UK banks’ crisis preparedness and emerging risks in 2024
By Anna-Rose Davies and Natalie Todd
Natalie Todd and Anna-Rose Davies, from Cooke, Young & Keidan, assess the risks facing banks and their customers
The recent assessment of UK banks by the Bank of England highlights significant improvements in crisis preparedness, but also underlines ongoing vulnerabilities and potential legal challenges for banks and their customers. As the financial sector continues to navigate the post-2008 landscape, the failures of Silicon Valley Bank (SVB) and Credit Suisse in March 2023 serve as reminders of the importance of robust crisis management. The evolving regulatory environment could still expose banks and their customers to significant legal risks, particularly in the areas of fraud and crisis planning.
The Bank of England’s resolvability assessment framework
In August 2024, the Bank of England released its second resolvability assessment framework (RAF), which evaluates the UK’s largest banks’ ability to manage their own failures without requiring government bailouts. The findings were encouraging, with institutions like NatWest, Nationwide and Santander UK showing no major issues in their crisis plans. HSBC, Barclays, Standard Chartered and Lloyds were found to need ‘further enhancements’ in their resolution plans insofar as how quickly they were able to provide ‘timely’ and detailed assessments of their assets. Standard Chartered was singled out for the only ‘shortcoming’ in the report, related to expectations that banks should be ready to put their restructuring plans into action.
The Bank of England’s overall expectation is that major banks continue to embed resolvability into their business practices, with the next RAF assessment expected to take place within the 2026–2027 financial year. In the meantime, the Bank of England has said it will work with the major UK firms to ensure they continue to meet its expectations, and will ask firms to undertake targeted activities ahead of the third RAF assessment. Resolvability is an ongoing obligation for major banks.
The Bank of England’s emphasis on continuous improvement could indicate that regulatory expectations on the major banks are set to increase in the coming years. Banks that do not comply with these expectations may face increased regulatory scrutiny from the Bank of England and the Prudential Regulation Authority (PRA). The ongoing scrutiny creates a legal landscape fraught with potential risks for banks, including potential legal challenges from various stakeholders, especially if a bank is perceived to be inadequately prepared for future crises.
Legal challenges for banks
Litigation risks
Banks that fail to adequately plan for crises may face claims from shareholders, customers and regulators. The 2008 financial crisis saw a wave of legal actions, particularly related to the mis-selling of financial products and mortgage-backed securities. If a bank’s resolution plan fails, leading to significant financial losses, it could be accused of negligence or breach of fiduciary duty, leading to costly litigation.
Regulatory enforcement
The PRA and other regulatory bodies are likely to take a hard line with banks that fail to meet the expectations set out in the RAF. This could result in enforcement action, including fines, sanctions and mandates to overhaul internal processes. The post-2008 era has seen numerous such actions, including the crackdown on Libor and Forex manipulation, which resulted in billions of pounds in fines for several major banks.
Customer claims
Customers could also bring claims if they suffer financial losses due to a bank’s failure to effectively manage a crisis. This could range from delayed access to funds in the event of a bank collapse to inadequate protection against fraud. The history of PPI mis-selling lawsuits, which led to billions in compensation payments, shows that customer lawsuits can have a significant financial and reputational impact on banks.
Impact on fraud
One of the more insidious risks that may arise from inadequate crisis planning is an increase in fraud, particularly authorised push payment (APP) fraud. APP fraud occurs when a customer is tricked into authorising a payment to a fraudster. The complexity and chaos that would likely accompany a bank’s financial distress could create fertile ground for such fraud to increase.
During periods of crisis, banks may be more focused on managing their immediate financial stability, potentially leading to lapses in fraud prevention. Fraudsters can often exploit these vulnerabilities, taking advantage of weakened internal controls or distracted staff. This was seen during the Covid-19 pandemic, where an increase in remote banking led to a surge in fraud cases.
Banks are under increasing pressure from regulators to improve their fraud prevention measures, especially in light of growing concerns about APP fraud. However, implementing these measures during a financial crisis could be challenging. The need for rapid system changes could inadvertently create new vulnerabilities, leading to an uptick in fraud even as banks strive to strengthen their defences.
Conclusion
The Bank of England’s 2024 assessment underscores the ongoing need for UK banks to continue working on their crisis preparedness. While much progress has been made since the 2008 financial crisis, the potential for legal challenges remains significant. Banks must not only comply with evolving regulatory expectations but also anticipate and mitigate the risks associated with fraud and customer litigation. As the financial landscape continues to evolve, proactive crisis planning and robust fraud prevention measures will be critical in navigating the legal complexities that lie ahead.