Helen Bird, Swinburne University of Technology
Asked today whether Optus’s chief executive should be considering his future after the “completely unacceptable” Triple Zero outage, Prime Minister Anthony Albanese told the ABC “I would be surprised if that wasn’t occurring.” Communications Minister Anika Wells has also vowed “Optus will be held to account”.
What does holding Optus “to account” mean, when we still have no clear picture of who’s responsible within the company for stopping things going wrong? Given another chief executive was already appointed since Optus’s 2023 network outage, what difference would yet another replacement make?
Rather than focus on one person, the real question is what can be done to fix the systems beneath them – especially when it comes to delivering faster, more transparent disclosure when things go wrong.
History repeating at Optus
Optus’s 2023 and 2025 failures are strikingly similar. Both were technology-related. Both occurred during routine maintenance or updates. Both resulted in system-wide outages. And in both cases, Optus was far too slow to let the public and responsible authorities know about the outages.
Last Friday, Optus belatedly revealed 600 customers were unable to call 000 for emergency help for half a day – then it was more than a day before Optus publicly revealed it had even happened. It affected people in four states and territories, with at least three deaths during the outage now being investigated.
Emergency call failures create serious regulatory, legal, reputation and customer risks for Optus. However, when it comes to understanding how Optus manages those risks, we’re confronted with a black hole.
Immediately after the November 2023 outage, I wrote about the lack of transparency about how Optus is run. As a private company, it has no legal obligation to publicly disclose its risk management and governance arrangements.
When the then Optus chief executive Kelly Bayer Rosmarin resigned five days later, on November 20 2023, I wrote this was no guarantee of change – because the real decisions at Optus were made by its parent company, Singtel, based in Singapore.
Optus never revealed what its 2023 inquiry found
Optus never published the results of its own investigations of its November 2023 Triple Zero outage.
The Australian Communications and Media Authority (ACMA) later fined Optus A$12 million for breaching national Emergency Call Rules.
Today, ACMA said it had started an investigation into last week’s outage. Its findings will be made public.
In May 2024, Optus announced the appointment of industry heavyweight Stephen Rue as its new chief executive, under what it called a “new governance model” (although how it differed from the previous model wasn’t made fully clear).
The Optus website shows it now has a board of seven directors, with a majority of non-executive directors. Previously, the board was made of executives with a non-executive chair. In theory, that change should have improved governance at Optus.
It’s not clear who is currently in charge of risk management at Optus. In June, Optus announced the appointment of a new chief security and risk officer, Pieter van der Merwe, starting later this year.
In contrast with Singtel, there is no easily available map of Optus’s organisational structure, explanation of its approach to risk management or the role that its board has in risk oversight.
After the 2023 breach, the regulator ACMA updated the national Emergency Call Service Rules for all telecommunication companies, also including Telstra and TPG. These included four new risk requirements for:
- better communication with customers and other stakeholders during an outage
- greater oversight of the 000 ecosystem
- regular systems testing
- and ensuring emergency calls can be carried by other telecommunication companies when needed.
The early signs suggest Optus did not meet these requirements, though we should wait the outcome of ACMA’s newly announced investigation to be definitive.
Optus vs Telstra on 000 failures
Telstra also had a 000 outage in March 2004. How did it fare by comparison?
Like Optus, Telstra was found to be breach of the emergency call rules, and was fined $3 million by ACMA.
However, there were three key differences:
- Telstra had a strong record of compliance with the emergency call rules, unlike Optus.
- Telstra made considerable efforts to keep the public informed during the outage, no doubt reinforced by its legal obligations to make disclosures as a public company listed on the Australian Securities Exchange.
- Telstra also took immediate actions by notifying emergency services of caller details affected by the disruption.
5 steps that would do more than sacking the boss
What does Optus need to do to avoid a third Triple Zero outage?
Five governance improvements would help – especially to deliver improved, more transparent disclosure.
- Unlike last time, Optus should publish the full report resulting from its own inquiries into this incident. This should include a list of recommendations and a timeline to action them.
- Optus should explain how it follows ACMA’s emergency service rules, including how it will manage future outages.
- Optus should carry out a root-and-branch review of its risk management generally and emergency call risks in particular.
- Optus should adopt and follow the ASX Corporate Governance Principles and Recommendations that apply to public companies, including Telstra.
- Optus needs to explain more clearly on its website how risk management is monitored by its executives and board here in Australia – not by Singtel in Singapore.
If these issues are not addressed, it may be time for the communications minister to add governance conditions on Optus’s carrier licence – which she already has the power to do.
It may be tempting to call for the chief executive to be sacked. However, doing that would let Optus looks like it’s acting, while delaying real action.
It would be better to keep the current chief executive and do what the federal government has pledged: hold Optus to account.
Helen Bird, Industry Fellow, Corporate Governance & Senior Lecturer, Swinburne Law School, Swinburne University of Technology
This article is republished from The Conversation under a Creative Commons license. Read the original article.
