Financial Conduct Authority data centre goes down for three days
Tue 27 Sep 2016
The UK’s Financial Conduct Authority is now recovered from three days of outage due to an unspecified problem at a Fujitsu data centre.
The current status of the FCA site is outlined in an announcement:
‘There was a physical hardware incident at a supplier’s data centre on Friday; we put in place our recovery arrangements and they have operated as planned. The majority of our systems are now operating again.’
Fujitsu has held the data centre contract for the FCA for some years, predating the company’s transformation from the Financial Services Authority.
Though funded by fees from members of the financial services industry, the FCA operates independently of the UK government and operates as a limited company. It oversees regulatory reports from more than 50,000 firms.
In late 2014 the FCA set a fine of £56 million on the Royal Bank of Scotland for ‘unacceptable’ computer failures which took place in 2012 after a systems upgrade. At the time, Tracey McDermott, director of enforcement and financial crime at the FCA, commented: “Modern banking depends on effective, reliable and resilient IT systems.”
Many have noted the irony that Nausicaa Delfas, the Director of Specialist Supervision at the FCA, wrote only a few days before the troubles began that ‘It’s important to reflect what I am sure we all know – neither regulators, nor firms, can hope to prevent all attacks succeeding – it is a matter of when not if. But responsibility for defending against this risk is a shared one.’
Her article deals extensively with the FCA’s plans to defend against cyber-attack and expounds upon accepting responsibility for the failures of third-party cloud providers. While there is no evidence or admittance of anything but systems or mechanical failure, the timing of such a severe spell of downtime is noteworthy.
The FCA came under criticism from the House of Commons in February as ‘not fit for purpose’, due to allegations of financial mis-selling, amongst others.
Interestingly, the FCA’s site has apparently not been indexed by the Internet Archive since August 20th, despite a lack of obvious current prohibitions in its robots.txt file.
Despite this, the Wayback Machine does show a recent snapshot of the compromised FCA front page upon request, wherein the downtime is attributed to ‘Scheduled Maintenance’.
