Featured image

Day-long outage of Chase UK cloud-native bank requires new regulatory rules

On Oct 042022 - 12:21 BST, Chase online services reported issues with “logging in, completing online card payment security checks and navigating the app.” The issue was ongoing until it got fixed at Oct 052022 - 21:44 BST, more than one day later.

For UK customers, Chase’s “Current Account” is a mobile app-only offering without physical branches or online banking involved. This leaves the mobile app as the primary means for customers to access or transact with their funds or to communicate with the bank.

I’ve been patient with their frequent outages so far, but it’s pretty bad when you can’t even sign in to the app - especially when your card number isn’t on the physical card and only available in the app - a reddit user

Banks without any physical branch offices are exposed to IT failures and downtimes. Their customers can’t perform transactions and other critical financial activities. A downtime is the equivalent to a branch office closure in the physical world.

Could you image what would happen if suddenly thousands of people would queue up in front of closed branches? It would trigger a bank run. Such a situation could happen if outages or downtimes would last longer.

The only current reaction from the bank CEO Sanjiv Somani is to apologies in the public:

I know that this is not what you expect from your bank and I am sorry for the inconvenience

The Bank of England is worried about these fact and puts out new regulations on IT resilience and especially around cloud downtime risk concentration. It asked UK online banks to prepare additional safety measures and IT resilience layers.

Due to the high complexity and the different involved applications, it is nearly impossible to avoid any IT failure leading to downtimes.

We believe that additional protection layers need to be introduced and customer should be compensated using a pro-active benefit scheme for their inconvenience if they couldn’t access critical financial services.

Once downtime are detected, banks should give out a compensation for each hour their services are not available. This has to be demanded from the customer side.