not be accepted in many businesses.
Come on, man, who gets those sweet transaction fees when you pay in cash!
This is inevitable. All the UK bank’s IT systems are totally out of date. This was the same situation 30 years ago. They have been aware of this problem since then and have avoided tackling it. They are all incompetent organisations.
Thank you, Andy.
I don’t disagree, but add that they don’t care. Costs and profitability are the big drivers.
Some bank IT systems are older than the techies looking after them.
Do they come with a crank handle or a kickstart?
More seriously, I have a few Perth Mint one ounce silver coins stashed away in the event that the manure really starts flying.
With regards to civil liabilities: do banks hold liabilities for these technical problems or do they shift the blame to their IT providers? More generally, when some company is outsourcing some or many of it’s activities, is it easy to identify where the civil liability relies or are these lost in the ether? — I feel sorry for a question like this: it is not an assignment and I have first tried to look at it by myself. This is for anyone knowledgeable on the issue, probably lawyers.
Thank you, Ignacio.
The client’s relationship / contract is with the bank, not the underlying / third party or sub-contractor. Therefore, the bank is liable to the client.
As a bank client, these sub contracts / delegations have nothing to do with you. You may not even know they exist.
Under UK regulations for banks (and, in many cases, senior bank personnel), the contractor is a delegate and does not remove the liability from the bank.
Inside the bank, the head of retail banking is accountable to the senior management / board and regulators. The head of technology is a delegate of the head of retail banking. Both can be held to account, but it’s the one with the customer relationships first, i.e. head of retail banking.
Some years ago, the head of retail banking at NatWest said the persistent outages had nothing to do with him and were the responsibility of technology and operations. He left / was encouraged to leave soon after.
I used to work for NatWest and Barclays.
Thanks a lot Colonel Smithers! Nice to see not everything is rotten.
Thank you, Ignacio.
Customers need a law that prevents companies from forcing them to use apps and other online services (or from charging them extra to send them bills and statements in the postal mail). The more this forced concentration onto internet-connected systems happens, the bigger the incentives for the bad actors to break them, or break into them. As Willie Sutton said when asked why he robbed banks, “Because that’s where the money is.” Obvious! Robbing 80,000 customers at once will always be cheaper in effort and more profitable than trying to knock over a string of bank branches or (worst of all) stealing checks from people’s roadside mailboxes. The same principle applies to “stealing elections”–the opportunities for vote theft with paper ballots are way more expensive and likely to be ineffectual than what you can get by hacking an electronic vote counting system. It’s like every futurist forgets that economies of scale work for the bad guys too.
I worked it IT, including card transaction systems and unfortunately outages are inevitable, nothing is 100% reliable. It may be nothing to do with your own systems or software so simply out of your control. When my bank (HSBC) decided to almost force going online/mobile due to lack of branches, I decided to get a second totally unrelated personal account which I did with Chase. Both are international but one is far east based and one far west (looking from th UK) so I hope they have little connection.
This doesn’t seem to have triggered either a bank run or deterioration of solvency situation. But it does raise an interesting dimension – a bank run would in previous times would be triggered by a large number of clients withdrawing their savings from their banks, but in this digital age they’re technically unable to until the glitch is fixed. Then, once fixed, what is their reason to do so? And where would they transfer accounts to, given other banks subsequently experienced or could potentially experience the same glitch? Of course, in previous times they would arrive at the bank to find it closed, so somewhat similar.
And given many or most pay their bills or conduct transactions digitally, at least in North America, it’s not so simple to extract everything as cash to stuff in the mattress. And the alternative, shifting finances to new institutions, would be like writing a up a will and anything over a certain amount means visiting your branch in person to wet signature lots of paperwork, an inconvenience (unless the bank facililtates digital signatures). So, it’s likely clients will keep their savings in place as it would be onerous and time consuming to do anything else. If they’ve lost confidence in Barclays and do move their accounts, it would be a very slow transition over the next few months, rather than a bank run.
It’s worth noting that Barclays had a similar problem at the end of November, again on the last Friday of the month, which caused huge problems for house purchase completions (which for some unknown reason happen mainly on fridays). So they do have history in this area.
In my experience (as a customer, mostly, but also on the Board of a small building society) bank IT systems are very mixed. Few of them get everything (or even many things) right from the customer viewpoint. The challenger banks, who started from scratch, tend to be better. But as you say, we don’t have much of a choice about using them.
Barclays was always very adept at messing things up. Back in the day, when I banked with them, they would habitually lose my signature card and bounce my checks (that should date it nicely). Particularly awkward when it was university tuition fees.
Evidently, the same attitude prevails today.
> Barclays suffered an IT system outage that lasted almost 48 hours
Obviously, we ought to put Barclays on the blockchain.
Always keep a couple of K in cash. Keep some gold, maybe sovereigns, for a very prolonged outage or total collapse of the banking system. Same with shares…..just numbers on a screen..Gold and tangible assets are real, visible and obvious.
I know you cannot buy a house, holidays etc with cash, but cash will get you through for months if necessary.
You will be fed and relatively safe. Not so with a piece of plastic in your wallet.
Computers going down equals shares and absolutely everything on screens are suspended, or at worst deleted.
Why anyone lives from day to day relying only on plastic is totally beyond me. Good luck in future with that.!
What? Thaler and Sunstein define a nudge as a slight manipulation of the choice architecture so people who give little or no thought to their choices end up making good decisions. For example, put the good choice at the top of a vertical list, or make the good choice the default. In no way can you consider “close down or remove all other options, leaving only one” a nudge in the Thaler and Sunstein sense (It may be how behavioral economics considers nudges; that would be consistent with the tendency of economics to redefine commonplace words in strange or counter-intuitive ways).
Barclays was on the nose (back in the day) due to its deep ties to the old regime in South Africa, As with the US, is the “Curse of the Cape” haunting Britain too?
However, from what I’ve read and heard in the past, badly integrated information technology systems after banking mergers (“quick and dirty”) are more the likely to be the culprit.
Pip pip and COBOL cocktails all round!