Home Banking ECB blames Target2 outage on third-party vendor – FinTech Futures

ECB blames Target2 outage on third-party vendor – FinTech Futures

27
0

Target2, the system used by central and commercial banks to process large-value euro payments, went down on 23 October.

The failure lasted for several hours, affecting all its payment transactions. It even reached Target2’s backup and contingency systems.

Payments were out of action for around eight hours on Friday from 14:40 CET. It came back online at 22:30 CET, after the failover completed and settlement services were restarted.

The ECB has not commented on the why its failover and contingency systems did not prevent the outage

Passing the buck

The European Central Bank (ECB) has revealed the outage was down to a “third-party network device” in the internal network of Europe’s national central banks.

“The root cause has been found in a software defect of a third-party network device used in the internal network of the central banks operating the Target2 service on behalf of the Eurosystem,” the bank said on 28 October.

“The Eurosystem has taken measures to prevent this from happening in the future and will discuss it with the vendor.”

The ECB had already ruled out a cyber attack as the potential cause.

Target2 and T2S opened and closed normally on the two business days following the downtime – the 26 and 27 October.

Commercial banks have resumed normal business operations according to the ECB. Only a small number of reconciliation investigations are still ongoing.

The test environments for both Target2 and T2S are now available.

The ECB has not commented on the why its failover and contingency systems did not prevent the outage from happening.

The outage

From around 14:40 CET on 23 October, no payment, ancillary system instructions or liquidity transfers from or to Target instant payment settlement (TIPS) and Target2-Securities (T2S), could be processed.

The Information and Control Module (ICM) was also unavailable during this time. The ICM gives banks access to information such as account balances or transactions.

It also allows the central banks’ national service desks to broadcast messages to their commercial banking communities.

A status update posted on 25 October – two days after the incident – the ECB states that “due to an internal issue affecting the Target2 infrastructure, all settlement services became unavailable from approximately 14:40 CET.”

Because backup systems failed to kick in, the central bank had to move the production site from one region another before normal operations could be resumed.

The processing window the day of the outage didn’t close until 03:00 am Saturday morning. And according to finanzSzene.de, there were reports that of delays to SEPA instant payments as late as Monday morning – a whole three days after the incident.

Read next: Sibos 2020: CBDCs must compensate for Big Tech failures