Please see a bulletin from Openreach below:
Openreach Board Audit Risk & Compliance Committee (OBARCC) bulletin September 2021
The OBARCC is the Openreach Board committee responsible for monitoring Openreach’s regulatory compliance. This is our tenth bulletin, reporting on our meeting in July 2021.
The Commitments Monitoring Office (CMO) supports the OBARCC. Communications Providers (CPs) who have queries or concerns about the Commitments are welcome to raise them with the CMO – either informally or as formal complaints. Details of how to contact the CMO, including guidelines for raising formal complaints, are available on the OBARCC page on the Openreach CP portal.
Headlines
The key headlines since our last bulletin are as follows:
- On 8 July we published our annual Commitments compliance report which can be found here.
- At our July meeting, CityFibre was the latest CP to take up our standing invitation to present to one of our meetings.
- The CMO updated us on its ongoing monitoring of key compliance risks.
- Openreach reported one trivial breach and two trivial non-conformances to policy.
Report on the July 2021 OBARCC meeting
CityFibre presentation
Simon Holden, COO, and Polly Weitzman, Senior General Counsel, presented to us on their views on Openreach as a customer, collaborator and competitor. We welcomed their openness, and emphasised the importance we place on our role as an independent monitor of Commitments compliance, and that we have a publicly available complaints process for any Commitments compliance concerns.
Commitments compliance
At our July 2021 meeting we noted the following:
- Following the publication of the OBARCC’s annual Commitments compliance report for 2021, OBARCC members will be attending the OTA Executive meeting on 30 September to discuss the report.
- The CMO Director is continuing to monitor closely Commitments Risk 1 (Sustaining Openreach’s greater independence of strategic decision making) in light of recent BT shareholder developments, and Commitments Risk 5 (Erosion of Commitments culture and behaviours) in light of recent and planned leadership changes in BT.
- The OBARCC is continuing to monitor three areas on the dashboard: product performance KPIs, risk of erosion of compliant culture and behaviours, and systems separation, which relates mainly to user access controls for the new BT finance and accounting system.
Breaches and complaints
At our July meeting one trivial breach and two trivial non-conformances to policy were reported.
The trivial breach resulted from BT people having access to the administrative rights of an Openreach system which could be used to configure end-customer broadband speeds. The OBARCC considered this to be a trivial breach as, although access had not been controlled correctly, the configuration facility had not been accessed by the BT employees. User access for the BT people has subsequently been removed.
The first trivial non-conformance arose when an automated application incorrectly sent an email to a previous Openreach employee who had moved to BT Global Services. The second trivial non-conformance arose when an Openreach employee sent an email to the incorrect recipient in BT Enterprise. In both cases, the information contained in the emails was not confidential or commercially sensitive.
No new formal or informal complaints were received by the CMO during the first quarter.
BTCC bulletin
Our colleagues in BT have asked us to mention that they too publish a bulletin following each BTCC meeting.
Next OBARCC meeting
Our next quarterly meeting is scheduled for October 2021.
If you have any comments on the bulletin or our annual report, or would like to be added to our contact list for future publications, please contact us using the following email address: [email protected].