By Dina Medland in London
There is only one story here this week, because it covers so many issues of concern to good corporate governance in business at one fell swoop.
Over the last Bank Holiday weekend in Britain in May and ahead of the week’s much-anticipated half-term break, flag carrier British Airways dominated the headlines for all the wrong reasons. Its motto is: ‘To Fly. To Serve.’
It's owner, the FTSE 100 company International Airlines Group (IAG) soon saw it doing neither when it cancelled all flights from Heathrow and Gatwick on Saturday due to a major IT failure causing severe disruption to its global operations. BA then demonstrated how not to do customer service after leaving 75,000 customers stranded.
In the wake of the Manchester Attack, there was a question mark in many minds around cyber security. Had BA been hacked? No, said the airline, blaming a global computer ‘outage.’
BA Chairman and CEO (a dual role frowned upon by many, including the UK’s Corporate Governance Code) Alex Cruz said the crash affected all check-in and operational systems, adding: 'We believe the root cause was a power-supply issue and we have no evidence of any cyberattack.'
It’s a sign of the times that when a CEO of a FTSE 100 company says ‘no evidence of any cyberattack’ it is meant to be reassuring to both customers and investors. Governance Watch has previously called out the tendency by UK plc to treat cyber security as a ‘bad smell’ and has also drawn attention to the need for issues around cyber risk to be high on the agenda of every boardroom.
BA’s blaming of ‘power-supply issues’ also had some scratching their heads. According to media reports, SSE and UK Power Networks, the two electricity companies that provide energy to the area in which BA has its data centre, denied there had been a power surge.
Mr Cruz said on Monday that the surge was “so strong that it rendered the back-up system ineffective”. Yet the newspapers were full of stories quoting ‘experts’ suggesting that a power surge should not be able to bring down a data centre as well as its back-up.
Reassurance came too from Willie Walsh, CEO of IAG. But it was all beginning to look like a potentially incomplete story.
Mr Cruz waited until the third day of chaos to do his first interview, preferring to use in-house videos posted on the company website to address both passengers and the media. In an interview with the BBC on Monday, he denied that cost-cutting had anything to do with BA’s IT problems.
As media reports point out, Mr Cruz was hired by IAG last April from Vueling, its low-cost sister airline, with a mandate to make BA more cost-efficient and help it compete with budget rivals.
Mr Walsh is an ex-CEO of BA (2005-2011), and he has earned a reputation for cost-cutting. He is known as “Slasher Walsh” from his time as CEO at Irish airline Aer Lingus, where he cut 2,000 jobs.
With City airline analyst warnings that the BA IT meltdown may have exposed “fundamental” weaknesses in the way in which the business is run, we can expect to hear much more on this story.
There is another simple reason why we will: there are too many questions, as yet unanswered. What is already in the public domain will only lead to more – doubtless one for discussion in the BA boardroom. But the CEO and the Chairman can’t rely on tapping each other’s wisdom on this occasion, as they are one and the same individual: Alex Cruz.
While BA itself is unlisted – and therefore not bound by the UK Corporate Governance Code as it stands today – this episode can only add fuel to the current debate in the UK for corporate governance reform.