TSB – Trustee Savings Bank
As part of the divestment from Lloyds Banking Group, TSB had to move their IT systems from those operated by Lloyds to those of their new owners Sabadell, a Spanish bank.
One of the main drivers for the switch was the estimated £100m annual savings to be made from the cost of Lloyds hosting the system (believed to be around £214m p.a.).
TSB informed customers that the systems would be unavailable for the weekend of 21-22 April whilst the switch took place. The service was supposed to be working on the evening of 22nd April following the transfer of 1.3 billion customer records.
At the time of writing (4 May) – two weeks on from the transfer, there were still significant issues being reported.
It quickly became clear that there were issues with the transfer of accounts. Early signs were reported on social media of people not being able to access the mobile application or web site. Those which could access the application saw incorrect data and other customers’ information. Customers also reported being unable to pay bills, transfer money or unable to log in at all. Some customers even reported seeing their account was showing in US dollars.
Despite assertions from the bank that the service was up and running as normal, news agencies and social media reported thousands of cases where customers contradicted the version of events from TSB. Over 40,000 complaints had been received by the TSB. TSB responded by offering customers 5% AER p.a. The increase in interest payments promised are expected to cost £30m per year.
TSB Bank plc is a retail and commercial bank in the UK. It’s a subsidiary of the Sabadell Group. The bank in its present form launched on 9 September 2013 with more than 4.6 million customers and over £20 billion of loans and customer deposits after being divested from the existing business of Lloyds TSB Scotland plc.
It’s not easy to report what TSB did well in this response, as the next section will reveal.
The bank did prepare customers that their service would be unavailable: letters to customers and web site warnings well in advance of the switch gave customers notice so that they could prepare for limited disruption.
Once the issue became widespread, the Chief Executive, Paul Pester did state that no customer would be out of pocket as a result of the systems issues and promised increase interest rates for existing customers. So this provides some level of assurance for customers, but this only works for a limited time.
This incident could be used as a case study of how not to handle an incident.
Once it became clear that there were problems, communication to customers was poor, slow and inaccurate. On Monday following the transfer, the bank stated that “access issues” lasted only about 20 minutes and affected only a tiny fraction of customers. The CEO Paul Pester, in his own words, “resurfaced after 40 hours with my teams” on Tuesday. He should have been the face of the bank to the public from the outset of the issue.
Once Paul Pester does “resurface” he reports that the bank is simply “tuning the platform”. This seriously undermines his credibility as news programmes and social media continue to relate tales of customers unable to run their businesses and issues accessing their details. Further example of over-promising and under-delivering was the announcement that IBM were being brought in, which showed a level of desperation and admittance that its own staff could not solve the problem.
“We’re on our knees” will be the epitaph of Paul Pester. Telling the BBC that your bank is on its knees 6 days into a crisis was unfortunate. Customers want to know that issues are being addressed and someone in authority is in control and managing the problems. This statement demonstrated the exact opposite and showed the desperate state of the bank.
Understanding the scale of the problem
It became clear that no-one anticipated a problem on this scale. This is common in incidents where an unwillingness to believe (and admit) it could be “this bad” drives the wrong response to deal with the crux of the issue, and a delayed invocation of crisis management procedures.
On Wednesday – Paul Pester announces that the app and online banking are up and running again. Whilst, strictly speaking, this is true. The fact that over 50% of customers could not access due to capacity problems set an unrealistic expectation of what customers could expect.
Lack of anticipation of crisis issues & preparation for a predictable event
All major IT implementations have some issues and many of the issues (albeit possibly not the scale and severity) could have been anticipated. All well governed projects have a rigorous ‘risk register’.
Preparing for potential issues
Briefing staff and having pre-prepared holding statements would have been prudent, in addition to placing their senior team on stand-by to anticipate problems.
Increased support for Contact Centre and branches
Physical Locations can provide a buffer for customer concern. Reports of waiting over an hour to speak to a representative on the phone and long queues outside of branches were further exacerbated when customers reported that no-one really knew what the issue was or how long they were going to be unable to access their accounts.
Not seeing the issue from the customer perspective
Customers are generally willing to allow some latitude to organisations as most recognise that switching systems can be problematic. However, the longer they become estranged from their funds, goodwill quickly evaporates. The repeated failure of the TSB to communicate truthfully and effectively means that customer goodwill is eroded to the point where they refuse to believe the bank at all.
Support for staff
Branch staff were subject to abuse from customers who could not access their details and turned to branches as the only tangible face of the bank they could access. If the bank had provided effective communication and beefed up branch personnel it would have helped the staff cope with what is a very stressful situation for them.
Branches closing early
Branches reportedly turned the lights off in branches to deter customers and closed branches over the weekend of 28-29 April and redirected customers to branches up to 65 miles away.
Early celebrations – “jumping the gun”
With almost comic timing, the Spanish parent, Sabadell, stated the migration had been successful on Monday evening – “with this operation, Sabadell demonstrates its capacity of technological development”. This was later taken down from the web site as pictures emerged of a celebratory drinks event where the IT teams were lauding the successful implementation – before the switch over had taken place.
Any IT project of this nature has potential for issues. If you factor in the issues of different organisations along with the language and culture differences between the two protagonists and you have a much greater potential for failure. The TSB stated that the equivalent of 2,500 man years were spent on the project with over 1,000 people involved in some capacity or other; this was a significant project.
Whilst media coverage will, no doubt, concentrate on sacrifice of bonus payments and the tenure of the CEO, there are more fundamental problems the TSB face.
As stated earlier the crisis was managed badly from almost every aspect (save for the fact that they did promise that no customer would be out-of-pocket as a result of the incident).
The challenge going forward will be how they handle claims for compensation. It will need a strong message on what it will accept and pay for compensation. Deloitte’s have been called in to advise on the bank’s compensation strategy.
If TSB are seen to be overly generous they will open the floodgates to people who may not have had TSB accounts but were due to get payments from TSB account holders who were delayed, the impact of which may be difficult to prove – or disprove.
On the other hand, if TSB are perceived as being careful with compensation, requiring proof of loss of income, it could be judged as being “tight” and face further criticism and prolonging public perception of the disaster when the bank wants to get over the issue and move forwards.
The bank will also need to be clear how they will handle multiple claims from the same customer. One who accepts a payment for an issue may come back again if they suffer further difficulty and incur further detriment. Control of issues such as these will define how the response is judged.
There may be other consequential losses as a result of the TSB outage from actors other than customers. Where a customer of another bank goes bust or incurs charges as a result of non-payment of a transaction from TSB could provide more financial and organisational pain for the bank.
In addition, the challenge will be dealing with cases where emotional distress is caused – how do you compensate for a business going bust, a house sale falling through, a wedding being cancelled for non-payment, or someone unable to buy medication for a health issue? These are all issues which have emerged into public domain. Financial issues can be rectified, emotional ones are harder to recompense.
Inertia is the banks’ friend in situations such as these. Although many customers will threaten to close their accounts, in reality many won’t. In 2012 when 6.5m customers of Natwest, Ulster bank and Royal Bank of Scotland were unable to access their accounts for three weeks, the number of customers actually leaving was reported as having “minimal impact”.
Future fines & scrutiny
Even when all the problems for customers are resolved, compensation paid, and heads have rolled – as they inevitably will – the TSB will be subject to an investigation by the FCA, PRA and ICO, with the likely further examination by MPs and Select Committees who will ensure that the TSB suffer the consequences of this for many months and years to come.
Branches are good for resilience
The TSB situation tells us is that branches are good for resilience. When IT systems fail and contact centres are overwhelmed the fact that an institution has physical locations provides an opportunity to provide worthwhile customer service to members. The TSB exacerbated customer unrest by closing over 30 branches in 2017 and providing poor support for the incident to those which were left.
Contact centres are essential in a crisis, and need to be staffed appropriately. Whilst an influx of calls is inevitable and contact centres will be overwhelmed, a well phrased IVR message and well trained and prepared staff can reduce the impact of what is a stressful situation for all. Hanging on a phone for hours on end (and paying for the privilege) exacerbates the pain for customers.
Prepare for the worst.
Even someone with a cursory interest in IT projects would realise something of this scale is likely to have problems. A prompt crisis management response would have negated the situation in the short term, but even this response would be compromised by the extent and duration of the issue.
Don’t promise what you can’t control.
Repeated failure to meet promises undermines the credibility of the organisation. Promising that the banking app was working was untrue, only bits of it worked – badly. It may be that the message from the IT teams was compromised by senior management in Spain where the culture for crisis management is very different.
Waiting for three days before a senior person addresses customers is far too late. The narrative is with disgruntled customers and you are on the back foot.
Give the impression of control.
The “we’re on our knees” statement was a PR disaster. This statement alone ensured Paul Pester did not see the year out as CEO. It shows a lack of leadership and control.
Avoid Big Bang.
The scale of disaster could have been avoided by having a staged approach to transfer. By migrating a sub-set of customers or staff accounts first, would potentially have highlighted many issues with a much reduced impact for customers and media focus.
Managing Systems Return.
Inevitably, once systems are returned to BAU there is initial pent up demand as customer frantically log into the system to verify their details and status and conduct activity which they have been unable to do for the previous incident timeframe. This generates peaks in activity which can far exceed the capacity expectations before incidents and what is expected in BAU once the service and activity returns to normal. This additional activity can result in perceptions of further systems issues as the system is not designed (or operates) to cope with the surge in demand. It is essential that this is managed and where possible by provisioning additional capacity and/or managing customer expectations and recommending to customers that they stage their return to review their accounts.