@Joe_Merriman I would need to know what the process is first. There are a plethora of things that would be considered best practice. What testing is carried out? Do they do extensive regression tests? Do they conduct peer reviews of any and all code changes, no matter how small? Is there a dedicated integrity team that controls what goes live and what doesn’t? Is there a written set of coding standards that all developers must adhere to and, if so, how detailed are those standards? How stringent is the version control? …
I’d be interested to know if this bug was introduced recently or if it’s been there for some time and only just been discovered.
Don’t get me wrong - almost all software contains bugs. I’m realistic about that. It comes down to what the ramifications are if a bug gets through into the live system. If you’re building a brochure-style website and you introduce a bug that means the layout is broken, then it’s inconvenient and looks a bit unprofessional but it’s easily fixed and the long term damage is zero. If on the other hand you’re dealing with business or safety critical systems and a bug slips through, the repercussions could be huge - financial or a danger to human life. You would dedicate the required resources commensurate with the criticality of the application and the level of risk you’re happy to take.
I used to work for a global airline and it was drummed into me from day one that if I introduced a bug to the system, it could cost the company £1,000,000 per minute. Needless to say during my time there (several years) I wasn’t aware of a single bug making its way into the live system.
I’d argue that a banking app should be subject to pretty tough standards and controls. It’s critical that payments can’t be made twice in error.