Openreach Board Audit Risk & Compliance Committee (OBARCC) bulletin September 2021

Please see a bulletin from Openreach below:

Openreach Board Audit Risk & Compliance Committee (OBARCC) bulletin September 2021

The OBARCC is the Openreach Board committee responsible for monitoring Openreach’s regulatory compliance.  This is our tenth bulletin, reporting on our meeting in July 2021.

The Commitments Monitoring Office (CMO) supports the OBARCC.  Communications Providers (CPs) who have queries or concerns about the Commitments are welcome to raise them with the CMO – either informally or as formal complaints.  Details of how to contact the CMO, including guidelines for raising formal complaints, are available on the OBARCC page on the Openreach CP portal.


The key headlines since our last bulletin are as follows:

  • On 8 July we published our annual Commitments compliance report which can be found here.
  • At our July meeting, CityFibre was the latest CP to take up our standing invitation to present to one of our meetings.
  • The CMO updated us on its ongoing monitoring of key compliance risks.
  • Openreach reported one trivial breach and two trivial non-conformances to policy.

Report on the July 2021 OBARCC meeting

CityFibre presentation

Simon Holden, COO, and Polly Weitzman, Senior General Counsel, presented to us on their views on Openreach as a customer, collaborator and competitor. We welcomed their openness, and emphasised the importance we place on our role as an independent monitor of Commitments compliance, and that we have a publicly available complaints process for any Commitments compliance concerns.

Commitments compliance

At our July 2021 meeting we noted the following:

  • Following the publication of the OBARCC’s annual Commitments compliance report for 2021, OBARCC members will be attending the OTA Executive meeting on 30 September to discuss the report.
  • The CMO Director is continuing to monitor closely Commitments Risk 1 (Sustaining Openreach’s greater independence of strategic decision making) in light of recent BT shareholder developments, and Commitments Risk 5 (Erosion of Commitments culture and behaviours) in light of recent and planned leadership changes in BT.
  • The OBARCC is continuing to monitor three areas on the dashboard: product performance KPIs, risk of erosion of compliant culture and behaviours, and systems separation, which relates mainly to user access controls for the new BT finance and accounting system.

Breaches and complaints

At our July meeting one trivial breach and two trivial non-conformances to policy were reported.

The trivial breach resulted from BT people having access to the administrative rights of an Openreach system which could be used to configure end-customer broadband speeds. The OBARCC considered this to be a trivial breach as, although access had not been controlled correctly, the configuration facility had not been accessed by the BT employees.  User access for the BT people has subsequently been removed.

The first trivial non-conformance arose when an automated application incorrectly sent an email to a previous Openreach employee who had moved to BT Global Services.  The second trivial non-conformance arose when an Openreach employee sent an email to the incorrect recipient in BT Enterprise.  In both cases, the information contained in the emails was not confidential or commercially sensitive.

No new formal or informal complaints were received by the CMO during the first quarter.

BTCC bulletin

Our colleagues in BT have asked us to mention that they too publish a bulletin following each BTCC meeting.

Next OBARCC meeting

Our next quarterly meeting is scheduled for October 2021.

If you have any comments on the bulletin or our annual report, or would like to be added to our contact list for future publications, please contact us using the following email address: [email protected].

Related News

Become an FCS Member