Nigel's Eyes

20210707 Why compliance fails – another example.

Do you remember that Westpac found itself in trouble because, essentially, someone didn’t make sure that something was turned on properly?

It demonstrates the problems with piecemeal approaches to risk and compliance, indeed to management generally.

Too many companies don’t have someone who takes a holistic view of an entire system.

An example arrived in my mailbox. It’s from the BBC which seems to have lost the plot over so many forms of management.

The BBC sent the e-mail from the address

with the following line “Please do not reply to this email as it is from an unmonitored mailbox. If you wish to contact a member of the BBC Global minds team please visit the contact page here:

So I visited that web page. It says

“Contact us
If you have a question or experience a technical problem, please email us at

The BBC will say “oh, but we didn’t do it. It was a contractor” and it will pass the buck to
“Maru/Matchbox, The HUB, Berrywood Business Village, Tollbar Way, Hedge End, Hampshire, SO302UN”

and, of course, if they do entirely manage the service, they must take a share of the blame, as must all outsourcing services when things go wrong.

But outsourcing doesn’t mean that responsibility for errors passes entirely. Contractors and sub-contractors should be monitored.

In the financial sector, we have long said that a company can outsource function but not responsibility.

So here we have two organisations that should have spotted this mistake.

Yet, apparently, no one has.

Perhaps they will notice now it’s public.