HSBC Digital Banking Outage: When a Global Bank's App Goes Silent

The G-SIB Resilience Challenge

HSBC's outage exposed structural challenges that G-SIBs face in maintaining operational resilience.

Architectural Complexity

HSBC's technology spans multiple decades of investment and acquisitions. Core banking systems in some markets run on mainframe infrastructure from the 1980s. Digital platforms interface through complex middleware layers. This heterogeneity means a failure in middleware can cascade into digital service outages affecting millions.

Multi-Market Coordination

HSBC operates semi-autonomous technology organizations in each major market. Coordinating incident response across multiple market technology teams in different time zones creates organizational friction that delays resolution.

Customer Impact at Scale

With 40 million customers globally, even a brief outage generates massive impact: millions of failed logins, hundreds of thousands of failed transactions, and overwhelming customer service demand.

Regulatory Multi-Jurisdiction

A G-SIB outage triggers regulatory engagement in every affected jurisdiction simultaneously. HSBC must manage communications with PRA/FCA (UK), HKMA (Hong Kong), OCC/Fed (US), and EU NCAs — creating multi-jurisdictional reporting burden during an already stressful incident.

A Global Bank's Digital Channel Fails

In August 2025, HSBC — one of the world's largest banking groups serving approximately 40 million customers across 60+ countries — experienced a significant outage affecting its digital banking services. Multiple reports confirmed that customers across several markets found themselves unable to access mobile and online banking.

HSBC's technology infrastructure reflects the complexity of a global bank: legacy systems inherited from decades of growth and acquisitions combined with modern digital platforms. The bank operates separate technology stacks for different markets while maintaining centralized infrastructure for global functions.

The outage demonstrated that even the most resource-rich institutions with the largest technology budgets are not immune to digital service failures. HSBC's technology investment exceeds most banks globally, yet its digital channels still experienced availability failures affecting millions of customers.

For DORA compliance, the HSBC outage illustrates the scalability challenge of operational resilience. A G-SIB operates at a scale and complexity that makes resilience qualitatively more difficult. The attack surface is larger, the dependency chain deeper, and the customer impact amplified by global reach.

DORA at G-SIB Scale

Art. 5-6 — ICT Risk Management Across Global Estates

For a G-SIB, "comprehensive" risk management means spanning multiple technology generations, market implementations, and hundreds of thousands of assets. Maintaining an accurate ICT asset inventory at this scale is a continuously evolving challenge.

Art. 17-19 — Incident Management at Scale

Incident management must coordinate across multiple markets and time zones. Classification under Art. 19 must consider cumulative impact across all affected markets. A globally-impacting outage must be classified and reported under DORA even if the root cause is in a non-EU system.

Art. 11 — Business Continuity for Complex Architectures

The interaction between legacy systems, middleware, and multi-market infrastructure creates failure modes difficult to anticipate. Annual testing may be insufficient — continuous monitoring of critical dependency chains may be necessary.

Art. 24 — Testing at Scale

The global technology estate is too large to test comprehensively in a single exercise. Testing must be continuous, risk-prioritized, and scenario-driven.

Lessons for G-SIB Operational Resilience

Scale Is Not a Shield

Massive technology investment does not guarantee resilience. Architectural complexity creates failure modes that investment alone cannot eliminate. Resilience requires architectural simplification, organizational clarity, and continuous testing.

The Middleware Risk

For G-SIBs, the middleware layer connecting legacy and modern systems is often the weakest link. DORA Art. 5-6 should explicitly identify middleware as critical ICT risk.

Multi-Jurisdictional Incident Management

Pre-configured templates and communication channels for each jurisdiction enable rapid regulatory notification when DORA Art. 19 timelines are activated in multiple EU member states simultaneously.

Continuous vs. Periodic Testing

Annual testing may be insufficient for the most complex G-SIB architectures. Continuous monitoring, automated failover testing, and chaos engineering may be necessary.

Customer Communication at Scale

Pre-drafted communications, automated status updates, and social media protocols must be prepared before they are needed.