Former TSB CIO fined £81,620 for mismanagement of IT migration
Carlos Abarca, former chief information officer (CIO) at TSB Bank, has been personally fined £81,620 in an unusual move by the Bank of England’s Prudential Regulation Authority (PRA) for inadequately managing an IT migration that led to massive disruptions for millions of customers.
This enforcement action follows a joint financial penalty of £48.65 million imposed on TSB by the PRA and Financial Conduct Authority (FCA) in December 2022 for operational resilience failings.
In April 2018, TSB updated its IT systems and migrated its corporate and customer services data onto a new platform, which immediately experienced technical failures. The disruption affected all TSB branches and a significant proportion of its 5.2 million customers, with some issues persisting until December 2018. TSB paid £32.7m in redress to affected customers.
As CIO, Mr Abarca was responsible for TSB’s compliance with the PRA’s outsourcing rules, including overseeing its key outsourcing relationship with the main third-party supplier for the IT migration program. He assured the TSB board that the supplier was prepared for migration, but failed to obtain sufficient assurance from the third party beforehand.
Sam Woods, deputy governor for Prudential Regulation and CEO of the PRA, said: “Senior managers have an essential role to play in ensuring that firms manage and supervise outsourcing effectively. In this case, the PRA has fined Mr Abarca because his management of a key outsourcing relationship fell below the standard we expect.”
Mr Abarca agreed to resolve the matter with the PRA, qualifying for a 30% reduction in the overall fine, which would have been £116,600 without the discount.