Impact of Recent Software Update Outage on Financial Institutions and Lessons Learnt

4 Mr Ang Wei Neng asked the Prime Minister and Minister for Finance (a) how many financial institutions in Singapore were affected by the recent outage on 19 July 2024 that was caused by a software update; (b) how were the account holders of the respective financial institutions affected by the outage; (c) how long did the financial institutions take to restore their operations back to normalcy; and (d) what are the lessons learnt from the said outage.

Mr Gan Kim Yong (for the Prime Minister): On 19 July, a faulty security update from a major cyber security vendor resulted in a global disruption of numerous organisations' IT systems and operations. Major financial institutions (FIs) in Singapore reported limited or no impact to their critical systems and customer-facing operations. A few FIs experienced disruptions to some of their IT systems meant for internal staff.

The Singapore Exchange experienced a temporary disruption to its post-trade services on the Central Depository, resulting in a limited number of trades being rolled over for settlement on the next business day. However, all other trading and clearing services continued to operate normally.

Among the affected FIs, operations proceeded normally by the next business day on Monday, 22 July.

The incident highlights the importance of having FIs implement robust processes and controls to identify and manage risks, including those arising from the reliance on third parties. It also underscores the need for FIs to build capabilities to recover systems and operations quickly in the event of a disruption as this will minimise the impact on customers. The Monetary Authority of Singapore expects these of all FIs and will continue to work with FIs to strengthen their operational resilience.