Euro zone banks losing millions due to poor IT outsourcing, ECB finds

The European Central Bank (ECB) has warned that banks in the Euro zone are losing millions of euros due to poor tech outsourcing.

The commentary came as a result of a survey among banks supervised by the ECB on how prepared they are to deal with risks such as hacks, legacy tech and poor contractors.

The ECB found that banks lost €148 million due to "unavailability or poor quality of outsourced services". This figure, the cenbank said, represented a 360 per cent increase from 2021.

In a newsletter, the ECB said: “These losses were related to a small number of high-volume events and further highlight the need to properly manage risks arising from reliance on service providers.”

The ECB noted that this was "concentrated within a few significant institutions and therefore not indicating a sectoral trend", but warned that "outsourcing arrangements often failed to sufficiently address IT security requirements".

These failings, along with others, caused the ECB to conclude that Euro zone banks’ lack of preparedness in regard to cybersecurity were "more severe and widespread than expected," highlighting that many surveyed banks failed to identify all potential risks or did not have adequate systems in place to appropriately respond to hacks and other incidents.

Adding that banks targeted by inspections have already received recommendations, the ECB said that it "expects all banks under its direct supervision to take immediate and concrete steps to make sure that their IT and cybersecurity risk management is aligned with supervisory expectations."

The report also identifies a significant increase in spend on outsourced cloud services. Of the banks surveyed, cloud services accounted for 3.1 per cent of all IT spend and increased by 56 per cent in 2022.



Share Story:

Recent Stories


Sanctions evasion in an era of conflict: Optimising KYC and monitoring to tackle crime
The ongoing war in Ukraine and resulting sanctions on Russia, and the continuing geopolitical tensions have resulted in an unprecedented increase in parties added to sanctions lists.

Achieving operational resilience in the financial sector: Navigating DORA with confidence
Operational resilience has become crucial for financial institutions navigating today's digital landscape riddled with cyber risks and challenges. The EU's Digital Operational Resilience Act (DORA) provides a harmonised framework to address these complexities, but there are key factors that financial institutions must ensure they consider.

Legacy isn’t the enemy: what FSIs can do to keep their systems up and running
In this webinar we will examine some of the steps FSIs have already taken to rigorously monitor and test systems – both manually and with AI-powered automation – while satisfying the concerns of regulators and customers.

Optimising digital banking: Unifying communications for seamless CX
In the digital age, financial institutions risk falling behind their rivals if they fail to unite fragmented communications ecosystems to deliver seamless, personalised customer experiences.

This FStech webinar sponsored by Precisely explores vital strategies to optimise cross-channel messaging through omnichannel orchestration and real-time customer data access.