Retaliation: 53% of software engineers have suspected wrongdoing at work with ~145,000 software engineers in the UK having experienced retaliation the last time they reported it to their employers. For those who didn't report unethical behaviour, fear of retaliation from management was reported as the top reason (59%).Gagging Clauses: Investigation finds settlement agreement between Worldpay and current BT CEO, Philip Jansen, contains a gagging clause banned by the Financial Conduct Authority. The investigation also sheds new light on settlement agreement clauses used by the Post Office in the wake of the Horizon IT scandal.Flawed Oversight: Despite software delivery metrics prioritising speed, the British public and software engineers agree it's the least important factor. Instead, the public cares most about data security, data accuracy and preventing serious bugs.London & Edinburgh; 20th November 2023 - As AI continued to bring public concerns about computer systems to the forefront, earlier this year FTX's former Director of Engineering plead guilty to his role in wrongdoing at the now-defunct cryptocurrency exchange. Meanwhile, the Horizon IT Inquiry continues to investigate how faulty accounting software has been blamed for multiple suicides and what has been described as "the most widespread miscarriage of justice in UK history", with those wrongly imprisoned including a pregnant woman.
An investigation1 conducted by Dr Junade Ali CEng FIET 2 has uncovered systematic ongoing failures affecting software engineers and therefore computer systems used by broader society.
53% of software engineers surveyed by the polling firm Survation say they've suspected wrongdoing at work. Of those who speak up, 75% report facing retaliation the last time they reported wrongdoing to their employers. This amounts to ~145,000 active software engineers in the UK having experienced retaliation the last time they reported wrongdoing to their employers, more victims than there are Regular Forces in the British Army, Royal Air Force and Royal Navy combined. In instances where software engineers stayed silent, the top two reasons cited were potential retaliation from management (59%) and potential retaliation from colleagues (44%).
Some companies have also sought to bypass public interest disclosure laws by getting employees to agree to warranty clauses during severance stipulating they know of no grounds to make protected disclosures. Such protected disclosures can include matters related to criminality, failure to comply with legal obligations, miscarriages of justice, health and safety dangers, or environmental damage.
Despite these workaround clauses being banned by the Financial Conduct Authority (FCA) in 2016, the investigation has found that they continued to be used in a financial institution - as evidenced by a settlement agreement between Worldpay and current BT CEO, Philip Jansen. The agreement lists automatic unfair dismissal for making a protected disclosure as a "particular claim" settled under the agreement and in exchange for signing the agreement Mr Jansen was paid £251,282 as a severance payment, the first £30,000 of which was tax-free, in addition to a £20,000 plus VAT contribution to legal fees, £3,700 plus VAT in outplacement counselling services and £100 for agreeing to post-termination restrictions.
Commenting on the settlement agreement between Worldpay and Philip Jansen, Professor Richard Moorhead , Professor of Law and Professional Ethics at the University of Exeter, said: "If the clause is in breach of the FCA rules then this is a serious matter that I would expect them to look into, identify the senior people responsible, and take appropriate action. Any lawyers on top of their brief and involved in drafting such a clause would, I think, be expected to advise their clients that such clauses were inappropriate under FCA rules."
With engineers feeling unsafe to speak up, the investigation has also found the "industry standard" metrics frameworks used to assess software teams are flawed. Whilst Google's DORA team has continued to use metrics that prioritise speed (and volume) to measure the delivery performance of software teams, a nationally representative poll of British adults ranked "getting the latest features as quickly as possible" least important to them when using computer systems (22%). Of the 10 different dimensions measured, the public was most likely to agree "to a great extent" that data security (62%), data accuracy (55%) and ensuring there are no serious bugs (55%) mattered to them. Of 8 dimensions, software engineers were least likely to agree "to a great extent" that "delivering work quickly" was most important to their jobs (33%); instead being able to provide for their families (52%), delivering work that is highly reliable (51%) and ensuring their work kept data secure (47%) came top.
Additionally, whilst newer frameworks have focussed on the use of surveys within team settings; the investigation found, alongside the risk of retaliation for speaking up, 1 in 6 software engineers feel unable to express ideas or concerns, speak up with questions, or admit to mistakes, without fear of negative consequences. Nearly 1 in 4 software engineers said they were unable to take calculated risks without fear of negative consequences. Prior research identified in the investigation has also shown that "those with the lowest programming skill" are most likely to be most over-optimistic at evaluating software delivery performance in large projects. With 44% of those who didn't report wrongdoing attributing fear of retaliation from colleagues as a reason, the study highlights the need to ensure subjective employee feedback mechanisms are not used as a tool for retaliation.
Commenting on the entire investigation, Dr Junade Ali CEng FIET , the Principal Investigator of the study, said: "Recent developments demonstrate the fundamental importance of software engineers being free to raise the alarm when they become aware of potential wrongdoing; unfortunately our research has highlighted that software engineers are not sufficiently protected when they need to do so. From software engineers facing mass retaliation for speaking up and banned gagging clauses still being used, to ‘industry-standard' software development metrics not considering the public's risk appetite; this investigation has highlighted systematic and profound issues with society-wide impact, given how integral computers are to all our lives. Our investigation has shown a tendency for problems to be swept below the rug until they reach boiling point rather than addressed, this is neither compassionate nor honest for those involved."
In relation to the Worldpay settlement agreement, the Solicitors Regulation Authority said: "It's not clear that any solicitors were involved in this matter. The FCA as Worldpay's regulator will investigate this matter and if they felt that any solicitors were involved in drafting agreements that breach our rules, they would refer them to us through our agreed channels." … "We were made aware in 2018 that solicitors potentially could be forgetting their legal obligations when drawing up settlement agreements and were including NDAs that were not compliant with the law. That led to us putting out a warning notice in 2018 that we updated in 2020 to make sure the profession did not breach its obligations. Solicitors should uphold the rule of law and proper administration of justice, after all."
FIS who own Worldpay , Phillip Jansen and the Financial Conduct Authority did not respond to requests for comment. BT Group declined to comment. Detailed responses from Professor Richard Moorhead , the Solicitors Regulation Authority and the Post Office can be found in the report.
Ends
1 The Dark Side of Software Development - Dr Junade Ali CEng FIET served as Principal Investigator for the study. Opinion polling conducted by Survation. Survation is a member of the British Polling Council and abides by its rules. Survation is a Market Research Society (MRS) Company Partner. All UK adults polling fieldwork was done between 29th September and 8th October (1,989 nationally representative sample, providing 95% confidence the ‘true' result will fall within 2.20% of the sample result). Software Engineer polling fieldwork collected on the 25th October (n = 280, providing 95% confidence the ‘true' result will fall within 5.85% of the sample result).
2 Dr Junade Ali MSc PhD CEng FIET is a British software engineer and computer scientist. "Junade" is pronounced Jun-aid (with a hard "J") - recorded pronunciations can be found on HowToPronounce and Dr Ali's LinkedIn profile .
Note to Editors
For further information please contact the Engprax Ltd press office: Bilal Mahmood on b.mahmood@stockwoodstrategy.com or +44 (0) 20 3640 7759 and +44 (0) 771 400 7257.
Update: 9th February 2024
Via third-party sources, Engprax has become aware of information indicating that the particular FCA rule prohibiting the use of warranty clauses to work around whistleblowing legislation are limited to a particular set of firms which may not include Worldpay. Despite this, Engprax has seen evidence indicating there are no plans by the FCA to extend such whistleblowing protections to all firms that it regulates. Nevertheless, given the FCA expects all firms to comply with broader whistleblowing legislation in the UK, the settlement agreement between Worldpay and Mr Jansen may still be of interest to regulators. This is especially true given that dismissal for making a protected disclosure was a "particular claim" settled under the agreement, according to comments provided to us by Professor Moorhead the use of the warranty clause may also be a breach of Solicitors Regulation Authority (SRA) rules and the SRA have previously noted that: "Attempts to discourage or limit disclosure of evidence to criminal or civil processes can amount to perverting the course of justice." See page 22-23 of " The Dark Side of Software Development " report for details of the update.
About Engprax
Engprax is a Scottish company offering software audits, investigations and consultancy - minimising the risks associated with software whilst maximising reward, to ensure all of society sees the benefits from technology. To learn more, please visit: www.engprax.com .
