The Royal Bank of Scotland (RBS) has been fined 56 million by regulators for a 2012 IT glitch that stopped millions of customers from accessing their money.
The problems blighted customers of RBS, and those of its Natwest and Ulster Bank brands, for several weeks in June 2012, preventing them from accessing online banking services and receiving accurate account balance information via the firms' cash machines.
The issues arose due to failures at many levels within the RBS Group to identify and manage the risks which can flow from disruptive IT incidents.
Furthermore, other customers missed mortgage payments or had incorrect credit and debit interest applied to their accounts, while some businesses also reportedly missed their payroll commitments.
As a result, the company has now been jointly fined by the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) to the tune of 56 million, with the bulk of the penalty (42 million) coming from the former party.
In the wake of the issues, RBS CEO Ross McEwan blamed the problems on "decades" of IT underinvestment, but in a statement today the FCA denied it was the root cause.
"The incident was not the result of the banks' failure to make a sufficient investment in its IT infrastructure. The RBS Group spends over 1 billion annually to maintain IT infrastructure," it said.
Instead, the regulator blamed a software compatibility problem brought about by the banking group's failure to implement "adequate systems and controls" to identify and manage IT risks.
When the banking group realised some newly-installed software was not working correctly, it opted to uninstall it, the FCA's investigation revealed, without first establishing what the impact of that decision would be.
Tracey McDermott, director of enforcement and financial crime at the FCA, added: "The problems arose due to failures at many levels within the RBS Group to identify and manage the risks which can flow from disruptive IT incidents and the result was that RBS customers were left exposed to these risks.
"We expect all firms to focus on how they ensure that they can meet the requirements of their customers when looking at their IT strategies and policies."
News first emerged earlier this month that the banking group could face a multi-million pound fine from the FCA for its IT failings, with earlier reports suggesting the sum could be cut should RBS pay up early.
In a further statement, RBS chairman Phillip Hampton said the firm had already made financial provisions to cover the cost of the joint fine.
"Our IT failure in the summer of 2012 revealed unacceptable weaknesses in our systems and caused significant stress for many of our customers. As I did back then, I again want to apologise to all customers in the UK and Ireland that we let down two and a half years ago," he said.
"I am confident that the progress we have made in increasing the resilience of our IT systems through the additional investment of hundreds of millions of pounds and the enhancement of our control structures - has made RBS better able to provide the service our customers expect and deserve.
"I am also pleased that the regulator acknowledged the steps we took at the time to provide redress to anyone who had lost out as a result of our mistakes," he added.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.