Bank of England tells payment firms to step up disruption mitigation plans

LONDON (Reuters) - Firms offering payment services in the UK must work much harder to meet new 'operational resilience' standards by March 2025 for responding to disruptions such as cyber attacks, glitches during an IT changeover or extreme weather hitting a server centre, the Bank of England said on Tuesday.

WHY IS THIS IMPORTANT?

Customers have been locked out of accounts and unable to make payments for hours on end in some cases as payment providers suffer IT glitches. The BoE has introduced new rules that financial market infrastructure (FMI) firms must meet by March 2025 to keep disruption to a minimum.

They include "impact tolerances", or the maximum length of time for a disruption before it inflicts serious harm on customers or financial stability.

KEY QUOTES FROM SASHA MILLS, BOE's EXECUTIVE DIRECTOR FOR FINANCIAL MARKET INFRASTRUCTURE:

"Confidence in FMI services is critical to having a vibrant and prosperous economy. For the calibration of impact tolerances, we expect to see greater engagement than we have seen thus far between FMIs, their participants, and the wider market.

"Another area that still requires significant work is the approach and method FMIs use to test disruption to important business services.

"FMIs need to do further work to improve on the sophistication of their testing approaches. We'll be continuing to look over the coming year for robust remediation plans from FMIs, with appropriate funding and resources dedicated to address weaknesses found during testing."

(Reporting by Huw Jones; Editing by Susan Fenton)