MAS orders DBS Bank and Citibank to investigate banking services disruption
The Monetary Authority of Singapore (MAS) has ordered DBS Bank and Citibank to further investigate why they failed to fully recover their systems within the required timeframe after a recent services outage in the country.
DBS Bank and Citibank told to investigate IT systems disruption
The regulator states that banks’ critical systems cannot be out of action for more than four hours within any 12-month period, and that these systems must be supported by a back-up data centre and tested periodically in order to ensure their recovery when their primary data centres fail.
DBS Bank and Citibank’s services in Singapore are backed by an Equinix data centre, as per the regulator’s guidance.
On 14 October, both banks activated their back-up data centres after their primary centre failed to perform normally. However, the pair were unable to recover their systems within the mandated timeframe.
To offset the disruption, the banks deployed contingency measures, including alternative arrangements for credit card transactions and extended branch hours.
The data centre outage is believed to have been caused by a third-party contractor, which erroneously sent a signal to shut off the valves feeding chilled water into the buffer tanks during a planned system upgrade, the Business Times reports.
Equinix says this caused the temperature to rise in some of the data centre’s halls, impairing the networking equipment that supports the backed-up data.
As well as DBS and Citibank, the mistake is thought to have impacted other services using the same centre, including Facebook, Instagram and WhatsApp.
Now the MAS has instructed the banks to each conduct “a thorough investigation” into the incident, and says that it will “take appropriate supervisory actions after gathering the necessary facts”.
“No IT system is infallible,” it says. “Banks and customers should have contingency measures in the event of service disruptions caused by IT outages.”
