Trouble at the TSB - a lesson in leadership for 21st Century CEOs

In the Information Age there are three certainties: Being born, dying, and complex IT systems will let you down. Leaders in charge of large organisations that have ageing IT enterprise systems need to understand that their very business depends on the IT working and they need to drive the process personally and be held accountable. Too many still see it as a job for ‘the IT team’. They do so at great cost.

As of this last weekend in April 2018, TSB Bank is in serious trouble. The data migration of customers' accounts from one ageing IT system to a new one was supposed to happen over a weekend and be done seamlessly. It’s clear the plan has failed and the long term consequences could be serious. The problem for most High Street Banks is that their IT platforms are generally old, unstable and made up of a myriad of software and code, added over the years, as banks merged, as IT systems evolved, and as banking moved online.

In delivering new IT systems to their customers, the Retail Banks cannot start from scratch, as the newer digitally native Challenger Banks can do. Such newcomers can benefit from the use of technologies such as cloud, the latest apps, and state of the art security software that are all designed to integrate. The fact is that for all banks, the way information is managed is as important as money itself, and a bank that gets this right is a bank of the future.

SixFigureGrid identifies that there are seven key principles for businesses in the Information Age, which are: Perception, Scale, Tempo, Ethics, Security, Innovation and Uncertainty. The current situation at TSB clearly demonstrates them all at play, where events move too fast (tempo) and grow too big (scale) for management to deal with, customers get upset and then use social media to vent their frustration (perception), rushed proclamations from the bank are made claiming a fix is in place, which then fails to work (ethics), no one at the bank has planned for a crisis (uncertainty), some customers get to see other customers’ accounts (security), no one knows when the system will be up and running again (more uncertainty) and there is a looming threat to the business from the new Challenger Banks (innovation). If other banks do not want to fall into the same situation as TSB, then they would do well to understand the importance of these principles.

In TSB’s case, there are those now claiming that this was quote, ‘a clusterf**k in the making’, owing to the fact that the older IT systems were too complex and too large to be migrated to the new system without major investment and preparation. As it is claimed, the new IT system had only worked with much smaller banks in Spain. It turns out that there was pressure on TSB, now owned by the Spanish banking group Bank Sabadell, to move off the old system, as it was costing TSB a cool £100m a year to hire the banking software system off Lloyds Bank, care of the deal struck when they were sold from Lloyds. It would appear that an urgent need to reduce costs at TSB overrode the more important issue of understanding the migration requirement and the risks involved.

The major lesson to take from any ‘IT meltdown’ is that responsibility for the situation lies at the very top of the company and not with any particular appointment such as the Chief Technical Officer (CTO), the Chief Information Officer (CIO) or the Chief Security Officer (CSO). This responsibility lies clearly with the CEO and a good CEO in a 21st Century business needs to be fully aware of his business’s IT capability, its design, its strengths and its weaknesses. The CEO also needs to know, in considerable detail, how any upgrade is going to work, what preparation is being done, what testing and development is planned and what contingency plans are in place if the IT changes go wrong. To ‘take direct control’ after the disaster has happened (as the TSB CEO has personally announced) may be good ‘crisis management’ practice, but a better strategy would be to be in direct control from the outset of the project. 

A second lesson is that it is essential to have a ‘Plan B’ in place and a good leader always gives himself options. A strategy of ‘success based planning’ is no way to approach a major IT change program, as too many companies and CEOs know to their cost. In the military, planning officers in headquarters spend as much time on contingency plans (known as ‘Conplans’) as they do on the chosen plan itself, probably confident in the knowledge that “no plan ever survives contact with the enemy”. They also ‘red team’ the plan, getting independent advisors (often from the Intelligence Branch, who study how the enemy operate) to challenge each step of the plan, allowing the staff to check their own assumptions and come up with further contingencies, or even, change the plan.

As a final key lesson, having an intelligent communications plan in place for updating customers when things go wrong is essential. When a major IT system fails, it is often the lack of information coming out of the business and misleading claims of when it will be fixed that upsets customers more that the fact that the system is down. A little transparency and honesty goes a long way. Customers tend to be loyal to businesses that are open with them. Strong ethical values are vital for any 21st Century business.

Pity the IT teams at TSB, now working hard to find fixes and help their customers. They must be under huge pressure; the future of the bank is at stake. The point is that there may be no easy fixes; IT is like that. Throughout the banking sector, no one should be smug about this situation, nor should they be complacent about their own systems, least of all Lloyds Bank (whose legacy system TSB were using previously). Most banks have got major upgrades and data migration plans to carry out over the next few years and one suspects this latest crisis will not be the last of the banking IT meltdowns. Beyond banking, most businesses now rely on IT systems, be that for global connectivity, artificial intelligence, social media feeds, information security, customers’ private data and smart applications. This is a lesson not just for banking CEOs, but for all CEOs of the 21st Century and their companies’ boards.

Perception | Scale | Tempo | Ethics | Security | Innovation | Uncertainty

SixFigureGrid: Know where you are; understand what is going on