Ian Stuart, CEO of HSBC UK, told the Commons Treasury Committee that cyber-security is his top concern, admitting that the threat of cyber attacks "keeps me awake at night." Speaking alongside other major UK bank leaders, Stuart highlighted the relentless nature of cyber threats, noting that HSBC and other institutions face constant attacks. This focus on cyber-security comes as the banking sector grapples with increasing digital vulnerabilities, making it a critical issue for the industry.

Over the past two years, nine major UK banks and building societies, including HSBC, Lloyds, TSB, and Nationwide, have collectively endured over 800 hours of tech outages—equivalent to roughly 33 days. A notable incident in February 2025 saw four high street banks suffer outages, impacting over 1.2 million retail banking customers. Beyond banking, a recent cyber attack also crippled UK high street retailers, with Marks & Spencer reportedly losing £43m daily in sales as it struggled to recover, underscoring the broader economic risks of such disruptions.

To combat these threats, Stuart emphasized the massive investments banks are making in IT security, describing the sums as "enormous." The nine banks represented at the Committee hearing—Barclays, Lloyds, Nationwide, Santander, NatWest, Danske Bank, Bank of Ireland, Allied Irish Bank, and HSBC—reported 158 IT failures between January 2023 and February 2025. Stuart stressed that robust defense mechanisms are "absolutely critical" to protect against the growing sophistication and frequency of cyber attacks targeting the financial sector.