BankBoston, the 16th largest US bank, is generally regarded as the most advanced of all large banks in its y2k repair. It began in 1995.
In his testimony, David Iacino, the director of BankBoston's y2k project, warned that other banks are far behind. This constitutes a threat to the banking system, he says.
Notice his emphasis on vendor-supplied software: 50% of his bank's software. This software must be compliant, yet no bank is in charge of the renovation of vendor softeware.
International banking threatens the US system.
He warned that bank regulators need to develop contingrency plans. This means that, as of February, 1998, there weren't any.
This testimony was presented to the Senate Banking, Housing and Urban Affairs Committee (Feb. 17).
* * * * * *
Senator Dodd and members of the committee, my name is David Iacino and I am the Senior Manager of the Millennium Project at BankBoston. I am pleased to have this opportunity to present my views on the magnitude of the Year 2000 problem, the associated business risks, and the adequacy of remediation and risk management efforts being undertaken by the financial services industry.
Let me first tell you a little about who we are. We are a New England based Superregional Bank holding company with $69 billion in assets, ranked number 16 in the United States with 475 branches and 275 offices located in 24 countries and 67 of those branches are here in Connecticut. We offer a complete range of financial products and services both domestically and internationally.
The Year 2000 computer problem is pervasive and is global in scope. It affects not only the financial services industry, but all industries. Each business is itself both a customer and a supplier in the food chain of international commerce. Each industry is simultaneously competing for available human resources to complete its remediation processes against a fixed deadline in order to mitigate its Year 2000 risks. The millennium challenge is a significant project management challenge that requires institutionally focused attention as well as addressing dependencies on its suppliers that are facing the very same challenge. These are the parameters that make the millennium challenge unique,
Financial institutions are extremely dependent on one another as well as common service providers for the interchange of electronic commerce. The national payment system is dependent upon automation to clear checks principally through the Federal Reserve System. The Automated Clearing Houses represent the primary means of processing preauthorized payments enabling automated payroll deposits to the consumer's Bank of choice in addition to processing standing orders for repetitive payments such as insurance premiums, automobile payments, and investments. The retail consumer is dependent on the use of credit and debit card conveniences offered internationally through suppliers such as VISA, MASTERCARD, and AMERICAN EXPRESS which have extensive electronic networks linking a transaction from its point of sale to the consumer's financial institution. The Corporate customer, heavily dependent on Electronic Data Interchange (EDI), Wire Transfers, and Letters of Credit, uses the nation's financial institutions as their financial intermediaries. The increasing globalization of the business enterprise radiates these dependencies beyond our borders to include financial institutions worldwide. It should be clear from these examples that there are significant risks associated with such tightly woven interdependencies. . . .
Millennium Project in the Spring of 1995. The initial assessment of our systems inventory revealed that roughly fifty percent of our software is supplied to us by external Vendors, and that this Vendor supplied software is usually customized to meet the unique needs of our institution. This heavy reliance on external Vendor software, which is common within the financial services industry, represents the single biggest risk in being able to meet the millennium challenge since the timely delivery of this millennium compliant software is outside of each bank's control. . . .
Knowing that all financial institutions must address the very same issues that we have faced with much less time remaining, I am concerned with the general preparedness of the rest of the financial services industry domestically and, more so, internationally. In my discussions with other banks, customers, and service suppliers, I feel that unless comparable programs to BankBoston's are put in place within the next few months, the effect will adversely impact even those that are adequately prepared. . . .
The majority of the critical work, however, lies ahead. As I mentioned earlier, there is an enormous interdependency among all financial institutions on the viability of the payments system. All must be prepared for the millennium. All common financial services providers must be prepared. All systems and application vendors must be prepared. All suppliers and customers must be prepared. And then we must all test the interdependencies we share well before the year 2000 to ensure stability of the system not only domestically but globally. . . .
As each financial institution must mitigate risk through rigorous contingency planning, our Regulators must develop contingency plans to assure stability of the Banking system internationally as well as domestically. We have a collective fiduciary responsibility to our customers and must continue to relax the roles of the Regulator and the Regulated by working together to ensure the safety and soundness of this nation's banking system.
This concludes my testimony. Thank you.