NO INDUSTRY spends more on information technology (IT) than financial services: about $500 billion globally, more than a fifth of the total (see chart). Many of the world's computers, networking and storage systems live in the huge data centres run by banks. “Banks are essentially technology firms,” says Hugo Banziger, chief risk officer at Deutsche Bank. Yet the role of IT in the crisis is barely discussed.

It should be. Corporate IT systems—collections of computers, applications and databases—always tend to be messy, but those of banks are particularly bad. They were the first to adopt computers: decades-old mainframes are still in use. Lots of product innovation means new systems, as does merger activity, which has proliferated in the industry in recent years: Citigroup had a notoriously fragmented IT set-up going into the crisis. The need to comply with regulations, and the global presence of big banks, adds complexity.

The demands of financial markets make matters worse. Hedging positions, trading derivatives and modelling financial products all require highly sophisticated programs that are only really suited to specific asset classes. The code for new financial products has to be developed quickly. Innovation often takes place on Excel spreadsheets on traders' desktops. “The big task of management is to manage down the number of spreadsheets,” says one risk chief, whose bank creates 1,000 product variations a year.

As a result, many banks have huge problems with data quality. The same types of asset are often defined differently in different programs. Numbers do not always add up. Managers from different departments do not trust each other's figures. Finding one's way through all these systems is detective work, says a former IT manager at a big British bank. “And sometimes the trail would go cold.”

This fragmented IT landscape made it exceedingly difficult to track a bank's overall risk exposure before and during the crisis. Mainly as a result of the Basel 2 capital accords, many banks had put in new systems to calculate their aggregate exposure. Royal Bank of Scotland (RBS) spent more than $100m to comply with Basel 2. But in most cases the aggregate risk was only calculated once a day and some figures were not worth the pixels they were made of.

During the turmoil many banks had to carry out big fact-finding missions to see where they stood. “Answering such questions as ‘What is my exposure to this counterparty?' should take minutes. But it often took hours, if not days,” says Peyman Mestchian, managing partner at Chartis Research, an advisory firm. Insiders at Lehman Brothers say its European arm lacked an integrated picture of its risk position in the days running up to its demise.

Whether the financial industry would have hit the brakes if it had had digital dashboards showing banks' overall exposures in real time is a moot point. Some managers might not have even looked. And better IT would have done little to counteract the bigger forces behind the crisis, such as global economic imbalances.

Illustration by S. Kambayashi

Yet most in the industry agree that its woeful IT systems have, in Mr Banziger's words, “exacerbated the crisis”. The industry spent billions on being able to trade faster and make more money, but not nearly enough on creating the necessary transparency. “Banks had lots of tools to create leverage, but not many to manage risk,” says Roger Portnoy of Daylight Venture Partners, a venture-capital firm that invests in risk-management start-ups.

Technology may have contributed to the crisis in other ways. IT systems have led to a “deskilling of the risk process”, says Steve O'Sullivan of Accenture, a consultancy. At one end of the credit chain, bank employees were not given the proper incentives to review on-screen loan-application forms (a big British bank once had a surprising number of “astronauts” applying for loans because the job description was the first choice on a pull-down menu, says a former employee). At the other end, computer-generated risk numbers gave executives a false sense of security.

Others think that IT has played an even more fundamental role in the crisis. Because things are so interconnected, largely thanks to technology, a problem in one part of the system can quickly lead to problems elsewhere. The global financial markets have evolved over the years into an inherently unstable network, says Till Guldimann, a strategist at SunGard, a software and IT services firm. The rapid unwinding of positions by ultra-fast quantitative-trading programs at the start of the credit crunch in August 2007 is one example of this cascading effect.

Have chastened bankers learned their lesson? Some are now spending a lot of money on building integrated systems of the kind that a few banks, such as Deutsche, JPMorgan Chase and Goldman Sachs, had in place before the crisis. Deutsche does not dump all its trading information into what is called a “data warehouse” and then painstakingly sift through it when need arises. Instead, the firm has developed a system of “feeds” that give it access to information in almost real-time.

But many other banks are still in firefighting mode, says Mr Mestchian. Much of the money invested in IT still goes into making things faster rather than more transparent. And there is a question-mark over whether the biggest banks will ever really be able to get their systems in order. Many banks have become too complex to be managed properly, says Glenn Woodcock, a director at Andromeda Capital Management and a former head of credit-risk infrastructure at RBS. IT alone cannot fix that problem for them.