Already a customer?
Log a ticket
Hands holding a credit card and using laptop computer for online shopping

TSB’s Problems Can Be A Lesson To Us All

Share on facebook
Share on twitter
Share on linkedin
Share on google
Share on email

Unhappy customers is just the tip of the iceberg for the beleaguered bank.

If you ever need proof of how important IT is to a modern business, and how damaging it can be if it’s not done properly, just look at the ongoing TSB debacle.

After splitting from the Lloyds Banking Group, TSB had to rent the software it had been using, because it belonged to Lloyds. Rather than keep that going, it made the sensible decision to migrate to a new system – one that it would have total control over.

But as we now know, the migration of customer data from the old system to the new one has been an unmitigated disaster. Customers have been locked out of accounts, found money in their accounts that wasn’t theirs, been unable to pay bills or staff, have had account details seemingly vanish… the list goes on. And on and on and on.

Five days after the trouble first started, TSB’s CEO, Paul Pester, claimed that online and mobile banking were up and running. Where he got this idea from, however, is unclear, because by the next day, he was forced to admit the bank was still “on its knees”.

Unsurprisingly, unhappy customers soon began looking to do business elsewhere.

“Our mobile banking app and online banking are now up and running. Thank you for your patience and for bearing with us.”

— Paul Pester (@PaulPester) April 25, 2018

“Whilst the underlying platform is working well, it’s unacceptable that it’s taken this long to fix the problems some customers are having accessing their accounts. To begin to put things right we’ll be waiving all overdraft fees and interest charges for our customers for April.”

— Paul Pester (@PaulPester) April 26, 2018

Did TSB Miss The Signs?

A damning report on the Guardian website suggests there were plenty of warning signs, up to a year before this all happened. Quoting an anonymous insider, the report explains how a mixture of poor technical and business decisions led to the eventual crises TSB finds itself in today.

It seems Sabadell, the company that bought TSB, was warned about the high risk of its migration plans, which were seen by some as having too short a deadline and not big enough a budget. But Sabadell was not to be discouraged, and it pressed ahead with its plans, confident that it could successfully transfer TSB customers to its own Proteo software, as it had done with other customers in the past.

That, of course, proved to be hubris. While the development team behind the migration was posting photos on LinkedIn that showed them quaffing champagne and describing themselves as “champions”, their work was likely already unravelling.

TSB developers celebrating
Those who worked on the migration were clearly confident it went well. This photo from LinkedIn was later taken down.

What Lessons Can We Learn From This?

As Paul Pester et al have discovered, it’s much better to take your time and invest properly in IT solutions, rather than trying to do things quickly in order to meet some arbitrary deadline. To be fair to TSB, it did recognise there were problems before the launch of the new software, and its arrival was delayed. But clearly it didn’t do enough to rectify the problems, and its testing can’t have been robust enough either.

For TSB, and for any other business engaged in such a project, this incident should also prove how important it is to listen to experts who may be telling you things you don’t necessarily want to hear. Had TSB heeded the warnings about the riskiness of this endeavour, it wouldn’t now be dealing with millions of unhappy customers and a PR nightmare.

And TSB’s problems don’t end there. Not only will the Financial Conduct Authority be investigating this technological meltdown, the Information Commissioner’s Office will likely get involved too, and significant fines may well follow. So even when TSB does finally manage to fix its IT systems and get its customers back online, its troubles will be far from over.

Every month, we send out a newsletter, summarising our blog content and informing you of important announcements. If you’d like to receive it, please head to

One Comment

  • Our charity had unauthorised payments taken from its account in March so for how long have TSB had security problems?


Leave a Comment

Your email address will not be published. Required fields are marked *


TMB Privacy Policy

Why do we hold personal data?

Like any business, TMB Group has to keep personal data about staff, clients and potential customers. When you fill in the contact form on our website, for example, we need to keep a record so we can get back to you. Data is also held so we can deliver our services and so we can provide useful information, such as security update news.

What data do we keep?
Depending on our relationship with you, we’ll hold information such as your first and last names, your email address, your phone number and your postal address. We will also possibly have details about your business and those who work for you. If you’re a customer, then we may have some of your banking detail so we’re able to accept payments for the services we provide.

How is your data stored?

As a responsible IT company, TMB stores personal data on secured computer systems. Anything that is archived will be placed on encrypted drives.

We do use third-party customer management software, Autotask, which means data may be stored on their servers, but only the data we need to deliver our services. The same goes for the Microsoft services we use, such as Word, Excel and PowerPoint, which store information on Microsoft’s cloud servers. We also use Mailchimp for marketing purposes: to send emails and to manage subscriber lists.

These third parties are not permitted to share your data or to use it for marketing purposes. You can find Autotask’s privacy policy here: Microsoft’s privacy policy for Office 365 is here: Mailchimp’s policy is here:

How long do we keep your data?

We will keep your data in our systems until it is no longer relevant to our business, but you can request that we remove or update it at any time. We will also inform any relevant third parties of your request.

Access to your information

The key thing to remember is that your data belongs to you. That means you can request copies of your personal data any time you like, or to access and update it. You also have the right to be forgotten, so if you ask that we delete your data, we will do so or provide a valid reason why we are unable to. We will, of course, require proof of your identity before addressing any such request.

Depending on your request, your information may be provided to you electronically. In such cases, it will be provided in a commonly used format.

Unsubscribing and deletion

Unsubscribing is not the same as a request for us to delete personal data. If, for example, you unsubscribe from a mailing list, it is necessary to keep your email address on record to prevent marketing email from being sent to you. If we were to delete that information, we would have no way to tell if you have unsubscribed. Nevertheless, you still have the right to request erasure of your personal data.

Your right to complain

If, for any reason, you are unhappy with the way your personal data is treated by us, you have the right to complain to a supervisory authority. In the UK, that would be the Information Commissioner’s Office (ICO).

Website analytics

Anyone who visits our website will automatically have data about them collected via Google Analytics. This gives us broad information about what people are doing on our website and which pages they are looking at. It does not provide us with personal information that could be used to identify individuals.


Cookies are small text files that web browsers receive from websites. They are stored on your computer, and they enable sites to do things like remember if you’ve visited before, if you’re a customer, what your preferences are and so on. You are entitled to view our website without them, but you may lose this kind of functionality if you do so.

International data transfers

Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this privacy policy.

Data controllers and processors

TMB is the controller for marketing activity and personal data/special category data we hold on our own employees, but we are the processor when processing our customers’ personal data (e.g. buying a licence for a named individual).  We  may use sub-processors for processing data given to us by customers.

What we won’t ever do is sell your data. And if you sign up to our mailing list, you’ll only receive marketing material from TMB as a result – no one else.

For any questions regarding your data, contact TMB’s technical director, Richard Shuker, at or write to us at A1 Endeavour Business Park, Penner Road, Havant, Hampshire, PO9 1QN..