Malfeasance can be a source of technical debt

Last updated on April 29th, 2018 at 06:36 am

Although creating and deploying policies to manage technical debt is a necessary step, it isn’t sufficient for achieving control in every case. Even if training and communication programs are effective, the possibility of intentional circumvention of technical debt management policy remains. Malfeasance can lead to incurring new technical debt by circumventing any policy. And malfeasance can be an obstacle to retiring—or even identifying—existing technical debt. Moreover, indirect effects of forms of malfeasance seemingly unrelated to technical debt can nevertheless incur technical debt or extend the lifetime of existing technical debt.

Examples of malfeasance as a source of technical debt

Elizabeth Holmes Backstage at TechCrunch Disrupt San Francisco 2014
Elizabeth Holmes Backstage at TechCrunch Disrupt San Francisco 2014. She is the founder, chairman, and CEO of Theranos, a startup that grew to a total valuation of $9 billion in 2015, and has since dramatically declined in value, now on the edge of its second bankruptcy. Theranos, through Holmes, claimed to have developed a technology that enabled blood testing with small amounts of blood—0.1% to 1% of the amount of blood required by conventional blood testing technologies. These claims proved false. After a series of collisions with U.S. government agencies, the U.S. Securities and Exchange Commission sued Holmes and Theranos. In March 2018, a settlement was reached in which Holmes accepted severe financial penalties, loss of voting control of Theranos, and a ban from serving as an officer or director of any public company for ten years. Photo (cc) Max Morse for TechCrunch.

Consider an example from software engineering. To save time, an engineer might intentionally choose to use a deprecated approach. When the malfeasance is discovered, one question naturally arises: in what other places and on what other projects has this individual (or other individuals) been making such choices? In a conventional approach to controlling this form of technical debt, we might be concerned only with the engineer’s current assignment. But a more comprehensive investigation might uncover a trail of technical debt artifacts in the engineer’s previous assignments.

Allman relates a hardware-oriented example [Allman 2012]. He describes an incident involving the University of California at Berkeley’s CalMail system, which failed catastrophically in November 2011, when one disk in a RAID (Redundant Array of Inexpensive Disks) failed due to deferred maintenance. Allman regards this incident as traceable to the technical debt consisting of the deferred RAID maintenance. While this particular case isn’t an example of malfeasance, it’s reasonable to suppose that decisions to defer technical maintenance on complex systems frequently are arguably negligent.

History provides us with many clear examples of malfeasance leading to technical debt indirectly. Consider the Brooklyn Bridge. Many of the suspension cables of the bridge contain substandard steel wire, which was provided to the bridge constructors by an unscrupulous manufacturer. When the bridge engineer discovered the malfeasance, he recognized that the faulty wire that had already been installed could not be removed, or even inspected. So he compensated for the faulty wire by adding additional strands to the affected cables. For more, see “Non-technical precursors of non-strategic technical debt.”

What kinds of malfeasance deserve special attention and why

Malfeasance that leads to incurring technical debt or which extends the life of existing technical debt has the potential to expose the enterprise to uncontrolled increases in operating expenses and unknown obstacles to revenue generation. The upward pressures on operating expenses derive from the MICs associated with technical debt. Although MICs can include obstacles to revenue generation, considering these obstacles separately helps to clarify of the effects of malfeasance.

Malfeasance deserves special attention because the financial harm to the enterprise can dramatically exceed the financial benefit the malfeasance confers on its perpetrators. This property of technical-debt-related malfeasance is what makes its correction, detection, and prevention so important.

For example, when hiring engineers, some candidates claim to have capabilities and experience that they actually don’t have. Once they’re on board, they expose the enterprise to the risk of technical debt creation through substandard work that can escape notice for indefinite periods. The malfeasance here consists of the candidate’s misrepresentation of his or her capabilities. Although the candidate, once hired, does receive some benefit arising from the malfeasance, the harm to the enterprise can exceed that benefit by orders of magnitude.

As a second example, consider the behavior of organizational psychopaths [Babiak 2007] [Morse 2004]. Organizational psychopathy can be a dominant contributing factor to technical debt formation when the primary beneficiary of a proposed strategy is the decision-maker or the advocate who takes credit for the short term effects of the decision, and when he or she intends knowingly to move on to a new position or to employment elsewhere before the true long term cost of the technical debt becomes evident. This behavior is malfeasance of the highest order. And although it’s rare, its impact can be severe. For more, see “Organizational psychopathy: career advancement by surfing the debt tsunami.”

What’s required to control malfeasance

When a particular kind of malfeasance can incur technical debt or extend the life of existing technical debt, it merits special attention. Examples like those above suggest three attributes that technical debt management programs must have if they are to deal effectively with malfeasance.

Corrective measures

Corrective measures can be undertaken in a straightforward manner when inadvertent policy violations occur. For example, unexpected difficulties in setting priorities for technical debt retirement efforts might be the result of individual performance metrics that conflict with the technical debt control program. Such conflicts can be inadvertent and can be resolved collaboratively.

But with regard to malfeasance, difficulties arise when policy violations are discovered or reported. When the violations are intentional, corrective action usually entails investigation of the means by which the infraction was achieved, and the means by which it was concealed. When these activities involve many individuals attached to multiple business units, some means of allocating the cost of corrective action might be needed. Allocating the cost of corrections can also be difficult when one party has reaped extraordinary benefits by taking steps that led to incurring significant technical debt. In some cases, corrective measures might include punitive actions directed at individuals.

Detection measures

When intentional violations are covert, or those who committed the violations claim that they’re unintentional, investigation is necessary to determine whether or not a pattern of violations exists. Technical debt forensic activities require resources, including rigorous audits and robust record-keeping regarding the decisions that led to the formation or persistence of technical debt. Automated detection techniques might be necessary to control the cost of detection efforts, and to ensure reliable detection.

Preventative measures

Successful prevention of policy violations requires education, communication, and effective enforcement. The basis of effective policy violation prevention programs includes widespread understanding of the technical debt concept and the technical debt management policies, and the certainty of discovery of intentional infractions. These factors require commitment and continuing investment.

Policy frameworks are at risk of depressed effectiveness if they pay too little attention to malfeasance and other forms of misconduct. Such misbehavior deserves special attention because it’s often accompanied both by attempts to conceal any resulting technical debt, and attempts to mislead investigators and managers about its existence. These situations do arise, though rarely, and when they do, they must be addressed in policy terms.


[Allman 2012] Eric Allman. “Managing Technical Debt: Shortcuts that save money and time today can cost you down the road,” ACM Queue, vol 10 issue 3, March 23, 2012.

Available: here; Retrieved: March 16, 2017

Cited in:

[Babiak 2007] Paul Babiak and Robert D. Hare. Snakes in Suits: When Psychopaths Go to Work. New York: HarperCollins, 2007. ISBN:978-0-06-114789-0

Order from Amazon

Cited in:

[Morse 2004] Gardiner Morse. “Executive psychopaths,” Harvard Business Review, 82:10, 20-22, 2004.

Available: here; Retrieved: April 25, 2018

Cited in:

Other posts in this thread

Leave a Reply

Your email address will not be published. Required fields are marked *