Operational Risk In Tesco Bank

784 Words4 Pages
Operational risk can be categorized as follows: Human risk: Potential losses due to a human error, done willingly or unconsciously IT/System risk: Potential losses due to system failures and programming errors Processes risk: Potential losses due to improper information processing, leaking or hacking of information and inaccuracy of data processing Operational risk occurs as the result of a failed business processes in the bank’s day to day activities. Examples of operational risk would include payments credited to the wrong account or executing an incorrect order while dealing in the markets. None of the departments in a bank are immune from operational risks. According to the Bank for International Settlements (BIS), operational risk is defined…show more content…
The bank was formed as part of a 50:50 joint venture between The Royal Bank of Scotland and Tesco, the UK's largest supermarket. Tesco later acquired Royal Bank of Scotland shareholding, which resulted in the bank becoming a wholly owned subsidiary, and now operates under its own. Cyber-criminals broke into Tesco Bank’s computer system in November 2016 and stole £2.5million from the current accounts of 9,000 customers. It is one of the largest cyber-attack on a commercial bank to have resulted in a mass loss of money. One in 15 of the bank’s 136,000 current accounts were affected. Tesco Bank responded quickly by suspending all online debit transactions – including contactless card payments to prevent further criminal activity. Tesco had a responsibility to protect its customers and, by not doing so, has led to an erosion of trust and reputation crisis. It was clear that The TESCO wasn’t aware of the potential scale of the attack or it simply wasn’t equipped to deal with a cyber-attack at this level. In a moment of malicious compromise, Tesco should have had the appropriate detection and remediation protocols in place to stop the hackers before they could remove actual money from customer…show more content…
While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. The WannaCry ransomware attack compromised the systems of some Russian banks in May 2017. Russian central bank acknowledged that the virus had an impact on the country's banking system. The central bank had previously said Russian banks were targeted in the global cyber extortion campaign late last week, but that the attack had been unsuccessful. After the attack, the central bank reissued its recommendations to Russian banks, it said, adding that it would start publishing statements on its website about cyber attacks it had caught as well as steps taken to reinforce IT security. The WannaCry attack was global in scale, affecting computer systems in dozens of countries. But Russia was among the hardest hit, with the attack exposing security flaws in some of its largest institutions. The weaknesses exploited by the virus which attacked computers all over the world and paralyzed the work of many large

More about Operational Risk In Tesco Bank

Open Document